Digital societies and markets increasingly mandate consistentprocedures for the access, processing, and storage of information. Inthe United States alone, over 10,000 such regulations can be found infinancial, life sciences, health-care, and government sectors,including the Gramm-Leach-Bliley Act, Health Insurance Portabilityand Accountability Act, and Sarbanes-Oxley Act. A recurrent theme inthese regulations is the need for regulatory-compliant datamanagement as an underpinning to ensure data confidentiality, accessintegrity, and authentication; provide audit trails, guaranteeddeletion, and data migration; and deliver Write Once Read Many (WORM)assurances, essential for enforcing long-term data retention andlife-cycle policies.
In this talk, we discuss achieving strongly compliant data managementin realistic adversarial settings. Specifically, we will exploredesigns for compliant data management systems that offer guaranteeddocument retention and deletion, quick lookup, and compliantmigration, together with support for litigation holds and several keyaspects of data confidentiality. Moreover, we will discuss thebenefits of the recent advent of tamper-resistant, general-purposetrustworthy hardware that opens the door to fundamentally newassurance paradigms, e.g., by deploying this new hardware runningcertified code at the data management server. As heat-dissipationconcerns greatly limit the performance of tamper-resistantprocessors, our goal is to investigate and evaluate softwarearchitectures for leveraging a secure processor in the server stackwith minimal impact on cost and efficiency.
Radu Sion is an assistant professor of Computer Science at StonyBrook University and the director of the Network Security and AppliedCryptography Laboratory. His research focuses on data security andinformation assurance mechanisms. Collaborators and funding partnersinclude IBM Research, the IBM Cryptography Group, Motorola Labs, theCenter of Excellence in Wireless and Information Technology (CEWIT),the Stony Brook Office for the Vice-President for Research, and theNational Science Foundation.
NSAC Lab: http://crypto.cs.stonybrook.edu