Supporting secure provenance update by keeping "provenance" of the provenance

Amril Syalim, Takashi Nishide, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

Original languageEnglish
Title of host publicationInformation and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings
Pages363-372
Number of pages10
DOIs
Publication statusPublished - Mar 25 2013
EventInternational Conference on Information and Communication Technology, ICT-EurAsia 2013 - Yogyakarta, Indonesia
Duration: Mar 25 2013Mar 29 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7804 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

OtherInternational Conference on Information and Communication Technology, ICT-EurAsia 2013
CountryIndonesia
CityYogyakarta
Period3/25/133/29/13

Fingerprint

Provenance
Update
Data storage equipment
Signature
Vertex of a graph
Requirements
Data Storage
Inconsistency

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Syalim, A., Nishide, T., & Sakurai, K. (2013). Supporting secure provenance update by keeping "provenance" of the provenance. In Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings (pp. 363-372). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7804 LNCS). https://doi.org/10.1007/978-3-642-36818-9_40

Supporting secure provenance update by keeping "provenance" of the provenance. / Syalim, Amril; Nishide, Takashi; Sakurai, Kouichi.

Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings. 2013. p. 363-372 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7804 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Syalim, A, Nishide, T & Sakurai, K 2013, Supporting secure provenance update by keeping "provenance" of the provenance. in Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7804 LNCS, pp. 363-372, International Conference on Information and Communication Technology, ICT-EurAsia 2013, Yogyakarta, Indonesia, 3/25/13. https://doi.org/10.1007/978-3-642-36818-9_40
Syalim A, Nishide T, Sakurai K. Supporting secure provenance update by keeping "provenance" of the provenance. In Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings. 2013. p. 363-372. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-36818-9_40
Syalim, Amril ; Nishide, Takashi ; Sakurai, Kouichi. / Supporting secure provenance update by keeping "provenance" of the provenance. Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings. 2013. pp. 363-372 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{810a45731f734f768a59d96f9343657f,
title = "Supporting secure provenance update by keeping {"}provenance{"} of the provenance",
abstract = "Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the {"}provenance{"} of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.",
author = "Amril Syalim and Takashi Nishide and Kouichi Sakurai",
year = "2013",
month = "3",
day = "25",
doi = "10.1007/978-3-642-36818-9_40",
language = "English",
isbn = "9783642368172",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "363--372",
booktitle = "Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings",

}

TY - GEN

T1 - Supporting secure provenance update by keeping "provenance" of the provenance

AU - Syalim, Amril

AU - Nishide, Takashi

AU - Sakurai, Kouichi

PY - 2013/3/25

Y1 - 2013/3/25

N2 - Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

AB - Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

UR - http://www.scopus.com/inward/record.url?scp=84875176069&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84875176069&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-36818-9_40

DO - 10.1007/978-3-642-36818-9_40

M3 - Conference contribution

SN - 9783642368172

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 363

EP - 372

BT - Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings

ER -