Securing Data Provenance in the Cloud

  • Muhammad Rizwan Asghar
  • Mihaela Ion
  • Giovanni Russello
  • Bruno Crispo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7039)


Cloud storage offers the flexibility of accessing data from anywhere at any time while providing economical benefits and scalability. However, cloud stores lack the ability to manage data provenance. Data provenance describes how a particular piece of data has been produced. It is vital for a post-incident investigation, widely used in healthcare, scientific collaboration, forensic analysis and legal proceedings. Data provenance needs to be secured since it may reveal private information about the sensitive data while the cloud service provider does not guarantee confidentiality of the data stored in dispersed geographical locations. This paper proposes a scheme to secure data provenance in the cloud while offering the encrypted search.


Secure Data Provenance Encrypted Cloud Storage Security Privacy 


  1. 1.
    Aldeco-Pérez, R., Moreau, L.: Securing Provenance-Based Audits. In: McGuinness, D.L., Michaelis, J.R., Moreau, L. (eds.) IPAW 2010. LNCS, vol. 6378, pp. 148–164. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society (2007)Google Scholar
  3. 3.
    Braun, U., Shinnar, A., Seltzer, M.: Securing provenance. In: Proceedings of the 3rd Conference on Hot Topics in Security, pp. 4:1–4:5. USENIX Association, Berkeley (2008)Google Scholar
  4. 4.
    Buneman, P., Khanna, S., Tan, W.-C.: Data Provenance: Some Basic Issues. In: Kapoor, S., Prasad, S. (eds.) FST TCS 2000. LNCS, vol. 1974, pp. 87–93. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Buneman, P., Khanna, S., Tan, W.-C.: Why and Where: A Characterization of Data Provenance. In: Van den Bussche, J., Vianu, V. (eds.) ICDT 2001. LNCS, vol. 1973, pp. 316–330. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Davidson, S.B., Khanna, S., Roy, S., Boulakia, S.C.: Privacy issues in scientific workflow provenance. In: Proceedings of the 1st International Workshop on Workflow Approaches to New Data-centric Science, Wands 2010, pp. 3:1–3:6. ACM, New York (2010)Google Scholar
  7. 7.
    Davidson, S.B., Khanna, S., Roy, S., Stoyanovich, J., Tannen, V., Chen, Y.: On provenance and privacy. In: Proceedings of the 14th International Conference on Database Theory, ICDT 2011, pp. 3–10. ACM, New York (2011)Google Scholar
  8. 8.
    Dong, C., Russello, G., Dulay, N.: Shared and searchable encrypted data for untrusted servers. J. Comput. Secur. 19, 367–397 (2011)Google Scholar
  9. 9.
    Hasan, R., Sion, R., Winslett, M.: The case of the fake picasso: preventing history forgery with secure provenance. In: Proccedings of the 7th Conference on File and Storage Technologies, pp. 1–14. USENIX Association, Berkeley (2009)Google Scholar
  10. 10.
    Hasan, R., Sion, R., Winslett, M.: Preventing history forgery with secure provenance. Trans. Storage 5, 12:1–12:43 (2009)Google Scholar
  11. 11.
    Jung, I.Y., Yeom, H.Y.: Provenance security guarantee from origin up to now in the e-science environment. Journal of Systems Architecture (2010) (in press, corrected proof)Google Scholar
  12. 12.
    Lu, R., Lin, X., Liang, X., Shen, X.: Secure provenance: the essential of bread and butter of data forensics in cloud computing. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, pp. 282–292. ACM, New York (2010)CrossRefGoogle Scholar
  13. 13.
    Moreau, L., Clifford, B., Freire, J., Futrelle, J., Gil, Y., Groth, P., Kwasnikowska, N., Miles, S., Missier, P., Myers, J., Plale, B., Simmhan, Y., Stephan, E., Van den Bussche, J.: The open provenance model core specification (v1.1). In: Future Generation Computer Systems (2010) (in press)Google Scholar
  14. 14.
    Moreau, L., Freire, J., Futrelle, J., McGrath, R.E., Myers, J., Paulson, P.: The Open Provenance Model: An Overview. In: Freire, J., Koop, D., Moreau, L. (eds.) IPAW 2008. LNCS, vol. 5272, pp. 323–326. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Muniswamy-Reddy, K.-K., Holland, D.A., Braun, U., Seltzer, M.: Provenance-aware storage systems. In: Proceedings of the Annual Conference on USENIX 2006 Annual Technical Conference, pp. 4–4. USENIX Association, Berkeley (2006)Google Scholar
  16. 16.
    Muniswamy-Reddy, K.-K., Macko, P., Seltzer, M.: Provenance for the cloud. In: Proceedings of the 8th USENIX Conference on File and Storage Technologies, pp. 14–15. USENIX Association, Berkeley (2010)Google Scholar
  17. 17.
    Muniswamy-Reddy, K.-K., Seltzer, M.: Provenance as first class cloud data. SIGOPS Oper. Syst. Rev. 43, 11–16 (2010)CrossRefGoogle Scholar
  18. 18.
    Ram, S., Liu, J.: Understanding the Semantics of Data Provenance to Support Active Conceptual Modeling. In: Chen, P.P., Wong, L.Y. (eds.) ACM-L 2006. LNCS, vol. 4512, pp. 17–29. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Sar, C., Cao, P.: Lineage file system (2005),
  20. 20.
    Tan, V., Groth, P., Miles, S., Jiang, S., Munroe, S., Tsasakou, S., Moreau, L.: Security Issues in a SOA-Based Provenance System. In: Moreau, L., Foster, I. (eds.) IPAW 2006. LNCS, vol. 4145, pp. 203–211. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Zhou, W., Mao, Y., Loo, B.T., Abadi, M.: Unified declarative platform for secure netwoked information systems. In: Proceedings of the 2009 IEEE International Conference on Data Engineering, pp. 150–161. IEEE Computer Society, Washington, DC (2009)CrossRefGoogle Scholar
  22. 22.
    Zhou, W., Sherr, M., Tao, T., Li, X., Loo, B.T., Mao, Y.: Efficient querying and maintenance of network provenance at internet-scale. In: Proceedings of the 2010 International Conference on Management of Data, SIGMOD 2010, pp. 615–626. ACM, New York (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Muhammad Rizwan Asghar
    • 1
    • 2
  • Mihaela Ion
    • 1
    • 2
  • Giovanni Russello
    • 1
  • Bruno Crispo
    • 2
  1. 1.Create-NetItaly
  2. 2.University of TrentoItaly

Personalised recommendations