Skip to main content
SpringerLink
Log in

A Secure Provenance Scheme for Detecting Consecutive Colluding Users in Distributed Networks

  • Published:
International Journal of Parallel Programming Aims and scope Submit manuscript

Abstract

Data provenance is becoming extremely important these days for distributed environment, due to the ease in sharing and modifying data stored (e.g. cloud storage systems). However, the protection of provenance chain has been greatly understudied problem. This paper presents a secure provenance scheme for a distributed environment, designed to ensure data confidentiality, integrity, and non-repudiation. Specifically, the proposed scheme is designed to detect attacks on a provenance chain launched by multiple concurrent adversaries, such as forged provenance records and provenance record shuffling attacks. Moreover, the proposed scheme detects the provenance record, which has been perturbed and identifies the malicious or compromised user. We then evaluate our scheme empirically and analytically with the state of the art to demonstrate its security and performance in terms of computational and storage overheads.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Moreau, L., Paolo, M.: PROV-DM: the PROV data model, W3C recommendation (2013)

  2. Buneman, P., Khanna, S., Tan, W.C.: On propagation of deletions and annotations through views. In: Proceedings of 21st ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, pp. 150–158. ACM (2002)

  3. Buneman, P., Khanna, S., Tan, W.C.: Why and where provenance: a characterization of data provenance. In: Database Theory ICDT 2001, pp. 316–330. Springer (2001)

  4. Clifford, B., Foster, I., Voeckler, J.S., Wilde, M., Zhao, Y.: Tracking provenance in a virtual data grid. Concurr. Comput. Pract. Exp. 20(5), 565–575 (2008)

    Article  Google Scholar 

  5. Davidson, S.B., Boulakia, S.C., Eyal, A., Ludscher, B., McPhillips, T.M., Bowers, S., Anand, M.K., Freire, J.: Provenance in scientific workflow systems. IEEE Data Eng. Bull. 30(4), 4450 (2007)

    Google Scholar 

  6. Davidson, S.B., Freire, J.: Provenance and scientific work-flows: challenges and opportunities. In: Proceedings of the 2008 ACM SIG-MOD International Conference on Management of Data, p. 13451350. ACM (2008)

  7. Groth, P., Gil, Y., Cheney, J., Miles, S.: Requirements for provenance on the web. Int. J. Digit. Curation 7(1), 3956 (2012)

    Article  Google Scholar 

  8. Hartig, O.: Provenance information in the web of data. In: LDOW (2009)

  9. Muniswamy-Reddy, K.K., Holland, D.A., Braun, U., Seltzer, M.I.: Provenance-aware storage systems. In: USENIX Annual Technical Conference, General Track, p. 4356 (2006)

  10. Sar, C., Cao, P.: Lineage file system, p. 411414. http://crypto.stanford.edu/cao/lineage.html (2005). Accessed 2 Aug 2016

  11. Gehani, A., Kim, M., Zhang, J.: Steps toward managing lineage metadata in grid clusters. In: First Workshop on Theory and Practice of Provenance, p. 7. USENIX Association (2009)

  12. Hasan, R., Sion, R., Winslett, M.: The case of the fake Picasso: preventing history forgery with secure provenance. In: FAST, vol. 9, pp. 1–14 (2009)

  13. Hasan, R., Sion, R., Winslett, M.: Preventing history forgery with secure provenance. ACM Trans. Storage (TOS) 5(4), 12 (2009)

    Google Scholar 

  14. Wang, X., Zeng, K., Govindan, K., Mohapatra, P.: Chaining for securing data provenance in distributed information networks. In: MILCOM 2012, pp. 1–6 (2012)

  15. Rangwala, M., Liang, Z., Peng, W., Zou, X., Li, F.: A mutual agreement signature scheme for secure data provenance. Environments 13, 14 (2016)

    Google Scholar 

  16. Luiz, M.R., Gadelha Jr, Marta, M.: Kairos: an architecture for securing authorship and temporal information of provenance data in grid- enabled workflow management systems. In: IEEE Fourth International Conference on eScience, 2008. eScience08, p. 597602. IEEE (2008)

  17. Khan, R., Zawoad, S., Md Haque, M., Hasan, R.: OTIT: towards secure provenance modeling for location proofs. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 87–98. ACM (2014)

  18. Hassan, R., Burns, R.: Where have you been? Secure location provenance for mobile devices. arXiv preprint arXiv:1107.1821 (2011)

  19. Hasan, R., Khan, R., Zawoad, S., Md Haque, M.: WORAL: a witness oriented secure location provenance framework for mobile devices. IEEE Trans. Emerg. Top. Comput. (2015)

  20. Asghar, M.R., Ion, M., Russello, G., Crispo, B.: Securing data provenance in the cloud. In: Lomet, D.B. (ed.) Open Problems in Network Security, p. 145160. Springer (2012)

  21. Lu, R., Lin, X., Liang, X., Sherman Shen, X.: Secure provenance: the essential of bread and butter of data forensics in cloud computing. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 282–292. ACM (2010)

  22. Saad, M.I.M., Jalil, K.A., Manaf, M.: Achieving trust in cloud computing using secure data provenance. In: IEEE Conference on Open Systems (ICOS). October 26–28 2014, Subang Malaysia (2014)

  23. Alharbi, K., Lin, X.: PDP: a privacy-preserving data provenance scheme. https://doi.org/10.1109/icdcsw (2012)

  24. Zawoad, S., Hasan, R.: SECAP: towards securing application provenance in the cloud. In: 2016 IEEE 9th International Conference on Cloud Computing (CLOUD), pp. 900–903. IEEE (2016)

  25. Liang, X., Shetty, S., Tosh, D., Kamhoua, C., Kwiat, K., Njilla, L.: ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: International Symposium on Cluster, Cloud and Grid Computing, IEEE/ACM (2017). https://doi.org/10.1109/CCGRID.2017.8

  26. Xu, S., Ni, Q., Bertino, E., Sandhu, R.: A characterization of the problem of secure provenance management. In: IEEE International Conference on Intelligence and Security Informatics, 2009. ISI’ 09, pp. 310–314. IEEE (2009)

  27. Sultana, S., Shehab, M., Bertino, E.: Secure provenance transmission for streaming data. IEEE Trans. Knowl. Data Eng. 25(8), 1364–1378 (2011)

    Google Scholar 

  28. Sultana, S., Ghinita, G., Bertino, E., Shehab, M.: A lightweight secure provenance scheme for wireless sensor networks. In: IEEE 18th International Conference on Parallel and Distributed Systems (ICPADS), 2012, p. 101108. IEEE (2012)

  29. Sultana, S., Ghinita, G., Bertino, E., Shehab, M.: A lightweight secure scheme for detecting provenance forgery and packet drop attacks in wireless sensor networks. IEEE Trans Dependable Secure Comput (2014)

  30. Hussain, S.R., Wang, C., Sultana, S., Bertino, E.: Secure data provenance compression using arithmetic coding in wireless sensor networks. In: Performance Computing and Communications Conference (IPCCC), 2014 IEEE International, pp. 1–10. IEEE (2014)

  31. Wang, C., Bertino, E.: Sensor network provenance compression using dynamic bayesian networks. ACM Trans. Sens. Netw (TOSN) 13(1), 5 (2017)

    Google Scholar 

  32. Wang, C., Hussain, S.R., Bertino, E.: Dictionary based secure provenance compression for wireless sensor networks. IEEE Trans. Parallel Distrib. Syst 27(2), 405–418 (2016)

    Article  Google Scholar 

  33. Syalim, A., Nishide, T., Sakurai, K.: Preserving integrity and confidentiality of a directed acyclic graph model of provenance. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV, vol. 6166, pp. 311–318. Springer, Berlin (2010)

    Chapter  Google Scholar 

  34. Schler, M., Schulze, S., Merkel, R., Saake, G., Dittmann, J.: Reliable provenance information for multimedia data using invertible fragile watermarks. In: British National Conference on Databases, pp. 3–17. Springer, Berlin (2011)

  35. Aman, M.N., Chua, K.C., Sikdar, B.: Secure data provenance for the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 11–14. ACM (2017)

  36. Zafar, F., Khan, A., Suhail, S., Ahmed, I., Hameed, K., Khan, H.M., Jabeen, F., Anjum, A.: Trustworthy data: a survey, taxonomy and future trends of secure provenance schemes. J. Netw. Comput. Appl. 94, 50–68 (2017)

    Article  Google Scholar 

  37. Jamil, F., Khan, A., Anjum, A., Ahmed, M., Jabeen, F., Javaid, N.: Secure provenance using an authenticated data structure approach. Comput. Secur. 73, 34–56 (2018)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, COMSATS University, Islamabad, Pakistan

    Idrees Ahmed, Abid Khan, Adeel Anjum & Mansoor Ahmed

  2. National Textile University, Faisalabad, Pakistan

    Muhammad Asif Habib

Authors
  1. Idrees Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abid Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Adeel Anjum
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mansoor Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muhammad Asif Habib
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abid Khan.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmed, I., Khan, A., Anjum, A. et al. A Secure Provenance Scheme for Detecting Consecutive Colluding Users in Distributed Networks. Int J Parallel Prog 48, 344–366 (2020). https://doi.org/10.1007/s10766-018-0601-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10766-018-0601-y

Keywords

Search

Navigation