Skip to content

Brief introduction: SQLite's Virtual File System

Jump to bottom
Mats edited this page Mar 29, 2020 · 3 revisions

The Virtual File System of SQLite (VFS) serves as a layer between the file system and the SQLite database. This makes it possible to create your own implementations for various SQLite operations. Especially for non-trivial file systems or file systems with additional logic (e.g. Intel SGX Secure File API) or with synchronization mechanisms can be accessed via the SQLite library. Since SQLite is a file-based database system, the typical file functions of C must be newly implemented. In our case we will realize the integration of SGX compliant encryption and decryption of data by reimplementing the individual functions.

Due to the implementation of VFS it is possible to implement the Intel SGX operations for encryption and decryption of the database and temporary files. The binary streams from the VFS in the Enclave are passed to the Intel SGX functions for encryption and decryption.

The following diagram is an abstract representation of the VFS and Intel SGX implementation. uml_datasealing-architecture-vfs

The following contribution was used as reference implementation. using-sqlite-with-stdiostream

⛺ Return to the Homepage

📣 General Intel SGX Tutorials

🛠️ How to install Intel SGX Driver on Ubuntu

🛠️ How to install Intel SGX SDK on Ubuntu

🎯 Validate that your Intel SGX Setup is working correctly

💻 How to setup the Eclipse IDE (with SGX Plugin)

How to setup the first SGX Project

📊 How to analyse an SGX Enclave? (Installation and Usage)

📣 Executing SQLite in an SGX Enclave

🌎 Project overview

📁 Brief introduction: SQLite's Virtual File System

🌿 Workspace overview and structure

🌟 How to run the SGX SQLite Project?

Clone this wiki locally