Abstract: One embodiment of the present invention provides a system that facilitates detecting data tampering within a table in a database. The system operates by hashing a row in the table to create a row-hash. The system then hashes a block of consecutive row-hashes to create a block-hash. Finally, the system signs the block-hash with an encryption key, so that tampering with data in the row will result in an invalid row-hash and an invalid block-hash.

Abstract: One embodiment of the present invention provides a system that authorizes a sensitive database operation. During operation, the system receives a request to perform a sensitive database operation. Note that, a sensitive database operation is an operation which, in the hands of a malicious user, poses a serious security threat. Next, the system determines a multiparty authorization requirement for the sensitive database operation, wherein the multiparty authorization requirement specifies a set of approvals required for authorizing the sensitive database operation. The system then sends approval requests to one or more approving parties based on the multiparty authorization requirement. Next, the system receives approvals for authorizing the sensitive database operation. The system then determines whether the approvals satisfy the multiparty authorization requirement.

Abstract: One embodiment of the present invention provides a system that facilitates detecting data tampering within a table in a database. The system operates by hashing a row in the table to create a row-hash. The system then hashes a block of consecutive row-hashes to create a block-hash. Finally, the system signs the block-hash with an encryption key, so that tampering with data in the row will result in an invalid row-hash and an invalid block-hash.

Abstract: One embodiment of the present invention provides a system that authorizes a sensitive database operation. During operation, the system receives a request to perform a sensitive database operation. Note that, a sensitive database operation is an operation which, in the hands of a malicious user, poses a serious security threat. Next, the system determines a multiparty authorization requirement for the sensitive database operation, wherein the multiparty authorization requirement specifies a set of approvals required for authorizing the sensitive database operation. The system then sends approval requests to one or more approving parties based on the multiparty authorization requirement. Next, the system receives approvals for authorizing the sensitive database operation. The system then determines whether the approvals satisfy the multiparty authorization requirement.