Achieving database information accountability in the cloud

Kyriacos E. Pavlou, Richard T. Snodgrass

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Regulations and societal expectations have recently emphasized the need to mediate access to valuable databases. Fraud occurs when a person (mostly an insider) tampers illegally with a database. Data owners would like to be assured that such tampering has not occurred, or if it does, that it will be quickly discovered. The problem is exacerbated with data stored in cloud databases such as Amazon's Relational Database Service (RDS) or Microsoft's SQL Azure Database. In our previous work we have shown that information accountability across the enterprise is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases on extant DBMSes. We have developed a prototype audit system (DRAGOON) that employs cryptographic hashing techniques to support accountability in high-performance databases. Cloud databases present a new set of problems that make extending DRAGOON challenging. In this paper we discuss these problems and show how the DRAGOON architecture can be refined to provide a more practical and feasible information accountability solution for data stored in the cloud.

Original languageEnglish (US)
Title of host publicationProceedings - 2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012
Pages147-150
Number of pages4
DOIs
StatePublished - Nov 19 2012
Event2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012 - Arlington, VA, United States
Duration: Apr 1 2012Apr 5 2012

Publication series

NameProceedings - 2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012

Other

Other2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012
CountryUnited States
CityArlington, VA
Period4/1/124/5/12

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Achieving database information accountability in the cloud'. Together they form a unique fingerprint.

  • Cite this

    Pavlou, K. E., & Snodgrass, R. T. (2012). Achieving database information accountability in the cloud. In Proceedings - 2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012 (pp. 147-150). [6313672] (Proceedings - 2012 IEEE 28th International Conference on Data Engineering Workshops, ICDEW 2012). https://doi.org/10.1109/ICDEW.2012.37