Abstract
This paper distils three decades of provenance research, and we propose a layered framework, the Full Provenance Stack, for describing provenance completely and meaningfully – within and across machines. The provenance layers aim to proliferate layer protocols and approaches for appropriate data provenance levels of detail, and empower cross-platform features – enabling identifying, detecting, responding and recovering capabilities across all cyber security, digital forensics, and data privacy scenarios.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Symantec: State of Information Global Results (2012). https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/state-information-global-results-12-en.pdf
National Institute of Standards and Technology: Framework for Improving Critical Infrastructure Cybersecurity (2014)
Feigenbaum, G., Reist, I.J.: Provenance: An Alternate History of Art. Getty Research Institute, Los Angeles (2012)
Becker, R.A., Chambers, J.M.: Auditing of data analyses. In: Proceedings of the 3rd International Workshop on Statistical and Scientific Database Management, pp. 78–80. Lawrence Berkeley Laboratory (1986)
Buneman, P., Chapman, A., Cheney, J.: Provenance management in curated databases. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 539–550. ACM, Chicago (2006)
Buneman, P., Cheney, J., Vansummeren, S.: On the expressiveness of implicit provenance in query and update languages. ACM Trans. Database Syst. 33, 1–47 (2008)
Muniswamy-Reddy, K.-K., Holland, D.A., Braun, U., Seltzer, M.: Provenance-aware storage systems. In: Proceedings of the Annual Conference on USENIX 2006 Annual Technical Conference, p. 4. USENIX Association, Boston (2006)
Ko, R.K.L., Will, M.A.: Progger: an efficient, Tamper-evident Kernel-space logger for cloud data provenance tracking. In: Proceedings of the 2014 IEEE International Conference on Cloud Computing, pp. 881–889. IEEE Computer Society (2014)
Sar, C., Cao, P.: Lineage file system, pp. 411–414 (2005). http://crypto.stanford.edu/~cao/lineage.html
Suen, C.H., Ko, R.K.L., Tan, Y.S., Jagadpramana, P., Lee, B.S.: S2Logger: end-to-end data tracking mechanism for cloud data provenance. In: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 594–602. IEEE Computer Society (2013)
Ko, R.K.L., Jagadpramana, P., Mowbray, M., Pearson, S., Kirchberg, M., Liang, Q., Lee, B.S.: TrustCloud: a framework for accountability and trust in cloud computing. In: Proceedings of the 2011 IEEE World Congress on Services, pp. 584–588. IEEE Computer Society (2011)
Ko, R.K.L., Jagadpramana, P., Lee, B.S.: Flogger: a file-centric logger for monitoring file access and transfers within cloud computing environments. In: Proceedings of the 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 765–771. IEEE Computer Society (2011)
Sultana, S., Bertino, E.: A file provenance system. In: Proceedings of the Third ACM Conference on Data and Application Security and Privacy, pp. 153–156. ACM, San Antonio (2013)
Gil, Y., Deelman, E., Ellisman, M., Fahringer, T., Fox, G., Gannon, D., Goble, C., Livny, M., Moreau, L., Myers, J.: Examining the challenges of scientific workflows. Computer 40, 24–32 (2007)
Muniswamy-Reddy, K.-K., Braun, U., Holland, D.A., Macko, P., Maclean, D., Margo, D., Seltzer, M., Smogor, R.: Layering in provenance systems. In: Proceedings of the 2009 Conference on USENIX Annual Technical Conference. USENIX Association, San Diego (2009)
Zhang, O.Q., Kirchberg, M., Ko, R.K., Lee, B.S.: How to track your data: the case for cloud computing provenance. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), pp. 446–453. IEEE (2011)
Zimmermann, H.: OSI reference model–the ISO model of architecture for open systems interconnection. In: Partridge, C. (ed.) Innovations in Internetworking, pp. 2–9. Artech House, Inc. (1988)
Zhao, J., Wroe, C., Goble, C., Stevens, R., Quan, D., Greenwood, M.: Using semantic web technologies for representing E-science provenance. In: McIlraith, Sheila A., Plexousakis, D., van Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 92–106. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30475-3_8
Foster, I.T., Vöckler, J., Wilde, M., Zhao, Y.: Chimera: a virtual data system for representing, querying, and automating data derivation. In: Proceedings of the 14th International Conference on Scientific and Statistical Database Management, pp. 37–46. IEEE Computer Society (2002)
Bose, R.K.: Composing and Conveying Lineage Metadata for Environmental Science Research Computing, p. 151. University of California, Santa Barbara (2004)
Symantec: Internet Security Threat Report (2017). https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Ko, R.K.L., Phua, T.W. (2017). The Full Provenance Stack: Five Layers for Complete and Meaningful Provenance. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10658. Springer, Cham. https://doi.org/10.1007/978-3-319-72395-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-72395-2_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72394-5
Online ISBN: 978-3-319-72395-2
eBook Packages: Computer ScienceComputer Science (R0)