A glossary of temporal database concepts
ACM SIGMOD Record
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Developing time-oriented database applications in SQL
Developing time-oriented database applications in SQL
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Transaction Time Support Inside a Database Engine
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Taming Compliance with Sarbanes-Oxley Internal Controls Using Database Technology
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Integrity auditing of outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Records retention in relational database systems
Proceedings of the 17th ACM conference on Information and knowledge management
Auditing a Database under Retention Restrictions
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
An Architecture for Regulatory Compliant Database Management
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
A new paradigm for collision-free hashing: incrementality at reduced cost
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Implementing a tamper-evident database system
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
The power of data use management in action
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Generalizing database forensics
ACM Transactions on Database Systems (TODS)
| Hi-index | 0.00 |
The Sarbanes-Oxley Act inspired research on long-term high-integrity retention of business records, leveraging the immutability guarantees that WORM storage servers offer for files. In this paper, we present the transaction log on WORM (TLOW) approach for supporting long-term immutability for relational tuples. TLOW stores the transaction log on WORM and uses an audit helper (AH) add-on to continuously perform audit-related activities without compromising transaction performance or audit trustworthiness. TLOW imposes only 1-11% runtime overhead on TPC-C transactions, much less than previously proposed approaches, and does not require DBMS kernel changes. TLOW audits are extremely fast, e.g., two hours to audit a year of continuous TPC-C activity, versus 10 days for previously proposed approaches. This opens up the possibility of real-time internal audits that can detect fraudulent activity before its effects propagate throughout an enterprise. We also provide a proof of correctness for TLOW, which exposes a subtle threat that affects the correctness of previously proposed approaches.