Conference Paper

Towards a Threat Model for Provenance in e-Science.

DOI: 10.1007/978-3-642-17819-1_32 Conference: Provenance and Annotation of Data and Processes - Third International Provenance and Annotation Workshop, IPAW 2010, Troy, NY, USA, June 15-16, 2010. Revised Selected Papers
Source: DBLP


Scientists increasingly rely on workflow management systems to perform large-scale computational scientific experiments. These
systems often collect provenance information that is useful in the analysis and reproduction of such experiments. On the other
hand, this provenance data may be exposed to security threats which can result, for instance, in compromising the analysis
of these experiments, or in illegitimate claims of attribution. In this work, we describe our ongoing work to trace security
requirements for provenance systems in the context of e-Science, and propose some security controls to fulfill them.

Download full-text


Available from: Ian Foster, Oct 13, 2015
1 Follower
17 Reads
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Secure provenance techniques are essential in generating trustworthy provenance records, where one is interested in protecting their integrity, confidentiality, and availability. In this work, we suggest an architecture to provide protection of authorship and temporal information in grid-enabled provenance systems. It can be used in the resolution of conflicting intellectual property claims, and in the reliable chronological reconstitution of scientific experiments. We observe that some techniques from public key infrastructures can be readily applied for this purpose. We discuss the issues involved in the implementation of such architecture and describe some experiments realized with the proposed techniques.
    Fourth International Conference on e-Science, e-Science 2008, 7-12 December 2008, Indianapolis, IN, USA; 01/2008
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The prospect of a world in which all text, audio, picture, and video documents are in digital form on easily modifiable media raises the issue of how to certify when a document was created or last changed. The problem is to time-stamp the data, not the medium. We propose computationally practical procedures for digital time-stamping of such documents so that it is infeasible for a user either to back-date or to forward-date his document, even with the collusion of a time-stamping service. Our procedures maintain complete privacy of the documents themselves, and require no record-keeping by the time-stamping service. Appeared, with minor editorial changes, in Journal of Cryptology, Vol. 3, No. 2, pp. 99--111, 1991. 0 Time's glory is to calm contending kings, To unmask falsehood, and bring truth to light, To stamp the seal of time in aged things, To wake the morn, and sentinel the night, To wrong the wronger till he render right. The Rape of Lucrece, l. 941 1 Introduction ...
    Journal of Cryptology 09/1999; 3(2). DOI:10.1007/BF00196791 · 1.02 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: As increasing amounts of valuable information are produced and persist digitally, the ability to determine the origin of data becomes important. In science, medicine, commerce, and government, data provenance tracking is essential for rights protection, regulatory compliance, management of intelligence and medical data, and authentication of information as it flows through workplace tasks. In this paper, we show how to provide strong integrity and confidentiality assurances for data provenance information. We describe our provenance-aware system prototype that implements provenance tracking of data writes at the application layer, which makes it extremely easy to deploy. We present empirical results that show that, for typical real-life workloads, the run-time overhead of our approach to recording provenance with confidentiality and integrity guarantees ranges from 1%-13%.
    7th USENIX Conference on File and Storage Technologies, February 24-27, 2009, San Francisco, CA, USA. Proceedings; 10/2009
Show more