Events & News
Richard Snodgrass Awarded NSF Grant
August 22, 2008
Rick Snodgrass was awarded an NSF grant entitled "III-COR Medium: Collaborative Research: Achieving Compliant Databases" for three and a half years for $196,690 (UA portion). Rick is a co-PI along with Radu Sion of Stonybrook University; the PI is Marianne Winslett of the University of Illinois at Urbana-Champaign.
This research complements the existing market for compliance storage servers, which guarantee that data are not overwritten before the end of their mandatory retention period. These servers are intended for preserving unstructured and semi-structured data at a file-level granularity---email, spreadsheets, reports, instant messages. In this research we will develop and explore a DBMS architecture that supports a spectrum of approaches to regulatory compliance, each appropriate for a particular domain, and each with different tradeoffs between security and efficiency. The key challenge of this work is to provide compliance assurances for the DBMS, even against insiders with superuser powers, while balancing the need for trustworthiness against the conflicting requirements for high performance and low cost. To meet this need, our architecture will provide tunable tradeoffs between security and performance, through a spectrum of techniques ranging from tamper detection to tamper prevention for data, indexes, logs, and metadata; tunable vulnerability windows; tunable granularities of protection; careful use of magnetic disk as a cache; judicious use of secure coprocessors on the DBMS platform and compliance storage server platform; a block-based compliance storage server; and judicious retargeting of an on-disk encryption unit.
This research extends Rick's prior work in tamper detection in databases, which has resulted in papers in SIGMOD, VLDB, and ACM TODS. http://www.cs.arizona.edu/projects/tau/tbdb/