We show that it is both possible and practical to efficiently and scalably maintain and query provenance in a distributed fashion, where provenance maintenance and querying are modeled as recursive continuous queries over distributed relations. We then propose enhancements to the provenance model that allow operators to reliably query provenance information in adversarial environments. Our extensions incorporate tamper-evident properties which provide the guarantee that operators can eventually detect the presence of compromised nodes that lie or falsely implicate correct nodes. Finally, we present ongoing efforts that consider privacy protection of sensitive information in provenance maintenance and querying, and discuss our work in the context of our longer term vision towards provably secure distributed systems.
12-12
Secure Provenance in Distributed Systems
Operators of distributed systems often find themselves needing to answer
forensic questions, to perform a variety of managerial tasks including fault
detection, system debugging, accountability enforcement, and attack analysis.
In this talk, we present Secure Provenance, a novel approach that provides the
fundamental functionality required for answering such forensic questions -- the
capability to "explain'' the existence (or change) of a certain distributed
system state at a given time in a potentially adversarial environment.
Date and Time
Monday December 12, 2011 11:00am -
12:00pm
Location
Computer Science 402
Event Type
Speaker
Host
Jennifer Rexford
Contributions to and/or sponsorship of any event does not constitute departmental or institutional endorsement of the specific program, speakers or views presented.