Deleting index entries from compliance storage

Soumyadeb Mitra, Marianne Winslett, Nikita Borisov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In response to regulatory focus on secure retention of electronic records, businesses are using magnetic disks configured as write-once read-many (WORM) compliance storage devices to store business documents such as electronic mail for their mandated retention periods. A document committed to a compliance storage device cannot be altered or deleted even by a superuser until its retention period is over, and hence is secure from attacks originating from company insiders. Secure retention, however, is only a part of a document's lifecycle: it is often crucial to properly delete documents once their retention period ends. It is relatively simple to delete a document, but much harder to remove its index entries from WORM. Yet if these entries are not obliterated, the contents of the deleted document can often be reconstructed. In this paper, we formally define secure deletion of document entries from an inverted index on compliance storage. We show that previously proposed deletion schemes for compliance storage index entries do not meet the objectives of secure deletion. On the other hand, the naive approach to secure deletion results in very poor query performance. To provide secure deletion of index entries without compromising lookup efficiency, we propose a novel indexing technique that employs noise terms, merged posting lists, and deletion epochs. Experiments with real-life data show that lookups in our scheme are 5 times faster than the naive approach.

Original languageEnglish (US)
Title of host publicationAdvances in Database Technology - EDBT 2008 - 11th International Conference on Extending Database Technology, Proceedings
Pages109-120
Number of pages12
DOIs
StatePublished - 2008
Event11th International Conference on Extending Database Technology, EDBT 2008 - Nantes, France
Duration: Mar 25 2008Mar 29 2008

Publication series

NameAdvances in Database Technology - EDBT 2008 - 11th International Conference on Extending Database Technology, Proceedings

Other

Other11th International Conference on Extending Database Technology, EDBT 2008
Country/TerritoryFrance
CityNantes
Period3/25/083/29/08

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems
  • Software

Fingerprint

Dive into the research topics of 'Deleting index entries from compliance storage'. Together they form a unique fingerprint.

Cite this