IEEE Access (Jan 2023)

Embedded Devices Security: Design and Implementation of a Light RDBMS Encryption Utilizing Multi-Core Processors

  • Mohammad Ahmed Alomari,
  • Hazleen Aris,
  • Mukhtar Ghaleb,
  • Yahya Almurtadha,
  • Gamal Abdulnaser Alkawsi,
  • Ismail Ahmad Al-Qasem Al-Hadi,
  • Yahia Baashar,
  • Khairulmizam Samsudin

DOI
https://doi.org/10.1109/ACCESS.2023.3248300
Journal volume & issue
Vol. 11
pp. 19836 – 19848

Abstract

Read online

The pervasive proliferation of embedded, mobile, and IoT devices continue to change our lifestyle dramatically. However, the huge increase in these devices has come with critical breaches to data resting inside them. Many types of such data are considered to be sensitive and confidential. Because the most sensitive data of such devices are resting in databases, focusing on encrypting SQLite databases will be more efficient than full disk encryption (FDE). While SQLite is a very popular, lightweight, and easy-to-use relational database suitable for embedded and mobile devices, its stored data suffers serious security risks. If an attacker can gain access to higher system privileges or find a way to access the database plain file, he can tamper with the database files and user-sensitive data, which breaches the security CIA triad of SQLite. To ensure data confidentiality in SQLite databases of embedded devices, we present a design and implementation of a parallel database encryption system, called SQLite-XTS. The developed system encrypts the database pages on- the-fly in a transparent manner without user intervention. Because performance is a critical issue, SQLite-XTS utilizes multi-core processors coming with most current mobile and embedded devices. The developed parallel SQLite-XTS was successfully implemented and integrated into a testbed device. To assess the performance and feasibility of this system, it was compared to three other SQLite implementations: plain SQLite, serial XTS SQLite, and SQLCipher-CBC. The results show that SQLite-XTS reduces the overhead of database encryption from 30.8% with serial implementation to 17.8% when SQLite-XTS is used. This provides the developed system with an efficiency of 73% compared with its serial counterpart. The results clarify that SQLite-XTS introduces significant performance improvements compared to other implementations. Experiments also show that the system has a very low impact on the memory of these resource-limited devices.

Keywords