Title :
Verifying Digital Provenance in Web Services
Author :
Palmer, Ben ; Bubendorfer, Kris ; Welch, I.
Author_Institution :
Sch. of Eng. & Comput. Sci., Victoria Univ. of Wellington, Wellington, New Zealand
Abstract :
Web services often combine or ´´mashup´´ a collection of heterogeneous data sources. Service providers take data from various sources, including other service providers, and perform some computation or combination of the results and present it to the user. This paper is concerned with the provenance of data provided by web services. Provenance for services includes where the information that is provided by the service originated and who has operated on it. We use a provenance tag that is passed along with the result of the service and contains enough information to recreate a provenance graph. We consider the methods a malicious participant could use to try and fake this provenance information and provide a threat model and security analysis to show our protocol prevents these attacks. We also discuss exclusion attacks where a service provider tries to exclude some input from the provenance information provided.
Keywords :
Web services; security of data; Web services; digital provenance graph; heterogeneous data sources; provenance information; security analysis; threat model; Cloning; Data models; Protocols; Public key; Servers; Web services; Provenance; Verification; Web Services;
Conference_Titel :
Utility and Cloud Computing (UCC), 2011 Fourth IEEE International Conference on
Conference_Location :
Victoria, NSW
Print_ISBN :
978-1-4577-2116-8
DOI :
10.1109/UCC.2011.73
