Efficient audit-based compliance for relational data retention

The Sarbanes-Oxley Act inspired research on long-term high-integrity retention of business records, leveraging the immutability guarantees that WORM storage servers offer for files. In this paper, we present the transaction log on WORM (TLOW) approach for supporting long-term immutability for relational tuples. TLOW stores the transaction log on WORM and uses an audit helper (AH) add-on to continuously perform audit-related activities without compromising transaction performance or audit trustworthiness. TLOW imposes only 1-11% runtime overhead on TPC-C transactions, much less than previously proposed approaches, and does not require DBMS kernel changes. TLOW audits are extremely fast, e.g., two hours to audit a year of continuous TPC-C activity, versus 10 days for previously proposed approaches. This opens up the possibility of real-time internal audits that can detect fraudulent activity before its effects propagate throughout an enterprise. We also provide a proof of correctness for TLOW, which exposes a subtle threat that affects the correctness of previously proposed approaches.

[1]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[2]  Richard T. Snodgrass,et al.  Developing Time-Oriented Database Applications in SQL , 1999 .

[3]  Mohamed F. Mokbel,et al.  Transaction Time Support Inside a Database Engine , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[4]  Robert Tappan Morris,et al.  USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .

[5]  Radu Sion,et al.  Query Execution Assurance for Outsourced Databases , 2005, VLDB.

[6]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.

[7]  Christian S. Collberg,et al.  Tamper Detection in Audit Logs , 2004, VLDB.

[8]  Marianne Winslett,et al.  An Architecture for Regulatory Compliant Database Management , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[9]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[10]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[11]  David B. Lomet,et al.  The performance of a multiversion access method , 1990, SIGMOD '90.

[12]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[13]  Ramez Elmasri,et al.  The Consensus Glossary of Temporal Database Concepts - February 1998 Version , 1997, Temporal Databases, Dagstuhl.

[14]  Ramez Elmasri,et al.  A consensus glossary of temporal database concepts , 1994, SGMD.

[15]  Frank Wm. Tompa,et al.  Records retention in relational database systems , 2008, CIKM '08.

[16]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003 .

[17]  Frank Leymann,et al.  Taming Compliance with Sarbanes-Oxley Internal Controls Using Database Technology , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[18]  Gerome Miklau,et al.  Auditing a Database under Retention Restrictions , 2009, 2009 IEEE 25th International Conference on Data Engineering.

[19]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[20]  Gerome Miklau,et al.  Threats to privacy in the forensic analysis of database systems , 2007, SIGMOD '07.

[21]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[22]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[23]  Dan Suciu,et al.  Implementing a Tamper-Evident Database System , 2005, ASIAN.

[24]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[25]  Arie Segev,et al.  A glossary of temporal database concepts , 1992, SGMD.

[26]  Arie Segev,et al.  A consensus glossary of temporal database concepts , 1994, SIGMOD 1994.

[27]  Michael Stonebraker,et al.  The Design of the POSTGRES Storage System , 1988, VLDB.