Provenance as a Security Control
نویسندگان
چکیده
Much has been written about security and provenance. Although both have their own large areas of concern, there is a very significant intersection. One is often brought to bear upon the other, in the study of the security of provenance. We discuss through a series of examples how provenance might be regarded as a security control in its own right. We argue that a risk-based approach to provenance is appropriate, and is already being used informally. A case study illustrates the applicability of this line of reasoning.
منابع مشابه
Secure Scientific Workflow Provenance Querying with Security Views
Provenance, the metadata that pertains to the derivation history of a data product starting from its original sources, has become increasingly important in scientific workflow environments. In many cases, both data products and their provenance can be sensitive and effective access control mechanisms are essential to protect their confidentiality. In this paper, we propose i) a formalization of...
متن کاملDependency Path Patterns as the Foundation of Access Control in Provenance-aware Systems
A unique characteristics of provenance data is that it forms a directed acyclic graph (DAG) in accordance with the underlying causality dependencies between entities (acting users, action processes and data objects) involved in transactions. Data provenance raises at least two distinct security-related issues. One is how to control access to provenance data which we call Provenance Access contr...
متن کاملAn Access Control Language for a General Provenance Model
Provenance access control has been recognized as one of the most important components in an enterprise-level provenance system. However, it has only received little attention in the context of data security research. One important challenge in provenance access control is the lack of an access control language that supports its specific requirements, e.g., the support of both fine-grained polic...
متن کاملCombining Provenance and Security Policies in a Web-based Document Management System
Provenance and security are intimately related. Cheney et al. [3] show that the dependencies underlying provenance information also underly information flow security policies. Provenance information can also play a role in history-based access control policies [1]. Many real applications have the need to combine a variety of security policies with provenance tracking. For instance, an online st...
متن کاملDigital provenance: Enabling secure data forensics in cloud computing
Secure provenance that records the ownership and process history of data objects is vital to the success of data forensics in cloud computing. In this paper, we propose a new secure provenance scheme based on group signature and attribute-based signature techniques. The proposed provenance scheme provides confidentiality on sensitive documents stored in a cloud, unforgeability of the provenance...
متن کامل