DAIS: The Database and Information Systems Laboratory at The University of Illinois at Urbana-Champaign UIUC Department of Computer Science Unversity of Illinois at Urbana-Champaign
Trust Management and Compliance Storage at UIUC

Compliance Storage Overview

Critical records, such as business communications, financial statements and medical images, are increasingly being stored in electronic form, which makes them relatively easy to clandestinely destroy and modify. Ensuring that records are not only readily accessible and accurate, but also credible and irrefutable, is particularly imperative given recent legal and regulatory trends. The US alone currently more than 10,000 such regulations (e.g. Sarbanes-Oxley Act, SEC Rule 17a-3/4, HIPPA, DOD 5015.2). The key focus of many of these regulations is to ensure that records are trustworthy. Given the extremely high stakes that could be involved in tampering with the records, the threat of intentional and inside attacks is very real. Under this threat model, the current practice of maintaining records in Write Once Read Many (WORM) storage is increasingly inadequate to ensure that the records are trustworthy, i.e. able to provide solid proof and accurate details of past events. For example, with the large volume of records and short query response time typical today, the records have to be indexed, but traditional indexing methods allow records, even those stored in WORM storage, to be effectively (logically) altered and deleted by an insider adversary. Moreover, many records have long retention periods, requiring them to be periodically migrated to new storage systems, which makes them vulnerable. The aim of this project is to develop a holistic approach to electronic record-keeping.

People

All e-mail addresses are in the cs.uiuc.edu domain unless noted otherwise.

Principal Investigators:

Primary Student Contact: Soumyadeb Mitra (mitra1)

Graduate Students:

  • Soumyadeb Mitra (mitra1)

Return to top