Towards a Threat Model for Provenance in e-Science

  • Luiz M. R. GadelhaJr.
  • Marta Mattoso
  • Michael Wilde
  • Ian Foster
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6378)


Scientists increasingly rely on workflow management systems to perform large-scale computational scientific experiments. These systems often collect provenance information that is useful in the analysis and reproduction of such experiments. On the other hand, this provenance data may be exposed to security threats which can result, for instance, in compromising the analysis of these experiments, or in illegitimate claims of attribution. In this work, we describe our ongoing work to trace security requirements for provenance systems in the context of e-Science, and propose some security controls to fulfill them.


Security Requirement Security Control Threat Model Provenance Data Provenance Information 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aldeco-Pérez, R., Moreau, L.: Provenance-based Auditing of Private Data Use. In: Proc. of the BCS International Academic Research Conference, Visions of Computer Science (2008)Google Scholar
  2. 2.
    Braun, U., Shinnar, A., Seltzer, M.: Securing Provenance. In: Proc. 3rd USENIX Workshop on Hot Topics in Security, HotSec 2008 (2008)Google Scholar
  3. 3.
    Davidson, S., Khanna, S., Roy, S., Cohen-Boulakia, S.: Privacy Issues in Scientific Workflow Provenance. In: Proceedings of the 1st International Workshop on Workflow Approaches to New Data-centric Science, WANDS 2010 (2010)Google Scholar
  4. 4.
    Gadelha, L., Clifford, B., Mattoso, M., Wilde, M., Foster, I.: Provenance Management in Swift. Future Generation Computer Systems (2010) (in press, accepted manuscript)Google Scholar
  5. 5.
    Gadelha, L., Mattoso, M.: Kairos: An Architecture for Securing Authorship and Temporal Information of Provenance Data in Grid-Enabled Workflow Management Systems. In: Proc. 4th IEEE International Conference on e-Science (e-Science 2008), pp. 597–602 (2008)Google Scholar
  6. 6.
    Haber, S., Stornetta, W.: How to Time-Stamp a Digital Document. Journal of Cryptology 3(2), 99–111 (1991)CrossRefzbMATHGoogle Scholar
  7. 7.
    Hasan, R., Sion, R., Winslett, M.: Introducing Secure Provenance: Problems and Challenges. In: Proc. 2007 ACM Workshop on Storage Security and Survivability (StorageSS 2009), pp. 13–18 (2007)Google Scholar
  8. 8.
    Hasan, R., Sion, R., Winslett, M.: Preventing history forgery with secure provenance. ACM Transactions on Storage 5(4), 1–43 (2009)CrossRefGoogle Scholar
  9. 9.
    Hasan, R., Sion, R., Winslett, M.: The Case of the Fake Picasso: Preventing History Forgery with Secure Provenance. In: Proc. 7th USENIX Conference on File and Storage Technologies (FAST 2009), pp. 1–14 (2009)Google Scholar
  10. 10.
    Nagappan, M., Vouk, M.: A Model for Sharing of Confidential Provenance Information in a Query Based System. In: Freire, J., Koop, D., Moreau, L. (eds.) IPAW 2008. LNCS, vol. 5272, pp. 62–69. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Ni, Q., Xu, S., Bertino, E., Sandhu, R., Han, W.: An Access Control Language for a General Provenance Model. In: Jonker, W., Petković, M. (eds.) Secure Data Management. LNCS, vol. 5776, pp. 68–88. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Tan, V., Groth, P., Miles, S., Jiang, S., Munroe, S., Tsasakou, S., Moreau, L.: Security Issues in a SOA-Based Provenance System. In: Moreau, L., Foster, I. (eds.) IPAW 2006. LNCS, vol. 4145, pp. 203–211. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Wilde, M., Foster, I., Iskra, K., Beckman, P., Espinosa, A., Hategan, M., Clifford, B., Raicu, I.: Parallel Scripting for Applications at the Petascale and Beyond. IEEE Computer 42(11), 50–60 (2009)CrossRefGoogle Scholar
  14. 14.
    Xu, S., Ni, Q., Bertino, E., Sandhu, R.: A Characterization of The Problem of Secure Provenance Management. In: Proc. IEEE International Conference on Intelligence and Security Informatics (ISI 2009), pp. 310–314 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Luiz M. R. GadelhaJr.
    • 1
  • Marta Mattoso
    • 1
  • Michael Wilde
    • 2
  • Ian Foster
    • 2
  1. 1.Computer and Systems Engineering ProgramFederal University of Rio de JaneiroBrazil
  2. 2.Computation InstituteUniversity of Chicago / Argonne National LaboratoryUSA

Personalised recommendations