Preventing history forgery with secure provenance

被引：59

作者：

Hasan, Ragib ^{[1
]}

Sion, Radu ^{[2
]}

Winslett, Marianne ^{[1
]}

机构：

[1] Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL 61801

[2] Department of Computer Science, Stony Brook University, Stony Brook

来源：

ACM Transactions on Storage | 2009年 / 5卷 / 04期

关键词：

Audit; Confidentiality; Integrity; Lineage; Provenance; Security;

D O I：

10.1145/1629080.1629082

中图分类号：

学科分类号：

摘要：

As increasing amounts of valuable information are produced and persist digitally, the ability to determine the origin of data becomes important. In science, medicine, commerce, and government, data provenance tracking is essential for rights protection, regulatory compliance, management of intelligence and medical data, and authentication of information as it flows through workplace tasks. While significant research has been conducted in this area, the associated security and privacy issues have not been explored, leaving provenance information vulnerable to illicit alteration as it passes through untrusted environments. In this article, we show how to provide strong integrity and confidentiality assurances for data provenance information at the kernel, file system, or application layer. We describe Sprov, our provenance-aware system prototype that implements provenance tracking of data writes at the application layer, which makes Sprov extremely easy to deploy. We present empirical results that show that, for real-life workloads, the runtime overhead of Sprov for recording provenance with confidentiality and integrity guarantees ranges from 1% to 13%, when all file modifications are recorded, and from 12% to 16%, when all file read and modifications are tracked. © 2009 ACM.

引用

共 57 条

[41]

Peterson Z.N.J., Burns R., Ateniese G., Bono S., Design and implementation of verifiable audit trails for a versioning file system, Proceedings of the 5th USENIX Conference on File and Storage Technologies (FAST), pp. 20-20, (2007)

[42]

Pugh W., Skip lists: A probabilistic alternative to balanced trees, Comm. ACM, 33, 6, pp. 668-676, (1990)

[43]

Roselli D., Lorch J.R., Anderson T.E., A comparison of file system workloads, Proceedings of the USENIX Annual Technical Conference, (2000)

[44]

Sandler D., Wallach D.S., Casting votes in the auditorium, Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology, (2007)

[45]

Sar C., Cao P., Lineage File System, (2005)

[46]

Schneier B., Kelsey J., Secure audit logs to support computer forensics, ACM Trans. Inform. Syst. Secur., 2, 2, pp. 159-176, (1999)

[47]

Seltzer M., Smith K.A., Balakrishnan H., Chang J., McMains S., Padmanabhan V., File system logging versus clustering: A performance comparison, Proceedings of the USENIX Annual Technical Conference, pp. 21-21, (1995)

[48]

Shamir A., How to share a secret, Comm. ACM, 22, 11, pp. 612-613, (1979)

[49]

Simmhany. L., Plale B., Andgannon D., Asurvey of data provenance in e-science, SIGMOD Rec, 34, 3, pp. 31-36, (2005)

[50]

Snodgrass R.T., Yao S.S., Collberg C., Tamper detection in audit logs, Proceedings of the 30th International Conference on Very Large Data Bases (VLDB), pp. 504-515, (2004)

← 1 2 3 4 5 6 →