Tracing the lineage of view data in a warehousing environment
ACM Transactions on Database Systems (TODS)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
IEEE/ACM Transactions on Networking (TON)
A foundation for vacuuming temporal databases
Data & Knowledge Engineering
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Threats to privacy in the forensic analysis of database systems
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Integrity auditing of outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
AuditGuard: a system for database auditing under retention restrictions
Proceedings of the VLDB Endowment
Records retention in relational database systems
Proceedings of the 17th ACM conference on Information and knowledge management
Auditing a Database under Retention Restrictions
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
An Architecture for Regulatory Compliant Database Management
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Restricted queries over an encrypted index with applications to regulatory compliance
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Implementing a tamper-evident database system
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Auditing a database under retention policies
The VLDB Journal — The International Journal on Very Large Data Bases
| Hi-index | 0.00 |
Relational databases are periodically vacuumed to remove tuples that have expired. During the discovery phase of litigation, plaintiffs ask defendants for access to information related to their case. The requested information is then subject to a litigation hold, which means that the information cannot be deleted. Vacuuming exposes a database to a new threat -- adversaries can try to thwart database auditing mechanism by masquerading an illegal tuple deletion as a vacuuming operation, and delete an unexpired tuple, or a tuple under a litigation hold. In this paper, we provide a generic framework for auditing vacuuming, augment existing database integrity audit mechanisms to support vacuuming, formalize the notion of a litigation hold, and identify key issues in the context of database systems for long-term, high-integrity records retention. Then, we propose several schemes for efficiently implementing trustworthy litigation holds. Finally, we evaluate the efficiency and tradeoffs of the different schemes using a series of experiments.