Trustworthy vacuuming and litigation holds in long-term high-integrity records retention
Proceedings of the 13th International Conference on Extending Database Technology
Efficient audit-based compliance for relational data retention
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Generalizing database forensics
ACM Transactions on Database Systems (TODS)
| Hi-index | 0.00 |
Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10\% in typical configurations.