Skip lists: a probabilistic alternative to balanced trees
Communications of the ACM
A large-scale study of file-system contents
SIGMETRICS '99 Proceedings of the 1999 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Journal of the American Society for Information Science and Technology - Special issue on the still the frontier: Information Science at the Millenium
Communications of the ACM
Information and Computation
The subversion project: buiding a better CVS
Linux Journal
Chimera: AVirtual Data System for Representing, Querying, and Automating Data Derivation
SSDBM '02 Proceedings of the 14th International Conference on Scientific and Statistical Database Management
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Secure History Preservation Through Timeline Entanglement
Proceedings of the 11th USENIX Security Symposium
Efficient Authentication and Signing of Multicast Streams over Lossy Channels
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Graph-Based Authentication of Digital Streams
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Earth System Science Workbench: A Data Management Infrastructure for Earth Science Products
SSDBM '01 Proceedings of the 13th International Conference on Scientific and Statistical Database Management
A Collaborative Informatics Infrastructure for Multi-scale Science
CLADE '04 Proceedings of the 2nd International Workshop on Challenges of Large Applications in Distributed Environments
A survey of data provenance in e-science
ACM SIGMOD Record
Passive NFS Tracing of Email and Research Workloads
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Provenance management in curated databases
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
A practical revocation scheme for broadcast encryption using smartcards
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Information and System Security (TISSEC)
Provenance-aware storage systems
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
File system logging versus clustering: a performance comparison
TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
A comparison of file system workloads
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
A five-year study of file-system metadata
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Design and implementation of verifiable audit trails for a versioning file system
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Introducing secure provenance: problems and challenges
Proceedings of the 2007 ACM workshop on Storage security and survivability
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Casting votes in the auditorium
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
The provenance of electronic data
Communications of the ACM - The psychology of security: why do good users make bad decisions?
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Measurement and analysis of large-scale network file system workloads
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
The case of the fake Picasso: preventing history forgery with secure provenance
FAST '09 Proccedings of the 7th conference on File and storage technologies
Layering in provenance systems
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Automatic generation of workflow provenance
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Towards low overhead provenance tracking in near real-time stream filtering
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Combining provenance with trust in social networks for semantic web content filtering
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
A provenance model for manually curated data
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Issues in automatic provenance collection
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Security issues in a SOA-Based provenance system
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Provenance-based auditing of private data use
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Document provenance in the cloud: constraints and challenges
EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
Preserving integrity and confidentiality of a directed acyclic graph model of provenance
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Information provenance in social media
SBP'11 Proceedings of the 4th international conference on Social computing, behavioral-cultural modeling and prediction
Provenance security guarantee from origin up to now in the e-Science environment
Journal of Systems Architecture: the EUROMICRO Journal
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Securing data provenance in the cloud
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
A mediator-based system for distributed semantic provenance management systems
Proceedings of the 16th International Database Engineering & Applications Sysmposium
Tracing where and who provenance in Linked Data: A calculus
Theoretical Computer Science
Distributed time-aware provenance
Proceedings of the VLDB Endowment
Supporting secure provenance update by keeping "provenance" of the provenance
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Interaction provenance model for unified authentication factors in service oriented computing
Proceedings of the 4th ACM conference on Data and application security and privacy
A core calculus for provenance
Journal of Computer Security - Security and Trust Principles
Hi-index | 0.00 |
As increasing amounts of valuable information are produced and persist digitally, the ability to determine the origin of data becomes important. In science, medicine, commerce, and government, data provenance tracking is essential for rights protection, regulatory compliance, management of intelligence and medical data, and authentication of information as it flows through workplace tasks. While significant research has been conducted in this area, the associated security and privacy issues have not been explored, leaving provenance information vulnerable to illicit alteration as it passes through untrusted environments. In this article, we show how to provide strong integrity and confidentiality assurances for data provenance information at the kernel, file system, or application layer. We describe Sprov, our provenance-aware system prototype that implements provenance tracking of data writes at the application layer, which makes Sprov extremely easy to deploy. We present empirical results that show that, for real-life workloads, the runtime overhead of Sprov for recording provenance with confidentiality and integrity guarantees ranges from 1% to 13%, when all file modifications are recorded, and from 12% to 16%, when all file read and modifications are tracked.