Proactive Provenance Policies for Automatic Cryptographic Data Centric Security

by   Shamaria Engram, et al.

Data provenance analysis has been used as an assistive measure for ensuring system integrity. However, such techniques are typically reactive approaches to identify the root cause of an attack in its aftermath. This is in part due to fact that the collection of provenance metadata often results in a deluge of information that cannot easily be queried and analyzed in real time. This paper presents an approach for proactively reasoning about provenance metadata within the Automatic Cryptographic Data Centric (ACDC) security architecture, a new security infrastructure in which all data interactions are considered at a coarse granularity, similar to the Function as a Service model. At this scale, we have found that data interactions are manageable for the proactive specification and evaluation of provenance policies – constraints placed on provenance metadata to prevent the consumption of untrusted data. This paper provides a model for proactively evaluating provenance metadata in the ACDC paradigm as well as a case study of an electronic voting scheme to demonstrate the applicability of ACDC and the provenance policies needed to ensure data integrity.



There are no comments yet.


page 3


Practical Cryptographic Data Integrity Protection with Full Disk Encryption Extended Version

Full Disk Encryption (FDE) has become a widely used security feature. Al...

XRD: Scalable Messaging System with Cryptographic Privacy

Even as end-to-end encrypted communication becomes more popular, private...

A Write-Friendly and Fast-Recovery Scheme for Security Metadata in NVM

Non-Volatile Memories (NVMs) have attracted the attentions of academia a...

Data Lake Ingestion Management

Data Lake (DL) is a Big Data analysis solution which ingests raw data in...

Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy

Existing systems for metadata-hiding messaging that provide cryptographi...

Hardening X.509 Certificate Issuance using Distributed Ledger Technology

The security of cryptographic communication protocols that use X.509 cer...

Close-reading of Linked Data: a case study in regards to the quality of online authority files

More and more cultural institutions use Linked Data principles to share ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.