A Comprehensive Survey on the State-of-the-art Data Provenance Approaches for Security Enforcement

TL;DR

This survey comprehensively reviews current data provenance approaches, emphasizing their role in security enforcement, especially in IoT, and highlights future research directions for data management and analysis.

Contribution

It provides a comparative analysis of state-of-the-art provenance methods, classifies them, and discusses their application in IoT security and future challenges.

Findings

Provenance techniques vary based on frameworks and subjects of interest.

IoT data provenance is increasingly important due to device proliferation.

Identifies key future research directions in data management and analysis.

Abstract

Data provenance collects comprehensive information about the events and operations in a computer system at both application and system levels. It provides a detailed and accurate history of transactions that help delineate the data flow scenario across the whole system. Data provenance helps achieve system resilience by uncovering several malicious attack traces after a system compromise that are leveraged by the analyzer to understand the attack behavior and discover the level of damage. Existing literature demonstrates a number of research efforts on information capture, management, and analysis of data provenance. In recent years, provenance in IoT devices attracts several research efforts because of the proliferation of commodity IoT devices. In this survey paper, we present a comparative study of the state-of-the-art approaches to provenance by classifying them based on frameworks, deployed techniques, and subjects of interest. We also discuss the emergence and scope of data provenance in IoT networks. Finally, we present the urgency in several directions that data provenance needs to pursue, including data management and analysis.