Do you know where your data’s been? — tamper-evident database provenance

Abstract

Abstract. Database provenance chronicles the history of updates and modifica-tions to data, and has received much attention due to its central role in scientific data management. However, the use of provenance information still requires a leap of faith. Without additional protections, provenance records are vulnerable to acci-dental corruption, and even malicious forgery, a problem that is most pronounced in the loosely-coupled multi-user environments often found in scientific research. This paper investigates the problem of providing integrity and tamper-detection for database provenance. We propose a checksum-based approach, which is well-suited to the unique characteristics of database provenance, including non-linear prove-nance objects and provenance associated with multiple fine granularities of data. We demonstrate that the proposed solution satisfies a set of desirable security prop-erties, and that the additional time and space overhead incurred by the checksum approach is manageable, making the solution feasible in practice.