Proactive Provenance Policies for Automatic Cryptographic Data Centric Security

TL;DR

This paper introduces a proactive approach to managing data provenance in a new security architecture called ACDC, enabling real-time enforcement of provenance policies to ensure data integrity.

Contribution

It proposes a model for proactively reasoning about provenance metadata within the ACDC architecture, enhancing real-time security policy enforcement.

Findings

Provenance policies can be effectively specified at coarse granularity.

The ACDC architecture supports manageable real-time provenance reasoning.

Case study demonstrates improved data integrity in electronic voting.

Abstract

Data provenance analysis has been used as an assistive measure for ensuring system integrity. However, such techniques are typically reactive approaches to identify the root cause of an attack in its aftermath. This is in part due to fact that the collection of provenance metadata often results in a deluge of information that cannot easily be queried and analyzed in real time. This paper presents an approach for proactively reasoning about provenance metadata within the Automatic Cryptographic Data Centric (ACDC) security architecture, a new security infrastructure in which all data interactions are considered at a coarse granularity, similar to the Function as a Service model. At this scale, we have found that data interactions are manageable for the proactive specification and evaluation of provenance policies -- constraints placed on provenance metadata to prevent the consumption of untrusted data. This paper provides a model for proactively evaluating provenance metadata in the ACDC paradigm as well as a case study of an electronic voting scheme to demonstrate the applicability of ACDC and the provenance policies needed to ensure data integrity.