Data Provenance Assurance using Blockchain

Overview

There is a need for assured data provenance in the cloud which will track changes to the data and identify the entity which caused the change. Blockchain technology has attracted interest due to a shared, distributed and fault-tolerant database that every participant in the network can share, ability to nullify adversaries by harnessing the computational capabilities of the honest nodes and information exchanged is resilient to manipulation.

In this project, we are developing a cloud based data provenance framework using block chain which traces data record operations and generates provenance data. We anchor provenance data records into block chain transactions, which provide validation on provenance data and preserve user privacy at the same time. Once the provenance data is uploaded to the global block chain network, it is extremely challenging to tamper the provenance data. Besides, the provenance data uses hashed user identifiers prior to uploading so the blockchain nodes cannot link the operations to a particular user. The framework ensures that the privacy is preserved. A preliminary prototype of the architecture has been developed in ownCloud and is available in form of a web service. The project is funded by Air Force Research Laboratory

Research Objectives

Ensuring data provenance records are anchored in a block chain network without monitoring by trusted third party

Anchored data provenance records in blockchain network are associated with access control policies

Preserving privacy of provenance data in blockchain network

Analyzing vulnerabilities in blockchain technology due to threats to Proof of Work, Proof of Stake or consensus processes.

Mitigate impact of threats to blockcloud

Technical Description

Monitor user activities in real time using hooks and listeners so that every user operation on files will be collected and recorded for generating provenance data.

Anchored data provenance records in blockchain network are associated with access control policies

Store all hashed data operations on blockchain network. Every node on the blockchain can verify the operation by mining the block so that data provenance is authentic and tamper-proof.

Hash the user ID when publishing provenance data so that the blockchain network and the provenance auditor cannot determine user identity and the data operations.

Provenance auditor validates provenance data by retrieving transactions from the blockchain network by using blockchain receipt which contains block and transaction information.

Publications:

[1] Xueping Liang, Sachin Shetty, Deepak Tosh, Charles Kamhoua, Kevin Kwiat and Laurent Njilla, "ProvChain: A Blockchain-based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability",  IEEE/ACM CCGRID 2017 (Acceptance Rate - 24 %), Video Demo.

[2] Deepak Tosh, Sachin Shetty, Xueping Liang, Charles Kamhoua, Kevin Kwiat and Laurent Njilla,” IEEE/ACM CCGRID 2017 (Acceptance Rate - 24 %),

[3] Sachin Shetty,Val Red, Charles Kamhoua, Kevin Kwiat and Laurent Njilla, “Data Provenance Assurance in Cloud Using Blockchain,” Proc. of SPIE Defense and Security Symposium , 2017 .

[4] Xueping Liang, Sachin Shetty, Juan Zhao, Daniel Bowden, Danyi Li and Jihong Liu, “Towards Decentralized Accountability and Self-Sovereignty in Healthcare Systems,” The 19th International Conference on Information and Communications Security (ICICS 2017), Beijing, China, Dec 2017

[5] Xueping Liang, Sachin Shetty, Deepak Tosh, Peter Foytik and Lingchen Zhang, “Towards a Trusted and Privacy Preserving Membership Service in Distributed Ledger using Intel Software Guard Extensions,” The 19th International Conference on Information and Communications Security (ICICS 2017), Beijing, China, Dec 2017

[6] Deepak Tosh, Sachin Shetty, Xueping Liang, Charles A. Kamhoua, Laurent Njilla, “Consensus Protocols for Blockchain-based Data Provenance: Challenges and Opportunities,” 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON) (Short Paper), NY, October 19-21, 2017

[7] Xueping Liang, Juan Zhao, Sachin Shetty, Jihong Liu, Danyi Li, “Integrating Blockchain for Data Sharing and Collaboration in Mobile Healthcare Applications,” IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, 08-13 October 2017, Montreal, QC, Canada

[8] Xueping Liang, Juan Zhao, Sachin Shetty, Danyi Li, “Towards Data Assurance and Resilience in IoT Using Distributed Ledger,” IEEE Milcom, October 23-25, 2017, Baltimore, MD, USA