Title :
SELECT triggers for data auditing
Author :
Fabbri, D. ; Ramamurthy, R. ; Kaushik, Rajashekara
Author_Institution :
Electr. Eng. & Comput. Sci., Univ. of Michigan, Ann Arbor, MI, USA
Abstract :
Auditing is a key part of the security infrastructure in a database system. While commercial database systems provide mechanisms such as triggers that can be used to track and log any changes made to “sensitive” data using UPDATE queries, they are not useful for tracking accesses to sensitive data using complex SQL queries, which is important for many applications given recent laws such as HIPAA. In this paper, we propose the notion of SELECT triggers that extends triggers to work for SELECT queries in order to facilitate data auditing. We discuss the challenges in integrating SELECT triggers in a database system including specification, semantics as well as efficient implementation techniques. We have prototyped our framework in a commercial database system and present an experimental evaluation of our framework using the TPC-H benchmark.
Keywords :
SQL; data analysis; database management systems; query processing; security of data; HIPAA; SELECT query; SELECT triggers; SQL query; TPC-H benchmark; UPDATE query; commercial database systems; data auditing; experimental evaluation; implementation techniques; security infrastructure; sensitive data; tracking accesses; Cancer; Database systems; Diseases; Security; Semantics;
Conference_Titel :
Data Engineering (ICDE), 2013 IEEE 29th International Conference on
Conference_Location :
Brisbane, QLD
Print_ISBN :
978-1-4673-4909-3
Electronic_ISBN :
1063-6382
DOI :
10.1109/ICDE.2013.6544904
