Trusted Tamper-Evident Data Provenance

  title={Trusted Tamper-Evident Data Provenance},
  author={Mohammad M. Bany Taha and Sivadon Chaisiri and Ryan Kok Leong Ko},
  journal={2015 IEEE Trustcom/BigDataSE/ISPA},
Data provenance, the origin and derivation history of data, is commonly used for security auditing, forensics and data analysis. While provenance loggers provide evidence of data changes, the integrity of the provenance logs is also critical for the integrity of the forensics process. However, to our best knowledge, few solutions are able to fully satisfy this trust requirement. In this paper, we propose a framework to enable tamper-evidence and preserve the confidentiality and integrity of… 

Figures and Tables from this paper

Prov-Trust: Towards a Trustworthy SGX-based Data Provenance System

Prov-Trust is proposed, a decentralized and auditable SGX-based data provenance system relying on highly distributed ledgers that allows anchored data to have public witness, providing tamper-proof provenance data, enabling the transparency of data accountability, and enhancing the secrecy and availability of theprovenance data.

Trustworthy data: A survey, taxonomy and future trends of secure provenance schemes

A Forensic Enabled Data Provenance Model for Public Cloud

The challenges of cloud architecture are identified, how this affects the existing forensic analysis and provenance techniques is discussed, and a model for efficient provenance collection and forensic analysis is proposed.

Applications of Trusted Computing in Cloud Context

This chapter investigates applications of trusted computing in cloud computing areas where security threats exist, namely in live virtual machine migration.

SHARE-ABE: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and Fog computing

This paper presents SHARE-ABE, a novel collaborative approach for preserving privacy that is built on top of Ciphertext-Policy Attribute-Based Encryption (CP-ABe), and introduces a new construction of a collaboration attribute that allows users within the same group to combine their attributes while satisfying the access policy.

Smart offloading technique for CP-ABE encryption schemes in constrained devices

This work proposes a smart offloading technique that switches dynamically from full encryption to partial encryption according to a wise decision strategy considering the available resources and some crucial parameters like the number of attributes and the size of the data being encrypted.

Matrix-Based Dynamic Authentication With Conditional Privacy-Preservation for Vehicular Network Security

A dynamic authentication with conditional privacy-preservation using matrix-based signature generation (DACOP), which is well suited to Vehicle-to-Everything (V2X) networks and can significantly reduce the computation overhead for signature generation.

Adaptive Ciphertext Policy Attribute Based Encryption Scheme for Internet of Things Devices Using Decision Tree

The Internet of Things (IoT) has recently become a hot spot for researchers and its industrial importance is growing exponentially day after day. Statistics show that the number of IoT devices will

An Overview on Smart Contracts: Challenges, Advances and Platforms



Do You Know Where Your Data's Been? - Tamper-Evident Database Provenance

This paper proposes a checksum-based approach, which is well-suited to the unique characteristics of database provenance, including non-linear provenance objects and provenance associated with multiple fine granularities of data.

Progger: An Efficient, Tamper-Evident Kernel-Space Logger for Cloud Data Provenance Tracking

  • R. KoM. Will
  • Computer Science
    2014 IEEE 7th International Conference on Cloud Computing
  • 2014
Progger (Provenance Logger), a kernel-space logger which potentially empowers all cloud stakeholders to trace their data, is presented, which provides high assurance of data security and data activity audit.

The Case of the Fake Picasso: Preventing History Forgery with Secure Provenance

This paper describes a provenance-aware system prototype that implements provenance tracking of data writes at the application layer, which makes it extremely easy to deploy and presents empirical results that show the run-time overhead of the approach to recording provenance with confidentiality and integrity guarantees ranges from 1%-13%.

How to Track Your Data: The Case for Cloud Computing Provenance

This paper surveys current mechanisms that support provenance for cloud computing, classify provenance according to its granularities encapsulating the various sets of provenance data for different use cases, and summarizes the challenges and requirements for collecting provenance in a cloud, based on which the gap between current approaches to requirements is shown.

S2Logger: End-to-End Data Tracking Mechanism for Cloud Data Provenance

S2Logger is introduced, a data event logging mechanism which captures, analyses and visualizes data events in the cloud from the data point of view, and can detect critical data-related cloud security problems such as malicious actions, data leakages and data policy violations by analysing the data provenance.

Security and Data Accountability in Distributed Systems: A Provenance Survey

  • Yu Shyang TanR. KoG. Holmes
  • Computer Science
    2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing
  • 2013
This paper surveys provenance solutions proposed to address the problems of system security and data accountability in distributed systems and derives a set of minimum requirements that are necessary for a provenance system to be effective in addressing the two problems.

Collecting Provenance via the Xen Hypervisor

This paper describes an approach to collecting system-level provenance from virtual guest machines running under the Xen hypervisor and makes the case that this approach alleviates the aforementioned difficulties and promotes adoption of provenance collection within cloud computing platforms.

Provenance-Aware Storage Systems

It is shown that with reasonable overhead, a Provenance-Aware Storage System can provide useful functionality not available in today's file systems or provenance management systems.

Towards Achieving Accountability, Auditability and Trust in Cloud Computing

This position paper considers related research challenges and lays a foundation towards addressing these via three main abstraction layers of cloud accountability and a Cloud Accountability Life Cycle.

Towards More Trustable Log Files for Digital Forensics by Means of “Trusted Computing”

  • B. BockDavid HuemerA. Tjoa
  • Computer Science
    2010 24th IEEE International Conference on Advanced Information Networking and Applications
  • 2010
This paper provides a solution based on Trusted Computing using a Trusted Platform Module (TPM) and AMD’s Secure Virtual Machine technology (SVM) to establish hardware-based trust in the log producing application.