Provenance as a Security Control

Much has been written about security and provenance. Although both have their own large areas of concern, there is a very significant intersection. One is often brought to bear upon the other, in the study of the security of provenance. We discuss through a series of examples how provenance might be regarded as a security control in its own right. We argue that a risk-based approach to provenance is appropriate, and is already being used informally. A case study illustrates the applicability of this line of reasoning.

[1]  Marianne Winslett,et al.  Introducing secure provenance: problems and challenges , 2007, StorageSS '07.

[2]  Margo I. Seltzer,et al.  Provenance for the Cloud , 2010, FAST.

[3]  Margo I. Seltzer,et al.  Securing Provenance , 2008, HotSec.

[4]  Jing Zhang,et al.  Do You Know Where Your Data's Been? - Tamper-Evident Database Provenance , 2009, Secure Data Management.

[5]  Marek J. Sergot,et al.  Towards a Mechanism for Discretionary Overriding of Access Control , 2004, Security Protocols Workshop.

[6]  Xiaohui Liang,et al.  Secure provenance: the essential of bread and butter of data forensics in cloud computing , 2010, ASIACCS '10.

[7]  James Cheney,et al.  A Formal Framework for Provenance Security , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[8]  Andrew P. Martin,et al.  Trusted Computing and Provenance: Better Together , 2010, TaPP.

[9]  Elisa Bertino,et al.  A Provenance Based Mechanism to Identify Malicious Packet Dropping Adversaries in Sensor Networks , 2011, 2011 31st International Conference on Distributed Computing Systems Workshops.

[10]  Raymond A. Paul,et al.  Data provenance in SOA: security, reliability, and integrity , 2007, Service Oriented Computing and Applications.