An architecture for regulatory compliant database management

Soumyadeb Mitra; Marianne Winslett; Richard Thomas Snodgrass; Shashank Yaduvanshi; Sumedh Ambokar

doi:10.1109/ICDE.2009.69

An architecture for regulatory compliant database management

Soumyadeb Mitra, Marianne Winslett, Richard Thomas Snodgrass, Shashank Yaduvanshi, Sumedh Ambokar

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

6 Citations (Scopus)

Abstract

Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

Original language	English (US)
Title of host publication	Proceedings - International Conference on Data Engineering
Pages	162-173
Number of pages	12
DOIs	https://doi.org/10.1109/ICDE.2009.69
State	Published - 2009
Event	25th IEEE International Conference on Data Engineering, ICDE 2009 - Shanghai, China Duration: Mar 29 2009 → Apr 2 2009

Other

Other	25th IEEE International Conference on Data Engineering, ICDE 2009
Country	China
City	Shanghai
Period	3/29/09 → 4/2/09

Fingerprint

Servers

Spreadsheets

Electronic mail

Processing

Experiments

Compliance

ASJC Scopus subject areas

Information Systems
Signal Processing
Software

Cite this

Mitra, S., Winslett, M., Snodgrass, R. T., Yaduvanshi, S., & Ambokar, S. (2009). An architecture for regulatory compliant database management. In Proceedings - International Conference on Data Engineering (pp. 162-173). [4812400] https://doi.org/10.1109/ICDE.2009.69

An architecture for regulatory compliant database management. / Mitra, Soumyadeb; Winslett, Marianne; Snodgrass, Richard Thomas; Yaduvanshi, Shashank; Ambokar, Sumedh.

Proceedings - International Conference on Data Engineering. 2009. p. 162-173 4812400.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Mitra, S, Winslett, M, Snodgrass, RT, Yaduvanshi, S & Ambokar, S 2009, An architecture for regulatory compliant database management. in Proceedings - International Conference on Data Engineering., 4812400, pp. 162-173, 25th IEEE International Conference on Data Engineering, ICDE 2009, Shanghai, China, 3/29/09. https://doi.org/10.1109/ICDE.2009.69

Mitra S, Winslett M, Snodgrass RT, Yaduvanshi S, Ambokar S. An architecture for regulatory compliant database management. In Proceedings - International Conference on Data Engineering. 2009. p. 162-173. 4812400 https://doi.org/10.1109/ICDE.2009.69

Mitra, Soumyadeb ; Winslett, Marianne ; Snodgrass, Richard Thomas ; Yaduvanshi, Shashank ; Ambokar, Sumedh. / An architecture for regulatory compliant database management. Proceedings - International Conference on Data Engineering. 2009. pp. 162-173

@inproceedings{96a32d20a67240efaf3f0c8a5778f53a,

title = "An architecture for regulatory compliant database management",

abstract = "Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10{\%} in typical configurations.",

author = "Soumyadeb Mitra and Marianne Winslett and Snodgrass, {Richard Thomas} and Shashank Yaduvanshi and Sumedh Ambokar",

year = "2009",

doi = "10.1109/ICDE.2009.69",

language = "English (US)",

isbn = "9780769535456",

pages = "162--173",

booktitle = "Proceedings - International Conference on Data Engineering",

}

TY - GEN

T1 - An architecture for regulatory compliant database management

AU - Mitra, Soumyadeb

AU - Winslett, Marianne

AU - Snodgrass, Richard Thomas

AU - Yaduvanshi, Shashank

AU - Ambokar, Sumedh

PY - 2009

Y1 - 2009

N2 - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

AB - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

UR - http://www.scopus.com/inward/record.url?scp=67649646394&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649646394&partnerID=8YFLogxK

U2 - 10.1109/ICDE.2009.69

DO - 10.1109/ICDE.2009.69

M3 - Conference contribution

AN - SCOPUS:67649646394

SN - 9780769535456

SP - 162

EP - 173

BT - Proceedings - International Conference on Data Engineering

ER -

Access to Document

10.1109/ICDE.2009.69