Provenance: Privacy and Security
Confidentiality; Integrity; Lineage; Origin
Data provenance is information about the origins of data and its movement between databases and processes. It can be used to understand and debug the process by which data was obtained and transformed, to ensure reproducibility of results, and to establish trust. Provenance therefore has implications for both the security and privacy of the associated data. As metadata, there are also security and privacy concerns associated with provenance itself, including the integrity, confidentiality, and availability of provenance information.
Tracking the provenance of data within a system includes (i) capturing metadata associated with raw data that is input to the system and (ii) details of computations that transform the raw data to create new information, e.g., the sequence of steps or processes, parameter settings (in a program), and inputs and outputs of each step. Queries over provenance typically answer...
- 3.Braun U, Shinnar A, Seltzer M. Securing provenance. In: Proceedings of the 3rd USENIX Workshop on Hot Topics in Security; 2008. p. 4:1–5.Google Scholar
- 4.Chebotko A, Chang S, Lu S, Fotouhi F, Yang P. Scientific workflow provenance querying with security views. In: Proceedings of the 9th International Conference on Web-Age Information Management; 2008. p. 349–56.Google Scholar
- 5.Cheney J. A formal framework for provenance security. In: Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium; 2011. p. 281–93.Google Scholar
- 6.Davidson SB, Khanna S, Milo T, Panigrahi D, Roy S. Provenance views for module privacy. In: Proceedings of the 30th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems; 2011. p. 175–86.Google Scholar
- 7.Davidson SB, Khanna S, Roy S, Stoyanovich J, Tannen V, Chen Y. On provenance and privacy. In: Proceedings of the 14th International Conference on Database Theory; 2011. p. 3–10.Google Scholar
- 8.Dey SC, Zinn D, Ludäscher B. PROPUB: Towards a declarative approach for publishing customized, policy-aware provenance. In: Proceedings of the 23rd International Conference on Scientific and Statistical Database Management; 2011. p. 225–43.Google Scholar
- 9.Dwork C. Differential privacy: a survey of results. In: Proceedings of the 5th Annual Conference on Theory and Applications of Models of Computation; 2008. p. 1–9.Google Scholar
- 10.Hasan R, Sion R, Winslett M. Introducing secure provenance: problems and challenges. In: Proceedings of the 2007 ACM Workshop on Storage Security and Survivability; 2007. p. 13–8.Google Scholar
- 12.Lu R, Lin X, Liang X, Shen XS. Secure provenance: the essential of bread and butter of data forensics in cloud computing. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security; 2010. p. 282–92.Google Scholar
- 14.Missier P, Bryans J, Gamble C, Curcin V, Dánger R. ProvAbs: model, policy, and tooling for abstracting PROV graphs. In: IPAW; 2014. p. 3–15.Google Scholar
- 15.Zhang J, Chapman A, LeFevre K. Do you know where your data’s been? – tamper-evident database provenance. In: SDM; 2009. p. 17–32.Google Scholar