|
Do You Know Where Your Data's Been? Tamper-Evident Database Provenance
October 2009
Adriane Chapman, The MITRE Corporation
Jing Zhang, University of Michigan
Kristen LeFevre, University of Michigan
ABSTRACT
Database provenance chronicles the history of updates and modifications
to data, and has received much attention due to its central role in scientific
data management. However, the use of provenance information still requires a leap
of faith. Without additional protections, provenance records are vulnerable to accidental
corruption, and even malicious forgery, a problem that is most pronounced
in the loosely-coupled multi-user environments often found in scientific research.
This paper investigates the problem of providing integrity and tamper detection for
database provenance. We propose a checksum-based approach, which is well-suited
to the unique characteristics of database provenance, including non-linear provenance
objects and provenance associated with multiple fine granularities of data.
We demonstrate that the proposed solution satisfies a set of desirable security properties,
and that the additional time and space overhead incurred by the checksum
approach is manageable, making the solution feasible in practice.

Additional Search Keywords
N/A
|