Basser Seminar Series

RECORDS RETENTION: ADDRESSING INSIDER THREATS TO DATA INTEGRITY

Speaker: Professor Marianne Winslett
University of Illinois at Urbana-Champaign, and
Advanced Digital Sciences Center, Singapore

Time: Tuesday 15 March 2011, 4:00-5:00pm **Please note different day to usual
Refreshments will be available from 3:30pm
Location: The University of Sydney, School of IT Building, Lecture Theatre (Room 123), Level 1

Add seminar to my diary

Abstract

Inaccurate financial statements from major companies, dead people who still vote in elections, world-class gymnasts with uncertain birth dates: insiders often have the power and ability to make inappropriate changes to the content of electronic records. As electronic records replace paper records, it becomes easy to make such alterations without leaving behind evidence that can be used to detect the changes and determine who made them. The US Sarbanes-Oxley Act is perhaps the most (in)famous law that addresses these problems, but it is just one of many regulations that require long-term high-integrity retention of electronic records, all with the goal of ensuring that societal trust in business and government at reasonable cost.

In this talk, we will discuss some of the technical challenges posed by the need for "tamper-proof" retention of records. We will describe how industry has responded to these challenges, the security weaknesses in current product offerings, and the role that researchers and government can play in addressing these weaknesses. We will give an overview of research progress to date and describe the major open research problems in this area.

Speaker's biography

Marianne Winslett has been a professor in the Department of Computer Science at the University of Illinois since 1987. She is an ACM Fellow and the recipient of a Presidential Young Investigator Award from the US National Science Foundation. She is the former vice-chair of ACM SIGMOD and has served on the editorial boards of ACM Transactions on the Web, ACM Transactions on Database Systems, IEEE Transactions on Knowledge and Data Engineering, ACM Transactions on Information and Systems Security, and the Very Large Data Bases Journal. She has received two best paper awards for research on managing regulatory compliance data (VLDB, SSS), one best paper award for research on analyzing browser extensions to detect security vulnerabilities (Usenix Security), and one for keyword search (ICDE). Her PhD is from Stanford University.