Persistent Link:
http://hdl.handle.net/10150/204609
Title:
Database Forensics in the Service of Information Accountability
Author:
Pavlou, Kyriacos
Affiliation:
Department of Computer Science
Issue Date:
2011-11-04
Rights:
Copyright © is held by the author. 
Collection Information:
This item is part of the GPSC Student Showcase collection. For more information about the Student Showcase, please email the GPSC (Graduate and Professional Student Council) at gpsc@email.arizona.edu.
Abstract:
Regulations and societal expectations have recently expressed the need to mediate access to valuable databases, even by insiders. At one end of the spectrum is the approach of restricting access to information and on the other that of information accountability. The focus of the proposed work is effecting information accountability of data stored in databases. One way to ensure appropriate use and thus end-to-end accountability of such information is tamper detection in databases via a continuous assurance technology based on cryptographic hashing. In our current research we are working to show how to develop the necessary approaches and ideas to support accountability in high performance databases. This will include the design of a reference architecture for information accountability and several of its variants, the development of forensic analysis algorithms and their cost model, and a systematic formulation of forensic analysis for determining when the tampering occurred and what data were tampered with. Finally, for privacy, we would like to create mechanisms for allowing as well as (temporarily) preventing the physical deletion of records in a monitored database. In order to evaluate our ideas we will design and implement an integrated tamper detection and forensic analysis system. This work will show that information accountability is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases.
Description:
Poster won first place in the graduate division of Physical Sciences, Mathematics, Computer Engineering and Computer Science at GPSC Student Showcase 2011.
Keywords:
information accountability; security; database tamper detection; database forensics
Advisor:
Snodgrass, Richard
Sponsors:
Funded by NSF grants IIS-0415101 and IIS-0803229 and a grant from Surety, LLC.

Full metadata record

DC FieldValue Language
dc.contributor.advisorSnodgrass, Richarden_US
dc.contributor.authorPavlou, Kyriacosen_US
dc.date.accessioned2012-01-25T07:20:25Z-
dc.date.available2012-01-25T07:20:25Z-
dc.date.issued2011-11-04-
dc.identifier.urihttp://hdl.handle.net/10150/204609-
dc.descriptionPoster won first place in the graduate division of Physical Sciences, Mathematics, Computer Engineering and Computer Science at GPSC Student Showcase 2011.en_US
dc.description.abstractRegulations and societal expectations have recently expressed the need to mediate access to valuable databases, even by insiders. At one end of the spectrum is the approach of restricting access to information and on the other that of information accountability. The focus of the proposed work is effecting information accountability of data stored in databases. One way to ensure appropriate use and thus end-to-end accountability of such information is tamper detection in databases via a continuous assurance technology based on cryptographic hashing. In our current research we are working to show how to develop the necessary approaches and ideas to support accountability in high performance databases. This will include the design of a reference architecture for information accountability and several of its variants, the development of forensic analysis algorithms and their cost model, and a systematic formulation of forensic analysis for determining when the tampering occurred and what data were tampered with. Finally, for privacy, we would like to create mechanisms for allowing as well as (temporarily) preventing the physical deletion of records in a monitored database. In order to evaluate our ideas we will design and implement an integrated tamper detection and forensic analysis system. This work will show that information accountability is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases.en_US
dc.description.sponsorshipFunded by NSF grants IIS-0415101 and IIS-0803229 and a grant from Surety, LLC.en_US
dc.language.isoen_USen_US
dc.rightsCopyright © is held by the author. -
dc.subjectinformation accountabilityen_US
dc.subjectsecurityen_US
dc.subjectdatabase tamper detectionen_US
dc.subjectdatabase forensicsen_US
dc.titleDatabase Forensics in the Service of Information Accountabilityen_US
dc.contributor.departmentDepartment of Computer Scienceen_US
dc.description.collectioninformationThis item is part of the GPSC Student Showcase collection. For more information about the Student Showcase, please email the GPSC (Graduate and Professional Student Council) at gpsc@email.arizona.edu.en_US
All Items in UA Campus Repository are protected by copyright, with all rights reserved, unless otherwise indicated.