loading page

BiTDB: Constructing A Built-in TEE Secure Database for Embedded Systems
  • +4
  • Chengyan Ma,
  • Di Lu,
  • Chaoyue Lv,
  • Ning Xi,
  • Xiaohong Jiang,
  • Yulong Shen,
  • Jiangfen Ma
Chengyan Ma
Xidian University
Author Profile
Di Lu
Xidian University

Corresponding Author:[email protected]

Author Profile
Chaoyue Lv
Xidian University
Author Profile
Ning Xi
Xidian University
Author Profile
Xiaohong Jiang
Future University Hakodate
Author Profile
Yulong Shen
Xidian University
Author Profile
Jiangfen Ma
Xidian University
Author Profile

Abstract

In this paper, we propose BiTDB, a built-in Trusted Execution Environment (TEE) database for embedded systems, to realize higher system availability while ensuring data confidentiality. With BiTDB, dilemmas the state-of-the-art research work on secure embedded databases has to face can be significantly reduced and eliminated, including (i) complicated research and realization on searchable encryption algorithms (SEA), (ii) limited support to all database operations, and (iii) almost none of specific design and optimizations toward build-in TEE embedded databases. Through BiTDB, all database operations can process plaintext in TEE instead of retrieving on ciphertext by developing complicated SEAs. To enable BiTDB to handle database files in Rich Execution Environmen (REE) as local ones, we extend the TEE OS with generic file I/O libraries. Then, we contribute three critical optimizations to significantly reduce redundant memory and file operations between TEE and REE, and BiTDB achieve better system performance and availability in embedded systems. Finally, we have implemented the prototype system based on OP-TEE and SQLite for several typical platforms, including virtualization and hardware environments. The TPC-H test shows BiTDB can achieve 85% (on average) of the original database performance while guaranteeing data confidentiality and integrity. Our project repository is at https://github.com/CharlieMCY/BiTDB.
26 Mar 2024Submitted to TechRxiv
30 Mar 2024Published in TechRxiv
2024Published in IEEE Transactions on Knowledge and Data Engineering on pages 1-13. 10.1109/TKDE.2024.3380367