Colloquium Speaker

Speaker: 
 Radu Sion, Network Security and Applied Cryptography Lab Stony Brook University
Topic: 
Towards Regulatory Compliance in Data Management
Date: Tuesday, October 23, 2007
Time: 11:00 AM
Place: Gould-Simpson, Room 906
Light Refreshments will be served in the 9th floor atrium of Gould-Simpson at 10:45 AM

Abstract

Digital societies and markets increasingly mandate consistent procedures for the access, processing and storage of information. In the United States alone, over 10,000 such regulations can be found in financial, life sciences, health-care and government sectors, including the Gramm- Leach-Bliley Act, Health Insurance Portability and Accountability Act, and Sarbanes-Oxley Act. A recurrent theme in these regulations is the need for regulatory-compliant data management as an underpinning to ensure data confidentiality, access integrity and authentication; provide audit trails, guaranteed deletion, and data migration; and deliver Write Once Read Many (WORM) assurances, essential for enforcing long-term data retention and life-cycle policies.

In this talk, we discuss achieving strongly compliant data management in realistic adversarial settings. Specifically, we will explore designs for compliant data management systems that offer guaranteed document retention and deletion, quick lookup, and compliant migration, together with support for litigation holds and several key aspects of data confidentiality. Moreover, we will discuss the benefits of the recent advent of tamper-resistant, general-purpose trustworthy hardware which opens the door to fundamentally new assurance paradigms, e.g., by deploying this new hard- ware running certified code at the data management server. As heat-dissipation concerns greatly limit the performance of tamper-resistant processors, our goal is to investigate and evaluate software architectures for leveraging a secure processor in the server stack with minimal impact on cost and efficiency.

Radu Sion is an assistant professor of Computer Science in Stony Brook University and the director of the Network Security and Applied Cryptography Laboratory. His research focuses on data security and information assurance mechanisms. Collaborators and funding partners include IBM Research, IBM Cryptography Group, Motorola Labs, the Center of Excellence in Wireless and Information Technology CEWIT, the Stony Brook Office for the Vice-President for Research and the National Science Foundation. Dr. Sion is serving on the organizing committee of numerous data management and information security conferences, such as SIGMOD, ICDE, ICDCS, CCS, Financial Cryptography, USENIX Security a.o.

Web: http://www.cs.stonybrook.edu/~sion
NSAC Lab: http://crypto.cs.stonybrook.edu


Back to Index