GGrantIndex
← Search

TC: Small: Analysis and Privacy Tools for Enterprise Database Audit Logs

$500,000FY2009CSENSF

Regents Of The University Of Michigan - Ann Arbor, Ann Arbor MI

Investigators

Abstract

Audit logging is a fundamental component of a comprehensive data security and privacy infrastructure. It is complementary to other access control and security mechanisms, and is particularly useful for recording inappropriate data access by insiders. Recent legislation and regulatory oversight require organizations in a variety of domains to maintain audit logs tracking their use of data, and commercial database systems are beginning to provide support for automatically recording all data accesses. The first main goal of this project is to develop tools to support easy and proactive analysis of logged information. The system will leverage the strengths of both declarative queries (e.g., SQL) and statistical anomaly detection. Using the new framework, for example, rather than simply flagging incoming queries as anomalous based on a pre-trained set of profiles or rules, an analyst will be able to craft custom exploratory queries and visual representations. In support of such a tool, the research team at RPI will design and build an independent subsystem, called Splash, which extends the functionality of a relational DBMS to incorporate support for managing statistical models. Though audit logs are collected in the name of security and accountability, in certain situations the logs themselves may pose a risk to the privacy of users who access an underlying database. The second main goal of this project is to develop tools for managing the privacy risks associated with collecting and storing audit logs. Students will be engaged throughout the research program. The software will be distributed through open source software.

View original record on NSF Award Search →