A survey of data provenance in e-science
ACM SIGMOD Record
A New SOA Data-Provenance Framework
ISADS '07 Proceedings of the Eighth International Symposium on Autonomous Decentralized Systems
A survey of trust in computer science and the Semantic Web
Web Semantics: Science, Services and Agents on the World Wide Web
Security protocols, properties, and their monitoring
Proceedings of the fourth international workshop on Software engineering for secure systems
Security issues in a SOA-Based provenance system
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Hi-index | 0.02 |
We describe a framework for capturing Data Provenance information to support Information Assurance attributes like Availability, Authentication, Confidentiality, Integrity and Non-Repudiation. Our approach is applicable to Multi-Level Secure systems where it is not always possible to directly provide data source and data transformation information. We achieve this by combining the subjective and objective trust in data as a "Figure of Merit" value that can cross security boundaries. Our architecture captures the Data Provenance information around the 'invariant' part of a message in an XML-based SOA architecture. We also introduce the notion of 'wrappers' so that Data Provenance can be added on while minimizing impact to an existing workflow. We outline a simulation-based framework that allows us to inject faults to model various threats and attacks. We also discuss a dashboard view of a workflow that brings together the intrinsic Information Assurance attributes of a workflow as it was designed as well as its execution in a deployed system. The dashboard can also be used for "what-if" analysis to understand vulnerabilities and determine impact of compromised assets.