Flores Armas, Denys and Jhumka, Arshad (2019) Hybrid logical clocks for database forensics : filling the gap between chain of custody and database auditing. In: 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications , Rotorua, New Zealand, 5-8 Aug 2019. Published in: 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) ISBN 9781728127774. doi:10.1109/TrustCom/BigDataSE.2019.00038 (In Press)

Preview

PDF WRAP-hybrid-logical-clocks-database-forensics-Jhumka-2019.pdf - Accepted Version - Requires a PDF viewer. Download (4Mb) | Preview

Request Changes to record.

Abstract

Database audit records are important for investigating suspicious actions against transactional databases. Their admissibility as digital evidence depends on satisfying Chain of Custody (CoC) properties during their generation, collection and preservation in order to prevent their modification, guarantee action accountability, and allow third-party verification. However, their production has relied on auditing capabilities provided by commercial database systems which may not be effective if malicious users (or insiders) misuse their privileges to disable audit controls, and compromise their admissibility. Hence, in this paper, we propose a forensically-aware distributed database architecture that implements CoC properties as functional requirements to produce admissible audit records. The novelty of our proposal is the use of hybrid logical clocks, which compared with a previous centralised vector-clock architecture, has evident advantages as it (i) allows for more accurate provenance and causality tracking of insider actions, (ii) is more scalable in terms of system size, and (iii) although latency is higher (as expected in distributed environments), 70 per cent of user transactions are executed within acceptable latency intervals.

Item Type:	Conference Item (Paper)
Subjects:	Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software
Divisions:	Faculty of Science > Computer Science
Library of Congress Subject Headings (LCSH):	Computer crimes -- Investigation, Evidence preservation --- Standards, Computer science
Journal or Publication Title:	2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
Publisher:	IEEE
ISBN:	9781728127774
Official Date:	31 October 2019
Dates:	Date Event 31 October 2019 Published 3 May 2019 Accepted
Date of first compliant deposit:	23 July 2019
DOI:	10.1109/TrustCom/BigDataSE.2019.00038
Status:	Peer Reviewed
Publication Status:	In Press
Publisher Statement:	© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Access rights to Published version:	Restricted or Subscription Access
RIOXX Funder/Project Grant:	Project/Grant ID RIOXX Funder Name Funder ID 043-CIBAE-2015. Ecuador.‏ Secretaría de Educación Superior, Ciencia, Tecnología e Innovación‏ http://viaf.org/viaf/313498219
Conference Paper Type:	Paper
Title of Event:	18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Type of Event:	Conference
Location of Event:	Rotorua, New Zealand
Date(s) of Event:	5-8 Aug 2019
Related URLs:	Organisation

Request changes or add full text files to a record

Repository staff actions (login required)

View Item

Downloads