Abstract
Data provenance is becoming extremely important these days for distributed environment, due to the ease in sharing and modifying data stored (e.g. cloud storage systems). However, the protection of provenance chain has been greatly understudied problem. This paper presents a secure provenance scheme for a distributed environment, designed to ensure data confidentiality, integrity, and non-repudiation. Specifically, the proposed scheme is designed to detect attacks on a provenance chain launched by multiple concurrent adversaries, such as forged provenance records and provenance record shuffling attacks. Moreover, the proposed scheme detects the provenance record, which has been perturbed and identifies the malicious or compromised user. We then evaluate our scheme empirically and analytically with the state of the art to demonstrate its security and performance in terms of computational and storage overheads.
Similar content being viewed by others
References
Moreau, L., Paolo, M.: PROV-DM: the PROV data model, W3C recommendation (2013)
Buneman, P., Khanna, S., Tan, W.C.: On propagation of deletions and annotations through views. In: Proceedings of 21st ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, pp. 150–158. ACM (2002)
Buneman, P., Khanna, S., Tan, W.C.: Why and where provenance: a characterization of data provenance. In: Database Theory ICDT 2001, pp. 316–330. Springer (2001)
Clifford, B., Foster, I., Voeckler, J.S., Wilde, M., Zhao, Y.: Tracking provenance in a virtual data grid. Concurr. Comput. Pract. Exp. 20(5), 565–575 (2008)
Davidson, S.B., Boulakia, S.C., Eyal, A., Ludscher, B., McPhillips, T.M., Bowers, S., Anand, M.K., Freire, J.: Provenance in scientific workflow systems. IEEE Data Eng. Bull. 30(4), 4450 (2007)
Davidson, S.B., Freire, J.: Provenance and scientific work-flows: challenges and opportunities. In: Proceedings of the 2008 ACM SIG-MOD International Conference on Management of Data, p. 13451350. ACM (2008)
Groth, P., Gil, Y., Cheney, J., Miles, S.: Requirements for provenance on the web. Int. J. Digit. Curation 7(1), 3956 (2012)
Hartig, O.: Provenance information in the web of data. In: LDOW (2009)
Muniswamy-Reddy, K.K., Holland, D.A., Braun, U., Seltzer, M.I.: Provenance-aware storage systems. In: USENIX Annual Technical Conference, General Track, p. 4356 (2006)
Sar, C., Cao, P.: Lineage file system, p. 411414. http://crypto.stanford.edu/cao/lineage.html (2005). Accessed 2 Aug 2016
Gehani, A., Kim, M., Zhang, J.: Steps toward managing lineage metadata in grid clusters. In: First Workshop on Theory and Practice of Provenance, p. 7. USENIX Association (2009)
Hasan, R., Sion, R., Winslett, M.: The case of the fake Picasso: preventing history forgery with secure provenance. In: FAST, vol. 9, pp. 1–14 (2009)
Hasan, R., Sion, R., Winslett, M.: Preventing history forgery with secure provenance. ACM Trans. Storage (TOS) 5(4), 12 (2009)
Wang, X., Zeng, K., Govindan, K., Mohapatra, P.: Chaining for securing data provenance in distributed information networks. In: MILCOM 2012, pp. 1–6 (2012)
Rangwala, M., Liang, Z., Peng, W., Zou, X., Li, F.: A mutual agreement signature scheme for secure data provenance. Environments 13, 14 (2016)
Luiz, M.R., Gadelha Jr, Marta, M.: Kairos: an architecture for securing authorship and temporal information of provenance data in grid- enabled workflow management systems. In: IEEE Fourth International Conference on eScience, 2008. eScience08, p. 597602. IEEE (2008)
Khan, R., Zawoad, S., Md Haque, M., Hasan, R.: OTIT: towards secure provenance modeling for location proofs. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 87–98. ACM (2014)
Hassan, R., Burns, R.: Where have you been? Secure location provenance for mobile devices. arXiv preprint arXiv:1107.1821 (2011)
Hasan, R., Khan, R., Zawoad, S., Md Haque, M.: WORAL: a witness oriented secure location provenance framework for mobile devices. IEEE Trans. Emerg. Top. Comput. (2015)
Asghar, M.R., Ion, M., Russello, G., Crispo, B.: Securing data provenance in the cloud. In: Lomet, D.B. (ed.) Open Problems in Network Security, p. 145160. Springer (2012)
Lu, R., Lin, X., Liang, X., Sherman Shen, X.: Secure provenance: the essential of bread and butter of data forensics in cloud computing. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 282–292. ACM (2010)
Saad, M.I.M., Jalil, K.A., Manaf, M.: Achieving trust in cloud computing using secure data provenance. In: IEEE Conference on Open Systems (ICOS). October 26–28 2014, Subang Malaysia (2014)
Alharbi, K., Lin, X.: PDP: a privacy-preserving data provenance scheme. https://doi.org/10.1109/icdcsw (2012)
Zawoad, S., Hasan, R.: SECAP: towards securing application provenance in the cloud. In: 2016 IEEE 9th International Conference on Cloud Computing (CLOUD), pp. 900–903. IEEE (2016)
Liang, X., Shetty, S., Tosh, D., Kamhoua, C., Kwiat, K., Njilla, L.: ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: International Symposium on Cluster, Cloud and Grid Computing, IEEE/ACM (2017). https://doi.org/10.1109/CCGRID.2017.8
Xu, S., Ni, Q., Bertino, E., Sandhu, R.: A characterization of the problem of secure provenance management. In: IEEE International Conference on Intelligence and Security Informatics, 2009. ISI’ 09, pp. 310–314. IEEE (2009)
Sultana, S., Shehab, M., Bertino, E.: Secure provenance transmission for streaming data. IEEE Trans. Knowl. Data Eng. 25(8), 1364–1378 (2011)
Sultana, S., Ghinita, G., Bertino, E., Shehab, M.: A lightweight secure provenance scheme for wireless sensor networks. In: IEEE 18th International Conference on Parallel and Distributed Systems (ICPADS), 2012, p. 101108. IEEE (2012)
Sultana, S., Ghinita, G., Bertino, E., Shehab, M.: A lightweight secure scheme for detecting provenance forgery and packet drop attacks in wireless sensor networks. IEEE Trans Dependable Secure Comput (2014)
Hussain, S.R., Wang, C., Sultana, S., Bertino, E.: Secure data provenance compression using arithmetic coding in wireless sensor networks. In: Performance Computing and Communications Conference (IPCCC), 2014 IEEE International, pp. 1–10. IEEE (2014)
Wang, C., Bertino, E.: Sensor network provenance compression using dynamic bayesian networks. ACM Trans. Sens. Netw (TOSN) 13(1), 5 (2017)
Wang, C., Hussain, S.R., Bertino, E.: Dictionary based secure provenance compression for wireless sensor networks. IEEE Trans. Parallel Distrib. Syst 27(2), 405–418 (2016)
Syalim, A., Nishide, T., Sakurai, K.: Preserving integrity and confidentiality of a directed acyclic graph model of provenance. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security and Privacy XXIV, vol. 6166, pp. 311–318. Springer, Berlin (2010)
Schler, M., Schulze, S., Merkel, R., Saake, G., Dittmann, J.: Reliable provenance information for multimedia data using invertible fragile watermarks. In: British National Conference on Databases, pp. 3–17. Springer, Berlin (2011)
Aman, M.N., Chua, K.C., Sikdar, B.: Secure data provenance for the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 11–14. ACM (2017)
Zafar, F., Khan, A., Suhail, S., Ahmed, I., Hameed, K., Khan, H.M., Jabeen, F., Anjum, A.: Trustworthy data: a survey, taxonomy and future trends of secure provenance schemes. J. Netw. Comput. Appl. 94, 50–68 (2017)
Jamil, F., Khan, A., Anjum, A., Ahmed, M., Jabeen, F., Javaid, N.: Secure provenance using an authenticated data structure approach. Comput. Secur. 73, 34–56 (2018)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Ahmed, I., Khan, A., Anjum, A. et al. A Secure Provenance Scheme for Detecting Consecutive Colluding Users in Distributed Networks. Int J Parallel Prog 48, 344–366 (2020). https://doi.org/10.1007/s10766-018-0601-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10766-018-0601-y