|
Award Abstract #0803197
III-COR Medium: Collaborative Research: Achieving Compliant Databases
| NSF Org: |
IIS
Division of Information & Intelligent Systems
|
|
|
| Initial Amendment Date: |
August 6, 2008 |
|
| Latest Amendment Date: |
August 31, 2009 |
|
| Award Number: |
0803197 |
|
| Award Instrument: |
Continuing grant |
|
| Program Manager: |
Gia-Loi Le Gruenwald
IIS Division of Information & Intelligent Systems
CSE Directorate for Computer & Information Science & Engineering
|
|
| Start Date: |
September 1, 2008 |
|
| Expires: |
August 31, 2010 (Estimated) |
|
| Awarded Amount to Date: |
$152344 |
|
| Investigator(s): |
Radu Sion sion@cs.stonybrook.edu (Principal Investigator)
|
|
| Sponsor: |
SUNY at Stony Brook
WEST 5510 FRK MEL LIB
STONY BROOK, NY 11794 631/632-9949
|
|
| NSF Program(s): |
INFO INTEGRATION & INFORMATICS,
COLLABORATIVE RESEARCH
|
|
| Field Application(s): |
|
|
| Program Reference Code(s): |
HPCC, 9216, 9102, 7364, 5979, 5936
|
|
| Program Element Code(s): |
7364, 7298
|
ABSTRACT
Spurred by financial scandals and privacy concerns, governments worldwide have moved to ensure confidence in digital records by regulating their retention and deletion. The goal of this project is to develop and explore a database management system (DBMS) architecture that supports a spectrum of approaches to regulatory compliance, thereby extending the level of protection afforded by conventional file-based compliance storage servers to the vast amounts of structured data residing in databases. The key challenge of this work is to provide compliance assurances for the DBMS, even against insiders with super-user powers, while balancing the need for trustworthiness against the conflicting requirements for scalable performance guarantees and low cost. The resulting architecture provides tunable tradeoffs between security and performance, through a spectrum of techniques ranging from tamper detection to tamper prevention for data, indexes, logs, and metadata; tunable vulnerability windows; tunable granularities of protection; careful use of magnetic disk as a cache and of secure coprocessors on the DBMS platform and compliance storage server platform; and judicious retargeting of an on-disk encryption unit.
This work enables compliance laws to be applied to business, government, and personal data now stored in databases, increasing societal confidence in such data. A new web course on compliance data management will raise the computer science community's awareness of compliance issues and will help train a new generation of professionals cognizant of these challenges and solutions. The software prototypes and technical papers describing them will be disseminated through the project's web site http://web.crypto.cs.sunysb.edu/cdb/
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
R. Hasan, R. Sion, M. Winslett. "Secure Provenance: Protecting the Genealogy of Bits," ;login: The USENIX Magazine, 2009.
R. Hasan, R. Sion, M. Winslett. "Remembrance: The Unbearable Sentience of Being Digital," Conference on Innovative Data Systems Research, 2009.
R. Hasan, R. Sion, M. Winslett. "The Case of the Fake Picasso: Preventing History Forgery with Secure Provenance," USENIX Conference on File and Storage Technologies FAST, 2009.
Please report errors in award information by writing to: awardsearch@nsf.gov.
|
