Supporting secure provenance update by keeping "provenance" of the provenance

Amril Syalim, Takashi Nishide, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

Original languageEnglish
Title of host publicationInformation and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings
Number of pages10
Publication statusPublished - 2013
EventInternational Conference on Information and Communication Technology, ICT-EurAsia 2013 - Yogyakarta, Indonesia
Duration: 25 Mar 201329 Mar 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7804 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Information and Communication Technology, ICT-EurAsia 2013


  • Data lineage
  • E-science
  • Provenance
  • Provenance Security


Dive into the research topics of 'Supporting secure provenance update by keeping "provenance" of the provenance'. Together they form a unique fingerprint.

Cite this