Data Provenance architecture to support Information Assurance in a Multi-Level Secure Environment
We describe a framework for capturing data provenance information to support Information assurance attributes like availability, authentication, confidentiality, integrity and non-repudiation. Our approach is applicable to multi-level secure systems where it is not always possible to directly provid...
Saved in:
Published in | MILCOM 2009 - 2009 IEEE Military Communications Conference pp. 1 - 7 |
---|---|
Main Authors | , , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
01.10.2009
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | We describe a framework for capturing data provenance information to support Information assurance attributes like availability, authentication, confidentiality, integrity and non-repudiation. Our approach is applicable to multi-level secure systems where it is not always possible to directly provide data source and data transformation information. We achieve this by combining the subjective and objective trust in data as a "Figure of Merit" value that can cross security boundaries. Our architecture captures the data provenance information around the 'invariant' part of a message in an XML-based SOA architecture. We also introduce the notion of 'wrappers' so that data provenance can be added on while minimizing impact to an existing workflow. We outline a simulation-based framework that allows us to inject faults to model various threats and attacks. We also discuss a dashboard view of a workflow that brings together the intrinsic information assurance attributes of a workflow as it was designed as well as its execution in a deployed system. The dashboard can also be used for "what-if analysis to understand vulnerabilities and determine impact of compromised assets . |
---|---|
AbstractList | We describe a framework for capturing data provenance information to support Information assurance attributes like availability, authentication, confidentiality, integrity and non-repudiation. Our approach is applicable to multi-level secure systems where it is not always possible to directly provide data source and data transformation information. We achieve this by combining the subjective and objective trust in data as a "Figure of Merit" value that can cross security boundaries. Our architecture captures the data provenance information around the 'invariant' part of a message in an XML-based SOA architecture. We also introduce the notion of 'wrappers' so that data provenance can be added on while minimizing impact to an existing workflow. We outline a simulation-based framework that allows us to inject faults to model various threats and attacks. We also discuss a dashboard view of a workflow that brings together the intrinsic information assurance attributes of a workflow as it was designed as well as its execution in a deployed system. The dashboard can also be used for "what-if analysis to understand vulnerabilities and determine impact of compromised assets . |
Author | Moitra, A. Crapo, A. Barnett, B. Dill, S.J. |
Author_xml | – sequence: 1 givenname: A. surname: Moitra fullname: Moitra, A. organization: Gen. Electr. Global Res., Niskayuna, NY, USA – sequence: 2 givenname: B. surname: Barnett fullname: Barnett, B. organization: Gen. Electr. Global Res., Niskayuna, NY, USA – sequence: 3 givenname: A. surname: Crapo fullname: Crapo, A. organization: Gen. Electr. Global Res., Niskayuna, NY, USA – sequence: 4 givenname: S.J. surname: Dill fullname: Dill, S.J. organization: Lockheed Martin IS&GS, Frederick, MD, USA |
BookMark | eNpFkM1OAjEYRatCIiBPwKYvMNjfabskCEoyBBPZk6Z8jTXQkk6HxLdXlOjqLs69Z3GHqBdTBIQmlEwpJeZxvWrmm_WUEWKmkiujpbhBQyqYEJJxw27RgFEpKyV1ffcPtOj9AaX7aHgRGC6Jqu_RuG0_CCGU6ZoZOkD2yRaLX3M6Q7TRAbbZvYcCrnQZcEm47U6nlAteRZ_y0ZaQIp61bZd_2iFii9fdoYSqgTMc8Bu4y3ARzyGneIRYHlDf20ML42uO0Ha52M5fqmbzvJrPmioYUiqmhNVGOGL2TCstOVWUUCVrB1qyvZFeCcWY9ZQ45inUtabAiKfcfF_jOR-hya82AMDulMPR5s_d9Tb-BTncXKw |
ContentType | Conference Proceeding |
DBID | 6IE 6IH CBEJK RIE RIO |
DOI | 10.1109/MILCOM.2009.5379854 |
DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library Online IEEE Proceedings Order Plans (POP) 1998-present |
DatabaseTitleList | |
Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library Online url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
DeliveryMethod | fulltext_linktorsrc |
Discipline | Engineering |
EISBN | 1424452392 9781424452392 |
EISSN | 2155-7586 |
EndPage | 7 |
ExternalDocumentID | 5379854 |
Genre | orig-research |
GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO RNS |
ID | FETCH-LOGICAL-i90t-274a894c09d28785317101756ce852d95f74722af10c2f1e6681e20f139537f33 |
IEDL.DBID | RIE |
ISBN | 1424452384 9781424452385 |
ISSN | 2155-7578 |
IngestDate | Wed Jun 26 19:22:42 EDT 2024 |
IsPeerReviewed | false |
IsScholarly | true |
LCCN | 2009935076 |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-i90t-274a894c09d28785317101756ce852d95f74722af10c2f1e6681e20f139537f33 |
PageCount | 7 |
ParticipantIDs | ieee_primary_5379854 |
PublicationCentury | 2000 |
PublicationDate | 2009-Oct. |
PublicationDateYYYYMMDD | 2009-10-01 |
PublicationDate_xml | – month: 10 year: 2009 text: 2009-Oct. |
PublicationDecade | 2000 |
PublicationTitle | MILCOM 2009 - 2009 IEEE Military Communications Conference |
PublicationTitleAbbrev | MILCOM |
PublicationYear | 2009 |
Publisher | IEEE |
Publisher_xml | – name: IEEE |
SSID | ssj0001286291 ssj0000451112 |
Score | 1.8028138 |
Snippet | We describe a framework for capturing data provenance information to support Information assurance attributes like availability, authentication,... |
SourceID | ieee |
SourceType | Publisher |
StartPage | 1 |
SubjectTerms | Authentication Collaboration Computer languages Data security Information security Peer to peer computing Routing Service oriented architecture Simple object access protocol Transport protocols |
Title | Data Provenance architecture to support Information Assurance in a Multi-Level Secure Environment |
URI | https://ieeexplore.ieee.org/document/5379854 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwELbaTrDwaBFveWDErZ3aiT2XVgW1wFCkblXs2FKFlKKSLPx6zk76ADGwJZGlxK_cd-f7vkPojkVOikhooqXKCFhoSjQ4GiSmRnEeac1CKHv6HI_f-NNczBvofsuFsdaG5DPb9ZfhLD9bmdKHynqinygpeBM1JY0qrtY2nuJ1Ulhtqqv4CmD1UDAPjJogXrZ9w-sC30vyjdxTfS9qRSJGVW_6OBm8TCsty_qVP2qvBNMzOkLTzUdXGSfv3bLQXfP1S8_xv706Rp0dyQ-_bs3XCWrY_BQd7ukTtlH6kBapbwR_RL868P6xAy5W-LP88Pgd16QmP8kYJrxch9bLHKc4MHzJxOcm4RDct3i4I9d10Gw0nA3GpK7JQJaKFgR82FQqbqjKwNUCU88Sv6dF7KufRpkSLvHqk6lj1ESO2TiWzEbUAc6Ebrp-_wy18lVuzxHOHEAJSTV4UIY7Q9PEAVphWSa5E1aaC9T2Y7X4qFQ3FvUwXf79-AodhHOekGZ3jVrFurQ3ABcKfRvWyTduLLZu |
link.rule.ids | 310,311,786,790,795,796,802,27956,55107 |
linkProvider | IEEE |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwELZKGYCFR4t444ERt3ZqJ85cWrXQFIYidavixJYqpLQqycKv5-ykDxADWxJZSvzKd3e-7zuEHphnpPCEIkqGKQGEpkSBo0F8moSce0oxF8qOxv7gnT9PxbSGHjdcGK21Sz7TLXvpzvLTRVLYUFlbdIJQCr6H9gHnaVCytTYRFauUwiqwLiMsYK27knkAa4JY4fY1swu8L8nXgk_Vvag0iRgN29Fw1H2NSjXL6qU_qq848Okfo2j92WXOyUeryFUr-fql6Pjffp2g5pbmh982AHaKajo7Q0c7CoUNFD_FeWwbwT_Rrg-8e_CA8wX-LJbWgscVrclOM4YpL1au9TzDMXYcXzKy2UnYhfc17m3pdU006fcm3QGpqjKQeUhzAl5sLEOe0DAFZwvAngV2Vwvf1j_10lCYwOpPxobRxDNM-75k2qMGLE3opul0zlE9W2T6AuHUgDEhqQIfKuEmoXFgwF5haSq5EVoml6hhx2q2LHU3ZtUwXf39-B4dDCbRaDYajl-u0aE79XFJdzeonq8KfQvGQ67u3Jr5BkEhucI |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=MILCOM+2009+-+2009+IEEE+Military+Communications+Conference&rft.atitle=Data+Provenance+architecture+to+support+Information+Assurance+in+a+Multi-Level+Secure+Environment&rft.au=Moitra%2C+A.&rft.au=Barnett%2C+B.&rft.au=Crapo%2C+A.&rft.au=Dill%2C+S.J.&rft.date=2009-10-01&rft.pub=IEEE&rft.isbn=9781424452385&rft.issn=2155-7578&rft.eissn=2155-7586&rft.spage=1&rft.epage=7&rft_id=info:doi/10.1109%2FMILCOM.2009.5379854&rft.externalDocID=5379854 |
thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2155-7578&client=summon |
thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2155-7578&client=summon |
thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2155-7578&client=summon |