September 2024
·
5 Reads
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
September 2024
·
5 Reads
August 2024
·
3 Reads
August 2024
·
1 Read
May 2024
August 2023
·
703 Reads
·
3 Citations
Lecture Notes in Computer Science
From the United States’ Health Insurance Portability and Accountability Act (HIPAA) to the European Union’s General Data Protection Regulation (GDPR), there has been an increased focus on individual data privacy protection. Because multiple enforcement agencies (such as legal entities and external governing bodies) have jurisdiction over data governance, it is possible for the same data value to be subject to multiple (and potentially conflicting) policies. As a result, managing and enforcing all applicable legal requirements has become a complex task. In this paper, we present a comprehensive overview of the steps to integrating data retention and purging into a database management system (DBMS). We describe the changes necessary at each step of the data lifecycle management, the minimum functionality that any DBMS (relational or NoSQL) must support, and the guarantees provided by this system. Our proposed solution is 1) completely transparent from the perspective of the DBMS user; 2) requires only a minimal amount of tuning by the database administrator; 3) imposes a negligible performance overhead and a modest storage overhead; and 4) automates the enforcement of both retention and purging policies in the database.KeywordsDatabasesPrivacy ComplianceRetentionPurging
July 2023
·
61 Reads
Forensic Science International Digital Investigation
Cyberattacks continue to evolve and adapt to state-of-the-art security mechanisms. Therefore, it is critical for security experts to routinely inspect audit logs to detect complex security breaches. However, if a system was compromised during a cyberattack, the validity of the audit logs themselves cannot necessarily be trusted. Specifically, for a database management system (DBMS), an attacker with elevated privileges may temporarily disable the audit logs, bypassing logging altogether along with any tamperproof logging mechanisms. Thus, security experts need techniques to validate logs independent of a potentially compromised system to detect security breaches. This paper demonstrates that SQL query operations produce a repeatable set of patterns within DBMS process memory. Operations such as full table scans, index accesses, or joins each produce their own set of distinct forensic artifacts in memory. Given these known patterns, we propose that collecting forensic artifacts from a trusted memory snapshot allows one to reverse-engineer query activity and validate audit logs independent of the DBMS itself and outside the scope of a database administrator's privileges. We rely on the fact the queries must ultimately be processed in memory regardless of any security mechanisms they may have bypassed. This work is generalized to all relational DBMSes by using two representative DBMSes, Oracle and MySQL
March 2023
·
71 Reads
·
6 Citations
Forensic Science International Digital Investigation
July 2022
·
19 Reads
·
9 Citations
February 2022
·
15 Reads
·
5 Citations
Journal of Data Intelligence
Data compliance laws establish rules intended to protect privacy. These define both retention durations (how long data must be kept) and purging deadlines (when the data must be destroyed in storage). To comply with the laws and to minimize liability, companies must destroy data that must be purged or is no longer needed. However, database backups generally cannot be edited to purge ``expired'' data and erasing the entire backup is impractical. To maintain compliance, data curators need a mechanism to support targeted destruction of data in backups. In this paper, we present a cryptographic erasure framework that can purge data from across database backups. We demonstrate how different purge policies can be defined through views and enforced without violating database constraints.
August 2021
·
9 Reads
·
3 Citations
Lecture Notes in Computer Science
Compliance with data retention laws and legislation is an important aspect of data management. As new laws governing personal data management are introduced (e.g., California Consumer Privacy Act enacted in 2020) and a greater emphasis is placed on enforcing data privacy law compliance, data retention support must be an inherent part of data management systems. However, relational databases do not currently offer functionality to enforce retention compliance.
... The study employs various techniques, including the examination of local storage, log files, and the Google Chrome cache, offering insights for digital forensic analysts and researchers in the domain of social media forensics. Nissan et al. [124] present a framework for predicting database query activity from a memory snapshot. The authors use a Support Vector Machine for such prediction. ...
March 2023
Forensic Science International Digital Investigation
... In the context of public administration, protecting personal data becomes increasingly important with implementing e-government services to enhance efficiency and transparency. Strong policies for protecting personal data can encourage broader and more effective e-government adoption (Scope et al., 2022). ...
July 2022
... Retrofitting databases to make them compliant has been explored in [3,23,44,68] and new, compliant-by-construction, systems have been proposed in [41,46,64]. Frameworks to implement GDPR compliance have been explored in several prior works, especially in the context of data retention/erasure [60][61][62]66] and policies. The work in [47] explores privacy policies in large-scale cloud systems, [27] explores policy compliance in web frameworks, [73] explores compliance in operating systems, [44] builds a visual tool for managing data flow in systems, while [43] explores auditing and retention policies in databases. ...
February 2022
Journal of Data Intelligence
... So far, machine learning pipelines inside of database queries are assembled from user-defined functions [10][11][12][13][14] and operators of an extended relational algebra. This brings the model close to the data source [15] with SQL [16] as the only query language. As modern HTAP main-memory database systems such as SAP HANA [17], HyPer [18][19][20][21] and Umbra [22][23][24][25][26][27] are designed for transactional and analytical workload, this allows the latest database state to be queried [28,29]. ...
August 2020
Proceedings of the VLDB Endowment
... Wagner et al. previously abstracted DBMS memory architecture into four main areas based on DBMS documentation and database textbooks (Wagner and Rasin, 2020). In this paper, we focus on analysis of the I/O buffer and the sort area in memory. ...
September 2020
Lecture Notes in Computer Science
... DF investigators still need the necessary DF tools to investigate Database Management Systems forensic objects. Also, we require to establish a special standard for artifact storage and its mechanisms to develop advanced analysis tools for Database.[45] Operating System Forensics tools are used for recovering and gathering important information from the Operating System of the device. ...
July 2019
Digital Investigation
... Los recientes eventos relacionados con la pandemia han llevado a un intercambio descontrolado de información, con accesos masivos a sistemas, sin la implementación de controles adecuados ni la debida capacitación. Esta falta de medidas adecuadas hace que la información manejada dentro de una institución educativa sea vulnerable, subrayando la importancia de establecer controles eficientes, como marcos de trabajo o estándares internacionales [3]. ...
October 2018
... In the background of the constant development of AI technology, AI-empowered CNDBs are the trend. Nowadays, the development of CNDBs is still in its infancy, and the application of AI technologies in CNDBs is immature [2]. Without a maturity model for AI-empowered CNDBs, database developers may be confused about the application of AI technologies, and database users may be confused about selecting CNDBs. ...
October 2018
Distributed and Parallel Databases
... Nissan et al. extracted values from database memory using string searches, and then used support vector machines to determine the query operations that cached the data (Nissan et al., 2023). Our approach extracts forensic artifacts from memory snapshots using database page carving (Wagner et al., 2017b). In this paper, we borrow from the idea of page carving to extract metadata, which allows us to collect additional information beyond simple string searches. ...
August 2017
Digital Investigation
... In [20,21], we introduced the primary idea of approximate sorting to lower maintenance costs. However, these index structures do not exploit available buffer cache to sort data in main memory. ...
Reference:
On Lowering Merge Costs of an LSM Tree
June 2017