User written transaction code is responsible for the “C” in ACID
transactions, i.e., taking the database from one consistent state to
the next. However, user transactions can be flawed and lead to
inconsistent (or invalid) states. Database systems usually correct
invalid data using “point in time” recovery, a costly process that
installs a backup and rolls it forward. The result is long outages
and the “de-commit” of many valid transactions, which must then
be re-submitted, frequently manually. We have implemented in
our transaction-time database system a technique in which only
data tainted by a flawed transaction and transactions dependent
upon its updates are “removed”. This process identifies and
quarantines tainted data despite the complication of determining
transactions dependent on data written by the flawed transaction.
A further property of our implementation is that no backup needs
to be installed for this because the prior transaction-time states
provide an online backup.