Towards Secure Provenance in the Cloud: A Survey

Provenance information are meta-data that summarize the history of the creation and the actions performed on an artefact e.g. data, process etc. Secure provenance is essential to improve data forensics, ensure accountability and increase the trust in the cloud. In this paper, we survey the existing cloud provenance management schemes and proposed security solutions. We investigate the current related security challenges resulting from the nature of the provenance model and the characteristics of the cloud and we finally identify potential research directions which we feel necessary t should be covered in order to build a secure cloud provenance for the next generation.

[1]  Marianne Winslett,et al.  Towards a Secure and Efficient System for End-to-End Provenance , 2010, TaPP.

[2]  Bu-Sung Lee,et al.  S2Logger: End-to-End Data Tracking Mechanism for Cloud Data Provenance , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[3]  Shiyong Lu,et al.  Scientific Workflow Provenance Querying with Security Views , 2008, 2008 The Ninth International Conference on Web-Age Information Management.

[4]  Paul T. Groth,et al.  Security Issues in a SOA-Based Provenance System , 2006, IPAW.

[5]  Xiaohui Liang,et al.  Secure provenance: the essential of bread and butter of data forensics in cloud computing , 2010, ASIACCS '10.

[6]  Xiaozhou Li,et al.  Efficient querying and maintenance of network provenance at internet-scale , 2010, SIGMOD Conference.

[7]  Marta Mattoso,et al.  SciCumulus: A Lightweight Cloud Middleware to Explore Many Task Computing Paradigm in Scientific Workflows , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[8]  Jing Zhang,et al.  Do You Know Where Your Data's Been? - Tamper-Evident Database Provenance , 2009, Secure Data Management.

[9]  Bhavani M. Thuraisingham,et al.  A language for provenance access control , 2011, CODASPY '11.

[10]  Margo I. Seltzer,et al.  Provenance as first class cloud data , 2010, OPSR.

[11]  Luc Moreau,et al.  Securing Provenance-Based Audits , 2010, IPAW.

[12]  Marta Mattoso,et al.  Capturing Distributed Provenance Metadata from Cloud-Based Scientific Workflows , 2011, J. Inf. Data Manag..

[13]  Bruno Crispo,et al.  Securing Data Provenance in the Cloud , 2011, iNetSeC.

[14]  Margo I. Seltzer,et al.  Provenance for the Cloud , 2010, FAST.

[15]  Luc Moreau,et al.  The Open Provenance Model: An Overview , 2008, IPAW.

[16]  Paul T. Groth,et al.  Pipeline-centric provenance model , 2009, WORKS '09.

[17]  Imad M. Abbadi,et al.  Challenges for Provenance in Cloud Computing , 2011, TaPP.

[18]  Marianne Winslett,et al.  SPROV 2.0: A Highly-Configurable Platform-Independent Library for Secure Provenance , 2009 .

[19]  Ethan L. Miller,et al.  Tracking Emigrant Data via Transient Provenance , 2011, TaPP.

[20]  Sanjeev Khanna,et al.  On provenance and privacy , 2010, ICDT '11.

[21]  Geoff Holmes,et al.  Security and Data Accountability in Distributed Systems: A Provenance Survey , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[22]  Margo I. Seltzer,et al.  Provenance-Aware Storage Systems , 2006, USENIX ATC, General Track.

[23]  Imad M. Abbadi A framework for establishing trust in Cloud provenance , 2012, International Journal of Information Security.

[24]  Margo I. Seltzer,et al.  Securing Provenance , 2008, HotSec.

[25]  Marianne Winslett,et al.  Preventing history forgery with secure provenance , 2009, TOS.

[26]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.

[27]  Bu-Sung Lee,et al.  Tracking of Data Leaving the Cloud , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[28]  Andrew P. Martin,et al.  Trusted Computing and Provenance: Better Together , 2010, TaPP.

[29]  Ryan K. L. Ko,et al.  Progger: An Efficient, Tamper-Evident Kernel-Space Logger for Cloud Data Provenance Tracking , 2014, 2014 IEEE 7th International Conference on Cloud Computing.

[30]  Heon Young Yeom,et al.  Provenance security guarantee from origin up to now in the e-Science environment , 2011, J. Syst. Archit..

[31]  Kouichi Sakurai,et al.  Grouping Provenance Information to Improve Efficiency of Access Control , 2009, ISA.

[32]  Yogesh L. Simmhan,et al.  The Open Provenance Model core specification (v1.1) , 2011, Future Gener. Comput. Syst..

[33]  Shouhuai Xu,et al.  An Access Control Language for a General Provenance Model , 2009, Secure Data Management.

[34]  Marianne Winslett,et al.  Efficient audit-based compliance for relational data retention , 2011, ASIACCS '11.

[35]  Bu-Sung Lee,et al.  How to Track Your Data: The Case for Cloud Computing Provenance , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[36]  Kevin R. B. Butler,et al.  Towards secure provenance-based access control in cloud environments , 2013, CODASPY.

[37]  Ashish Gehani,et al.  SPADE: Support for Provenance Auditing in Distributed Environments , 2012, Middleware.

[38]  Bu-Sung Lee,et al.  Flogger: A File-Centric Logger for Monitoring File Access and Transfers within Cloud Computing Environments , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.