Achieving Database Information Accountability in the Cloud

Abstract—Regulations and societal expectations have recently emphasized the need to mediate access to valuable databases. Fraud occurs when a person (mostly an insider) tampers illegally with a database. Data owners would like to be assured that such tampering has not occurred, or if it does, that it will be quickly discovered. The problem is exacerbated with data stored in cloud databases such as Amazon’s Relational Database Service (RDS) or Microsoft’s SQL Azure Database. In our previous work we have shown that information accountability across the enterprise is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases on extant DBMSes. We have developed a prototype audit system (DRAGOON) that employs cryptographic hashing techniques to support accountability in high-performance databases. Cloud databases present a new set of problems that make extending DRAGOON challenging. In this paper we discuss these problems and show how the DRAGOON architecture can be refined to provide a more practical and feasible information accountability solution for data stored in the cloud. I

DRAGOON: An Information Accountability System for High-Performance Databases

Abstract—Regulations and societal expectations have recently emphasized the need to mediate access to valuable databases, even access by insiders. Fraud occurs when a person, often an insider, tries to hide illegal activity. Companies would like to be assured that such tampering has not occurred, or if it does, that it will be quickly discovered and used to identify the perpetrator. At one end of the compliance spectrum lies the approach of restrictingaccess toinformation and on the other that of information accountability. We focus on effecting information accountability of data stored in high-performance databases. The demonstrated work ensures appropriate use and thus endto-end accountability of database information via a continuous assurance technology based on cryptographic hashing techniques. A prototypetamper detectionandforensic analysis system named DRAGOON was designed and implemented to determine when tampering(s) occurred and what data were tampered with. DRAGOON is scalable, customizable, and intuitive. This work will show that information accountability is a viable alternative to information restriction for ensuring the correct storage, use, and maintenance of databases on extant DBMSes. I

Temporal Implications of Database Information Accountability

Abstract—Information restriction controls access and renders records immutable; information accountability requires data transparency to easily and efficiently determine when a particular use is appropriate. Information accountability in the context of relational databases is associated with time in a surprising number of ways, as is summarized in this paper. Notarization and validation of a database exploit the temporal semantics of a transaction-time database. A corruption can be associated with multiple times. Forensic analysis determines the when: bounds on the corruption time, and the where: also specified in terms of time. These bounds are depicted in a two-dimensional corruption diagram, with both axes denoting time. The various kinds of corruption events are defined in terms of time. A parameter termed the regret interval has significant security and performance implications. Thi

Forensic Analysis of Database Tampering

Regulations and societal expectations have recently expressed the need to mediate access to valuable databases, even by insiders. One approach is tamper detection via cryptographic hashing. This paper shows how to determine when the tampering occurred, what data was tampered, and thus perhaps ultimately who did the tampering, via forensic analysis. We present four successively more sophisticated forensic analysis algorithms: the Monochromatic, RGBY, Tiled Bitmap, and a3D Algorithms, and characterize their “forensic cost ” under worst-case, best-case, and averagecase assumptions on the distribution of corruption sites. A lower bound on forensic cost is derived, with RGBY and a3D being shown optimal for a large number of corruptions. We also provide validated cost formulæ for these algorithms and recommendations for the circumstances in which each algorithm is indicated

TIMECENTER Participants

Any software made available via TIMECENTER is provided “as is ” and without any express or implied warranties, including, without limitation, the implied warranty of merchantability and fitness for a particular purpose. The TIMECENTER icon on the cover combines two “arrows. ” These “arrows ” are letters in the so-called Rune alphabet used one millennium ago by the Vikings, as well as by their precedessors and successors. The Rune alphabet (second phase) has 16 letters, all of which have angular shapes and lack horizontal lines because the primary storage medium was wood. Runes may also be found on jewelry, tools, and weapons and were perceived by many as having magic, hidden powers