Skip to content

Brief introduction: SQLite's Virtual File System

Jump to bottom
Mats edited this page Mar 29, 2020 · 3 revisions

📣 General

The Virtual File System of SQLite (VFS) serves as a layer between the file system and the SQLite database. This makes it possible to create your own implementations for various SQLite operations. Especially for non-trivial file systems or file systems with additional logic (e.g. Intel SGX Secure File API) or with synchronization mechanisms can be accessed via the SQLite library. Since SQLite is a file-based database system, the typical file functions of C must be newly implemented. In our case we will realize the integration of SGX compliant encryption and decryption of data by reimplementing the individual functions.

For SQLite logic, the VFS abstraction makes it look like a normal file system. Hidden for the library, the encryption and decryption operations are performed by Intel's SGX Secure File API.

The following sequence diagram contains a sketch of an early planning phase that explains the basic idea in an understandable way. uml_datasealing-architecture-vfs

For the implementation it was necessary to understand the overall structure. Therefore we thank the helpful reference implementation of Tomaka17 on StackOverflow, see using-sqlite-with-stdiostream.

⛺ Return to the Homepage

📣 General Intel SGX Tutorials

🛠️ How to install Intel SGX Driver on Ubuntu

🛠️ How to install Intel SGX SDK on Ubuntu

🎯 Validate that your Intel SGX Setup is working correctly

💻 How to setup the Eclipse IDE (with SGX Plugin)

How to setup the first SGX Project

📊 How to analyse an SGX Enclave? (Installation and Usage)

📣 Executing SQLite in an SGX Enclave

🌎 Project overview

📁 Brief introduction: SQLite's Virtual File System

🌿 Workspace overview and structure

🌟 How to run the SGX SQLite Project?

Clone this wiki locally