CryptSQLite: Protecting Data Confidentiality of SQLite with Intel SGX

被引：18

作者：

Wang, Yongzhi ^{[1
]}

Liu, Lingtong ^{[1
]}

Su, Cuicui ^{[1
]}

Ma, Jiawen ^{[1
]}

Wang, Lei ^{[1
]}

Yang, Yibo ^{[1
]}

Shen, Yulong ^{[1
]}

Li, Guangxia ^{[1
]}

Zhang, Tao ^{[1
]}

Dong, Xuewen ^{[1
]}

机构：

[1] Xidian Univ, Sch Comp Sci & Technol, Xian 710071, Shaanxi, Peoples R China

来源：

2017 INTERNATIONAL CONFERENCE ON NETWORKING AND NETWORK APPLICATIONS (NANA) | 2017年

基金：

中国国家自然科学基金;

关键词：

Database Security; Data Confidentiality; SGX; SQLite;

D O I：

10.1109/NaNA.2017.48

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Protecting data confidentiality for database systems is a critical but challenging problem. In this paper, we propose a novel architecture to address this problem by combining Intel Software Guard Extensions (SGX) technology and the symmetric encryption scheme. Based on the proposed architecture, we use SQLite, a lightweight database system, as a study case and propose CryptSQLite to protect its data confidentiality. Our security analysis showed that CryptSQLite can protect the data confidentiality against attacks from outside attackers, malicious insiders, and malicious neighboring users. We further developed a prototype system based on the design. Our experimental results showed that CryptSQLite is a viable solution and incurs a moderate performance overhead.

引用

页码：303 / 308

页数：6

共 50 条

[1] CFHider: Protecting Control Flow Confidentiality With Intel SGX
Wang, Yongzhi
Zou, Yu
Shen, Yulong
Liu, Yao
[J]. IEEE TRANSACTIONS ON COMPUTERS, 2022, 71 (09) : 2128 - 2141
[2] CryptSQLite: SQLite With High Data Security
Wang, Yongzhi
Shen, Yulong
Su, Cuicui
Ma, Jiawen
Liu, Lingtong
Dong, Xuewen
[J]. IEEE TRANSACTIONS ON COMPUTERS, 2020, 69 (05) : 666 - 678
[3] Use of Intel SGX to ensure the confidentiality of data of cloud users
Zegzhda D.P.
Usov E.S.
Nikol’skii A.V.
Pavlenko E.Y.
[J]. Automatic Control and Computer Sciences, 2017, 51 (8) : 848 - 854
[4] Protecting OpenFlow using Intel SGX
Medina, Jorge
Paladi, Nicolae
Arlos, Patrik
[J]. 2019 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORKS (IEEE NFV-SDN), 2019,
[5] Protecting OpenFlow Flow Tables with Intel SGX
Paladi, Nicolae
Svenningsson, Jakob
Medina, Jorge
Arlos, Patrik
[J]. PROCEEDINGS OF THE 2019 ACM SIGCOMM CONFERENCE POSTERS AND DEMOS (SIGCOMM '19), 2019, : 146 - 147
[6] UniGuard: Protecting Unikernels using Intel SGX
Sfyrakis, Ioannis
Gross, Thomas
[J]. 2018 IEEE INTERNATIONAL CONFERENCE ON CLOUD ENGINEERING (IC2E 2018), 2018, : 99 - 105
[7] Practical hybrid confidentiality-based analytics framework with Intel SGX
Alabdulatif, Abdulatif
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2021, 181
[8] SGXPy: Protecting Integrity of Python']Python Applications with Intel SGX
Zhang, Denghui
Wang, Guosai
Xu, Wei
Gao, Kevin
[J]. 2019 26TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC), 2019, : 418 - 425
[9] Data Oblivious Genome Variants Search on Intel SGX
Mandal, Avradip
Mitchell, John C.
Montgomery, Hart
Roy, Arnab
[J]. DATA PRIVACY MANAGEMENT, CRYPTOCURRENCIES AND BLOCKCHAIN TECHNOLOGY, 2018, 11025 : 296 - 310
[10] OBLIVIATE: A Data Oblivious File System for Intel SGX
Ahmad, Adil
Kim, Kyungtae
Sarfaraz, Muhammad Ihsanulhaq
Lee, Byoungyoung
[J]. 25TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2018), 2018,

← 1 2 3 4 5 →