An architecture for regulatory compliant database management

Soumyadeb Mitra, Marianne Winslett, Richard Thomas Snodgrass, Shashank Yaduvanshi, Sumedh Ambokar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

Original languageEnglish (US)
Title of host publicationProceedings - International Conference on Data Engineering
Pages162-173
Number of pages12
DOIs
StatePublished - 2009
Event25th IEEE International Conference on Data Engineering, ICDE 2009 - Shanghai, China
Duration: Mar 29 2009Apr 2 2009

Other

Other25th IEEE International Conference on Data Engineering, ICDE 2009
CountryChina
CityShanghai
Period3/29/094/2/09

Fingerprint

Servers
Spreadsheets
Electronic mail
Processing
Experiments
Compliance

ASJC Scopus subject areas

  • Information Systems
  • Signal Processing
  • Software

Cite this

Mitra, S., Winslett, M., Snodgrass, R. T., Yaduvanshi, S., & Ambokar, S. (2009). An architecture for regulatory compliant database management. In Proceedings - International Conference on Data Engineering (pp. 162-173). [4812400] https://doi.org/10.1109/ICDE.2009.69

An architecture for regulatory compliant database management. / Mitra, Soumyadeb; Winslett, Marianne; Snodgrass, Richard Thomas; Yaduvanshi, Shashank; Ambokar, Sumedh.

Proceedings - International Conference on Data Engineering. 2009. p. 162-173 4812400.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Mitra, S, Winslett, M, Snodgrass, RT, Yaduvanshi, S & Ambokar, S 2009, An architecture for regulatory compliant database management. in Proceedings - International Conference on Data Engineering., 4812400, pp. 162-173, 25th IEEE International Conference on Data Engineering, ICDE 2009, Shanghai, China, 3/29/09. https://doi.org/10.1109/ICDE.2009.69
Mitra S, Winslett M, Snodgrass RT, Yaduvanshi S, Ambokar S. An architecture for regulatory compliant database management. In Proceedings - International Conference on Data Engineering. 2009. p. 162-173. 4812400 https://doi.org/10.1109/ICDE.2009.69
Mitra, Soumyadeb ; Winslett, Marianne ; Snodgrass, Richard Thomas ; Yaduvanshi, Shashank ; Ambokar, Sumedh. / An architecture for regulatory compliant database management. Proceedings - International Conference on Data Engineering. 2009. pp. 162-173
@inproceedings{96a32d20a67240efaf3f0c8a5778f53a,
title = "An architecture for regulatory compliant database management",
abstract = "Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10{\%} in typical configurations.",
author = "Soumyadeb Mitra and Marianne Winslett and Snodgrass, {Richard Thomas} and Shashank Yaduvanshi and Sumedh Ambokar",
year = "2009",
doi = "10.1109/ICDE.2009.69",
language = "English (US)",
isbn = "9780769535456",
pages = "162--173",
booktitle = "Proceedings - International Conference on Data Engineering",

}

TY - GEN

T1 - An architecture for regulatory compliant database management

AU - Mitra, Soumyadeb

AU - Winslett, Marianne

AU - Snodgrass, Richard Thomas

AU - Yaduvanshi, Shashank

AU - Ambokar, Sumedh

PY - 2009

Y1 - 2009

N2 - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

AB - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

UR - http://www.scopus.com/inward/record.url?scp=67649646394&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649646394&partnerID=8YFLogxK

U2 - 10.1109/ICDE.2009.69

DO - 10.1109/ICDE.2009.69

M3 - Conference contribution

AN - SCOPUS:67649646394

SN - 9780769535456

SP - 162

EP - 173

BT - Proceedings - International Conference on Data Engineering

ER -