TProv: Towards a Trusted Provenance-Aware Service Based on Trusted Computing
Authors: 
Wu Luo, Anbang Ruan, Qingni Shen, Zhonghai WuAuthors Info & Claims
Pages 67 - 83
Abstract
With the rapid development of cloud computing, system and data security become concerns due to user losing control of his machines and internal attacks. Provenance is an essential approach to establish data and system trustworthiness for cloud computing services, as it summarizes the history of objects and the actions performed on them. However, the current existing provenance-aware solutions either depend on applications in the user-space or fail to convey a genuine provenance information to a cloud user to do a further analysis. Thus they are vulnerable to a malicious privileged administrator or adversary attacking in an untrusted network. In order to solve these problems, we design TProv to establish a trusted provenance-aware service with the help of Trusted Computing. In addition, we introduce Merkle Hash Tree to reduce the length of Chain of Trust and enable parallel validation for the trustworthiness of provenance information, thus TProv decreases the overhead of the huge size of provenance information and the cost of operating trusted hardware, e.g. Trusted Platform Module. The experimental results reflect TProv’s effectiveness and efficiency.
References
[1]
Abera, T., Asokan, N., Davi, L., Koushanfar, F., Paverd, A., Sadeghi, A.R., Tsudik, G.: Invited-things, trouble, trust: on building trust in IoT systems. In: Proceedings of the 53rd Annual Design Automation Conference, p. 121. ACM (2016)
[2]
Alliance, T.C.P.: Main specification. Version 1, pp. 1–284 (2000)
[3]
Bates, A.M., Tian, D., Butler, K.R., Moyer, T.: Trustworthy whole-system provenance for the Linux kernel. In: Usenix Security, pp. 319–334 (2015)
[4]
Bertino E Garcia-Alfaro J, Herrera-Joancomartí J, Lupu E, Posegga J, Aldini A, Martinelli F, and Suri N Data trustworthiness—approaches and research challenges Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance 2015 Cham Springer 17-25
[5]
Criswell, J., Dautenhahn, N., Adve, V.: KCoFI: complete control-flow integrity for commodity operating system kernels. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 292–307. IEEE (2014)
[6]
Gehani A and Tariq D Narasimhan P and Triantafillou P SPADE: support for provenance auditing in distributed environments Middleware 2012 2012 Heidelberg Springer 101-120
[7]
Gholami, A., Laure, E.: Security and privacy of sensitive data in cloud computing: a survey of recent developments. arXiv preprint arXiv:1601.01498 (2016)
[8]
Hasan Ragib, Sion Radu, and Winslett Marianne Preventing history forgery with secure provenance ACM Transactions on Storage 2009 5 4 1-43
[9]
Hasan, R., Sion, R., Winslett, M.: SPROV 2.0: a highly-configurable platform-independent library for secure provenance. In: ACM Conference on Computer and Communications Security (CCS) (2009)
[10]
Lyle, J., Martin, A.P., et al.: Trusted computing and provenance: better together. In: TaPP (2010)
[11]
Maliszewski, R., Sun, N., Wang, S., Wei, J., Qiaowei, R.: Trusted boot (tboot) (2015)
[12]
Manap, S.: Rootkit: attacker undercover tools. Pers. Commun. (2001)
[13]
Merkle, R.C.: Protocols for public key cryptosystems. In: 1980 IEEE Symposium on Security and Privacy, p. 122. IEEE (1980)
[14]
Mitchell C Trusted Computing 2005 Stevenage IET
[15]
Muniswamy-Reddy, K.K., Holland, D.A., Braun, U., Seltzer, M.I.: Provenance-aware storage systems. In: USENIX Annual Technical Conference, General Track, pp. 43–56 (2006)
[16]
Muniswamy-Reddy, K.K., Macko, P., Seltzer, M.I.: Provenance for the cloud. In: FAST, pp. 15–28 (2010)
[17]
Murilo, N., Steding-Jessen, K.: Chkrootkit-locally checks for signs of a rootkit (2014)
[18]
Nguyen, D., Park, J., Sandhu, R.: Dependency path patterns as the foundation of access control in provenance-aware systems. In: TaPP (2012)
[19]
Pohly, D.J., McLaughlin, S., McDaniel, P., Butler, K.: Hi-Fi: collecting high-fidelity whole-system provenance. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 259–268. ACM (2012)
[20]
Rauter, T., Höller, A., Kajtazovic, N., Kreiner, C.: Privilege-based remote attestation: towards integrity assurance for lightweight clients. In: Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, pp. 3–9. ACM (2015)
[21]
Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67–77. ACM (2004)
[22]
Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: USENIX Security Symposium, vol. 13, pp. 223–238 (2004)
[23]
Salem MB, Hershkop S, and Stolfo SJ Stolfo SJ, Bellovin SM, Keromytis AD, Hershkop S, Smith SW, and Sinclair S A survey of insider attack detection research Insider Attack and Cyber Security 2008 Boston Springer 69-90
[24]
Son, J., Koo, S., Choi, J., Choi, S.J., Baek, S., Jeon, G., Park, J.H., Kim, H.: Quantitative analysis of measurement overhead for integrity verification. In: Proceedings of the Symposium on Applied Computing, pp. 1528–1533. ACM (2017)
[25]
Song, C., Lee, B., Lu, K., Harris, W., Kim, T., Lee, W.: Enforcing kernel security invariants with data flow integrity. In: NDSS (2016)
[26]
Stumpf, F., Fuchs, A., Katzenbeisser, S., Eckert, C.: Improving the scalability of platform attestation. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 1–10. ACM (2008)
[27]
Tariq, D., Baig, B., Gehani, A., Mahmood, S., Tahir, R., Aqil, A., Zaffar, F.: Identifying the provenance of correlated anomalies. In: Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 224–229. ACM (2011)
[28]
Zhang, X., Edwards, A., Jaeger, T.: Using CQUAL for static analysis of authorization hook placement. In: USENIX Security Symposium, pp. 33–48 (2002)
[29]
Zhou, W., Fei, Q., Narayan, A., Haeberlen, A., Loo, B.T., Sherr, M.: Secure network provenance. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 295–310. ACM (2011)
Recommendations
Trusted computing and provenance: better together
TAPP'10: Proceedings of the 2nd conference on Theory and practice of provenanceIt is widely realised that provenance systems can benefit from greater awareness of security principles and the use of security technology. In this paper, we argue that Trusted Computing, a hardware-based method for establishing platform integrity, is ...
Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications
CCSW '11: Proceedings of the 3rd ACM workshop on Cloud computing security workshopThe applications we use are increasingly packaged as network services running in the cloud under the control of a service provider. Users of these services have no basis to determine if these services are trustworthy, beyond the assurances of the ...
Trusted Cloud Computing Architectures for infrastructure as a service: Survey and systematic literature review
AbstractCloud computing is no longer the future but the present. Security and trust are critical in cloud computing, but how can cloud service tenants trust cloud service providers to store all their private data on the cloud? Trusted ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Jun 2018
515 pages
© Springer International Publishing AG, part of Springer Nature 2018.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 25 June 2018
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 04 Feb 2025