Affiliation:
1. University of Saskatchewan
2. University of New Brunswick
Abstract
Provenance information corresponds to essential metadata that describes the entities, users, and processes involved in the history and evolution of a data object. The benefits of tracking provenance information have been widely understood in a variety of domains; however, only recently have provenance solutions gained interest in the security community. Indeed, on the one hand, provenance allows for a reliable historical analysis enabling security-related applications such as forensic analysis and attribution of malicious activity. On the other hand, the unprecedented changes in the threat landscape place demands for securing provenance information to facilitate its trustworthiness.
With the recent growth of provenance studies in security, in this work we examine the role of data provenance in security and privacy. To set this work in context, we outline fundamental principles and models of data provenance and explore how the existing studies achieve security principles. We further review the existing schemes for securing data provenance collection and manipulation known as secure provenance and the role of data provenance for security and privacy, which we refer to as threat provenance.
Funder
Mitacs-Ericsson Global Artificial Intelligence Accelerator (GAIA) partnership
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference148 articles.
1. Wikipedia. 2022. Merkle Tree. Retrieved April 28 2023 from https://en.wikipedia.org/wiki/Merkle_tree.
2. A framework for establishing trust in Cloud provenance;Abbadi Imad M.;International Journal of Information Security,2013
3. ProFact: A provenance-based analytics framework for access control policies;Jabal Amani Abu;IEEE Transactions on Services Computing,2021
4. Umut Acar Peter Buneman James Cheney Jan Van Den Bussche Natalia Kwasnikowska and Stijn Vansummeren. 2010. A graph model of data and workflow provenance. In Proceedings of the 2nd Conference on Theory and Practice of Provenance (TAPP’10) . 1–8.
5. Order preserving secure provenance scheme for distributed networks;Ahmed Idrees;Computers & Security,2019
Cited by
8 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. LLMs for the Post-Hoc Creation of Provenance;2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW);2024-07-08
2. Tractable Executable Binary Provenance Signalling through Vision Transformers;2024 21st Learning and Technology Conference (L&T);2024-01-15
3. ProvSec: Open Cybersecurity System Provenance Analysis Benchmark Dataset with Labels;International Journal of Networked and Distributed Computing;2023-11-15
4. ForensiBlock: A Provenance-Driven Blockchain Framework for Data Forensics and Auditability;2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA);2023-11-01
5. Framework for Data Provenance Assurance in Cloud Environment using Ethereum Blockchain;ICST Transactions on Scalable Information Systems;2023-10-09