Partitioned storage for temporal databases
Information Systems
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Separating key management from file system security
Proceedings of the seventeenth ACM symposium on Operating systems principles
Concrete Math
Investigative Data Mining for Security and Criminal Detection
Investigative Data Mining for Security and Criminal Detection
Temporal Specialization and Generalization
IEEE Transactions on Knowledge and Data Engineering
Computer Systems Validation: Quality Assurance, Risk Management, and Regulatory Compliance for Pharmaceutical and Healt
Ivy: a read/write peer-to-peer file system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Fossilized index: the linchpin of trustworthy non-alterable electronic records
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Immortal DB: transaction time support for SQL server
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Forensic analysis of database tampering
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Windows Forensics and Incident Recovery (The Addison-Wesley Microsoft Technology Series)
Windows Forensics and Incident Recovery (The Addison-Wesley Microsoft Technology Series)
Enabling the 21st century health care information technology revolution
Communications of the ACM - Spam and the ongoing battle for the inbox
Threats to privacy in the forensic analysis of database systems
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Fast and secure distributed read-only file system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Indexing information for data forensics
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
A collaborative monitoring mechanism for making a multitenant platform accountable
HotCloud'10 Proceedings of the 2nd USENIX conference on Hot topics in cloud computing
Building disclosure risk aware query optimizers for relational databases
Proceedings of the VLDB Endowment
The Foundations for Provenance on the Web
Foundations and Trends in Web Science
2010 Information Security Curriculum Development Conference
Using the structure of B+-trees for enhancing logging mechanisms of databases
Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
The effective method of database server forensics on the enterprise environment
Security and Communication Networks
Generalizing database forensics
ACM Transactions on Database Systems (TODS)
| Hi-index | 0.00 |
Regulations and societal expectations have recently expressed the need to mediate access to valuable databases, even by insiders. One approach is tamper detection via cryptographic hashing. This article shows how to determine when the tampering occurred, what data was tampered with, and perhaps, ultimately, who did the tampering, via forensic analysis. We present four successively more sophisticated forensic analysis algorithms: the Monochromatic, RGBY, Tiled Bitmap, and a3D algorithms, and characterize their “forensic cost” under worst-case, best-case, and average-case assumptions on the distribution of corruption sites. A lower bound on forensic cost is derived, with RGBY and a3D being shown optimal for a large number of corruptions. We also provide validated cost formulæ for these algorithms and recommendations for the circumstances in which each algorithm is indicated.