Abstract:Provenance dependency path patterns are the foundations of many provenance based cloud data security measures. This article analyzes the importance of provenance dependency path pattern mining in provenance based security system with a linearization algorithm for provenance graphs that enables grammar induction and parsing of provenance data using automata models. A similarity measurement method is given for dependency paths based on grammar parsing with a dependency path pattern mining algorithm to reduce reliance on the domain knowledge and support automatic provenance rule learning. The feasibility and effectiveness of the approach are demonstrated by experiments.
Park J, Nguyen D, Sandhu R. A provenance-based access control model[C]//Privacy, Security and Trust (PST), 2012 Tenth Annual International Conference on. Paris, France:IEEE, 2012:137-144.
[2]
Sun L, Park J, Sandhu R. Engineering access control policies for provenance-aware systems[C]//Proceedings of the 3rd ACM conference on data and application security and privacy. San Antonio, CA USA:ACM, 2013:285-292.
[3]
Nguyen D, Park J, Sandhu R. Dependency path patterns as the foundation of access control in provenance-aware systems[C]//4th USENIX Workshop on the Theory and Practice of Provenance. Boston, MA USA:USENIX Association, 2012:4.
[4]
Nguyen D, Park J, Sandhu R. A provenance-based access control model for dynamic separation of duties[C]//Privacy, Security and Trust (PST), 2013 Eleventh Annual International Conference on. Tarragona, Spain:IEEE, 2013:247-256.
[5]
李斌, 王艺霏, 裴继升, 等. 基于溯源数据的业务流程合规性检测[J]. 清华大学学报(自然科学版), 2013, 53(12):1768-1776. LI Bin, WANG Yifei, PEI Jisheng, et al. Business process compliance checking based on provenance data[J]. J Tsinghua Univ (Sci & Tech), 2013, 53(12):1768-1776. (in Chinese)
[6]
Muniswamy-Reddy K K, Macko P, Seltzer M I. Provenance for the cloud[C]//8th USENIX Conference on File and Storage Technologies. San Jose, CA USA:USENIX Association, 2010:14-15.
[7]
Groth P, Moreau L. PROV-Overview:An Overview of The PROV Family of Documents[R]. Southampton, UK:W3C, 2013.
[8]
叶先一, 张福基. 偏序集上的一种拓扑排序[J]. 数学研究, 2005, 28(4):440-443. YE Xianyi, ZHANG Fuji. A topological sorting in partial order set[J]. Journal of Mathematical Study, 2005, 28(4):440-443. (in Chinese)
[9]
Carrasco R C, Oncina J. Learning stochastic regular grammars by means of a state merging method[M]//Grammatical Inference and Applications. Berlin Heidelberg:Springer, 1994:139-152.
[10]
Bergmann R, Müller G, Wittkowsky D. Workflow clustering using semantic similarity measures[M]//KI 2013:Advances in Artificial Intelligence. Berlin Heidelberg:Springer, 2013:13-24.
[11]
Margo D W, Smogor R. Using provenance to extract semantic file attributes[C]//4th USENIX Workshop on the Theory and Practice of Provenance. San Jose, CA, USA:USENIX Association, 2010:7-7.
[12]
Chen P, Plale B, Aktas M S. Temporal representation for mining scientific data provenance[J]. Future Generation Computer Systems, 2014, 36:363-378.