Provenance Based Classification Access Policy System Based on Encrypted Search for Cloud Data Storage

  • Xinyu FanEmail author
  • Vijay Varadharajan
  • Michael Hitchens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9290)


Digital provenance, as an important type of cloud data, has aroused increasing attention on improving system performance. Currently, provenance have been employed to provide hints on access control and estimate data quality. However, provenance itself might also be sensitive information. Therefore, provenance might be encrypted to store on cloud. In this paper, we provide a mechanism to classify cloud documents by searching specific keywords from their encrypted provenance, and we proof our scheme achieves semantic security.


Security Provenance Access policies Encrypted search 


  1. 1.
    Jaehong, P., Dang, N., Ravi, S.S.: A provenance-based access control model. In: Tenth Annual International Conference on Privacy, Security and Trust, Paris, pp. 137–144 (2012)Google Scholar
  2. 2.
    Dang, N., Jaehong, P., Ravi, S.S.: A provenance-based access control model for dynamic separation of duties. In: Eleventh Annual International Conference on Privacy, Security and Trust, Tarragona, Catalonia, Spain, pp. 247–256 (2013)Google Scholar
  3. 3.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  4. 4.
    Luc, M., Ben, C., Juliana, F., Joe, F., Yolanda, G., Paul, T.G., Natalia, K., Simon, K., Paolo, M., Jim, M., Beth, P., Yogesh, S., Eric, G.S., Jan, V.D.B.: The open provenance model core specification (v1.1). Future Gener. Comp. Syst. 27, 743–756 (2011)CrossRefGoogle Scholar
  5. 5.
    Umut, A.A., Peter, B., James, C., Jan, V.D.B., Natalia, K., Stijn, V.: A graph model of data and workflow provenance. In: TaPP (2010)Google Scholar
  6. 6.
    Martin, D., Maria, T.: CRMdig: a generic digital provenance model for scientific observation. In: TaPP (2011)Google Scholar
  7. 7.
    Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  8. 8.
    Christoph, B.: How usage control and provenance tracking get together - a data protection perspective. In: Symposium on Security and Privacy Workshops, pp. 13–17. IEEE, San Francisco (2013)Google Scholar
  9. 9.
    Uri, B., Avraham, S., Margo, I.S.: Securing provenance. In: 3rd USENIX Workshop on Hot Topics in Security, CA, USA (2008)Google Scholar
  10. 10.
    Elisa, G., Gabriel, G., Murat, K., Dang, N., Jae, P., Ravi, S.S., Bhavani, M.T., Shouhuai, X.: A roadmap for privacy-enhanced secure data provenance. J. Intell. Inf. Syst. 43, 481–501 (2014)CrossRefGoogle Scholar
  11. 11.
    Syed, R.H., Changda, W., Salmin, S., Elisa, B.: Secure data provenance compression using arithmetic coding in wireless sensor networks. In: 33rd International Performance Computing and Communications Conference, IPCCC, TX, USA, pp. 1–10 (2014)Google Scholar
  12. 12.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506–522. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  13. 13.
    Ni, Q., Xu, S., Bertino, E., Sandhu, R., Han, W.: An access control language for a general provenance model. In: Jonker, W., Petković, M. (eds.) SDM 2009. LNCS, vol. 5776, pp. 68–88. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  14. 14.
    Dang, N., Jaehong, P., Ravi, S.S.: A provenance-based access control model for dynamic separation of duties. In: Eleventh Annual International Conference on Privacy, Security and Trust, PST, Catalonia, Spain, pp. 247–256 (2013)Google Scholar
  15. 15.
    Jin, L., Xiaofeng, C., Qiong, H., Duncan, S.W.: Digital provenance: enabling secure data forensics in cloud computing. Future Gener. Comp. Syst. 37, 259–266 (2014)CrossRefGoogle Scholar
  16. 16.
    Sherman, S.M., Cheng-Kang, W., Jianying, Z., Robert, H.D.: Dynamic secure cloud storage with provenance. In: Cryptography and Security, pp. 442–464 (2012)Google Scholar
  17. 17.
    Banerjee, A., Naumann, D.A.: History-based access control and secure information flow. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 27–48. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  18. 18.
    Omar, B., Anish, D.S., Alon, Y.H., Martin, T., Jennifer, W.: Databases with uncertainty and lineage. VLDB J. 17, 243–264 (2008)CrossRefGoogle Scholar
  19. 19.
    Peter, B., Adriane, C., James, C.: Provenance management in curated databases. In: International Conference on Management of Data, Chicago, Illinois, USA, pp. 539–550 (2006)Google Scholar
  20. 20.
    Manish, K.A., Shawn, B., Timothy, M.M., Bertram, L.: Efficient provenance storage over nested data collections. In: 12th International Conference on Extending Database Technology, Saint Petersburg, Russia, pp. 958–969 (2009)Google Scholar
  21. 21.
    Thomas, H., Gustavo, A.: Efficient lineage tracking for scientific workflows. In: International Conference on Management of Data, Vancouver, BC, Canada, pp. 1007–1018 (2008)Google Scholar
  22. 22.
    Ali, N.R., Jafar, H.J., Morteza, A., Rasool, J.: GTHBAC: a generalized temporal history based access control model. Telecommun. Syst. 45, 111–125 (2010)CrossRefGoogle Scholar
  23. 23.
    Karl, K., Mogens, N., Vladimiro, S.: A logical framework for history-based access control and reputation systems. J. Comput. Secur. 16, 63–101 (2008)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Xinyu Fan
    • 1
    Email author
  • Vijay Varadharajan
    • 1
  • Michael Hitchens
    • 1
  1. 1.Advanced Cyber Security Research Centre, Department of ComputingMacquarie UniversitySydneyAustralia

Personalised recommendations