An architecture for regulatory compliant database management

Soumyadeb Mitra; Marianne Winslett; Richard T. Snodgrass; Shashank Yaduvanshi; Sumedh Ambokar

doi:10.1109/ICDE.2009.69

An architecture for regulatory compliant database management

Soumyadeb Mitra, Marianne Winslett, Richard T. Snodgrass, Shashank Yaduvanshi, Sumedh Ambokar

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

Original language	English (US)
Title of host publication	Proceedings - 25th IEEE International Conference on Data Engineering, ICDE 2009
Pages	162-173
Number of pages	12
DOIs	https://doi.org/10.1109/ICDE.2009.69
State	Published - 2009
Externally published	Yes
Event	25th IEEE International Conference on Data Engineering, ICDE 2009 - Shanghai, China Duration: Mar 29 2009 → Apr 2 2009

Publication series

Name	Proceedings - International Conference on Data Engineering
ISSN (Print)	1084-4627

Other

Other	25th IEEE International Conference on Data Engineering, ICDE 2009
Country/Territory	China
City	Shanghai
Period	3/29/09 → 4/2/09

ASJC Scopus subject areas

Software
Signal Processing
Information Systems

Access to Document

10.1109/ICDE.2009.69

Cite this

An architecture for regulatory compliant database management. / Mitra, Soumyadeb; Winslett, Marianne; Snodgrass, Richard T. et al.
Proceedings - 25th IEEE International Conference on Data Engineering, ICDE 2009. 2009. p. 162-173 4812400 (Proceedings - International Conference on Data Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Mitra, S, Winslett, M, Snodgrass, RT, Yaduvanshi, S & Ambokar, S 2009, An architecture for regulatory compliant database management. in Proceedings - 25th IEEE International Conference on Data Engineering, ICDE 2009., 4812400, Proceedings - International Conference on Data Engineering, pp. 162-173, 25th IEEE International Conference on Data Engineering, ICDE 2009, Shanghai, China, 3/29/09. https://doi.org/10.1109/ICDE.2009.69

@inproceedings{96a32d20a67240efaf3f0c8a5778f53a,

title = "An architecture for regulatory compliant database management",

abstract = "Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.",

author = "Soumyadeb Mitra and Marianne Winslett and Snodgrass, {Richard T.} and Shashank Yaduvanshi and Sumedh Ambokar",

year = "2009",

doi = "10.1109/ICDE.2009.69",

language = "English (US)",

isbn = "9780769535456",

series = "Proceedings - International Conference on Data Engineering",

pages = "162--173",

booktitle = "Proceedings - 25th IEEE International Conference on Data Engineering, ICDE 2009",

note = "25th IEEE International Conference on Data Engineering, ICDE 2009 ; Conference date: 29-03-2009 Through 02-04-2009",

}

TY - GEN

T1 - An architecture for regulatory compliant database management

AU - Mitra, Soumyadeb

AU - Winslett, Marianne

AU - Snodgrass, Richard T.

AU - Yaduvanshi, Shashank

AU - Ambokar, Sumedh

PY - 2009

Y1 - 2009

N2 - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

AB - Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. These requirements have led to a huge market for compliance storage servers, which ensure that data are not shredded or altered before the end of their mandatory retention period. These servers preserve unstructured and semi-structured data at a file-level granularity: email, spreadsheets, reports, instant messages. In this paper, we extend this level of protection to structured data residing in relational databases. We propose a compliant DBMS architecture and two refinements that illustrate the additional security that one can gain with only a slight performance penalty, with almost no modifications to the DBMS kernel. We evaluate our proposed architecture through experiments with TPC-C on a high-performance DBMS, and show that the runtime overhead for transaction processing is approximately 10% in typical configurations.

UR - http://www.scopus.com/inward/record.url?scp=67649646394&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67649646394&partnerID=8YFLogxK

U2 - 10.1109/ICDE.2009.69

DO - 10.1109/ICDE.2009.69

M3 - Conference contribution

AN - SCOPUS:67649646394

SN - 9780769535456

T3 - Proceedings - International Conference on Data Engineering

SP - 162

EP - 173

BT - Proceedings - 25th IEEE International Conference on Data Engineering, ICDE 2009

T2 - 25th IEEE International Conference on Data Engineering, ICDE 2009

Y2 - 29 March 2009 through 2 April 2009

ER -

An architecture for regulatory compliant database management

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this