Project Description

Audit logging is a fundamental component of a comprehensive data security and privacy infrastructure.  It is complementary to other access control and security mechanisms, and is particularly useful for recording inappropriate data access by insiders.  Recent legislation and regulatory oversight require organizations in a variety of domains to maintain audit logs tracking their use of data, and commercial database systems are beginning to provide support for automatically recording all data accesses.


The first main goal of this project is to develop tools to support easy proactive and reactive analysis of logged information.  The system will leverage the strengths of both declarative queries (e.g., SQL) and statistical anomaly detection. Using the new framework, for example, rather than simply flagging incoming queries as anomalous based on a pre-trained set of profiles or rules, an analyst will be able to craft custom queries.  In support of such a tool, we will design and build an independent subsystem, called Splash, which extends the functionality of a relational DBMS to incorporate support for managing statistical models.


Though audit logs are collected in the name of security and accountability, in certain situations the logs themselves may pose a risk to the privacy of users who access an underlying database.  The second main goal of this project is to develop tools for managing the privacy risks associated with collecting and storing audit logs.


Project Team

Kristen LeFevre (PI)

Daniel Fabbri (Ph.D. student)

Lujun Fang (Ph.D. student)


Former Members:

Xunjia Lu (undergraduate student)

Manish Singh (graduate student)


Publications

Daniel Fabbri, Kristen LeFevre, and David Hanauer.  Explaining Accesses to Electronic Health Records.  SIGKDD Workshop on Data Mining for Medicine and Healthcare, 2011.


Daniel Fabbri, Kristen LeFevre, and Qiang Zhu.  PolicyReplay: Misconfiguration-Response Queries for Data Breach Reporting.  VLDB, 2010.  (pdf)


Lujun Fang and Kristen LeFevre.  Splash: Ad-Hoc Querying of Data and Statistical Models.  EDBT, 2010.  (pdf)


Jing Zhang, Adriane Chapman, and Kristen LeFevre.  Do You Know where Your Data’s Been? -- Tamper-Evident Database Provenance.  VLDB Workshop on Secure Data Management, 2009.  (pdf)


Support

This project is supported by National Science Foundation Grant CNS-0915782 and a grant from the Horace H. Rackham Graduate School.      

 

Analysis and Privacy Tools for Enterprise Database Audit Logs