Transparent Web Service Auditing via Network Provenance Functions.

In this work, we present a transparent provenance-based approach for auditing web services through the introduction of Network Provenance Functions (NPFs). ... NPFs are a distributed architecture for capturing detailed data provenance for web service components, leveraging the key insight that mediation of an application's protocols can be used to infer its activities ... Acknowledgements We would like to Mugdha Kumar for her assistance with the extension of Linux Provenance Modules. ...

doi:10.1145/3038912.3052640 dblp:conf/www/BatesHBDRCMS17 fatcat:vplzmesjqnfl3c6vt6wsya7m2m

PETS is built on open web standards and introduces the Provenance Tracking Network (PTN), an open global trusted network of peer servers, to the traditional web stack. ... To circumvent this issue, we have developed Privacy Enabling Transparent Systems (PETS) that makes transparency a key component in systems architectures. ... We put forward a proposal for the underlying architecture for PETS using a global network of peer servers dedicated to preserving provenance of data and usages called the Provenance Tracking Network, along ...

doi:10.1109/pst.2014.6890931 dblp:conf/pst/SeneviratneK14 fatcat:7bnlvmkvyrhunbkq3fcul7gjpa

In a service oriented architecture [37] , services from several sources are composed to perform higher-level, more complex business functions. ... Amazon EC2/ S3 [3, 4] , Microsoft Azure [5] ) are still not providing full transparency and capabilities for the tracking and auditing of the file access history and data provenance [6] of both the ...

doi:10.1109/services.2011.91 dblp:conf/services/KoJMPKLL11 fatcat:jhab5xbvubehnjnfz45gu7jedi

In this paper, we propose a user-centric approach which returns data control to the data owners -empowering users with data provenance, transparency and auditability, homomorphic encryption, situation ... When we upload or create data into the cloud or the web, we immediately lose control of our data. ... Acknowledgements This research is supported by STRATUS (Security Technologies Returning Accountability, Trust and User-Centric Services in the Cloud) (https://stratus.org.nz), a science investment project ...

doi:10.1007/978-3-319-27161-3_6 fatcat:mberng3n2zhslmosqcqf3nraau

It operates as a service, peering with remote instances to enable distributed provenance queries. ... Ancestor and descendant queries are transparently propagated across hosts until a terminating expression is satisfied, while distributed path queries are accelerated with provenance sketches. ... Unmodified applications could ensure that a file's provenance was transparently transferred across network connections. ...

doi:10.1007/978-3-642-35170-9_6 fatcat:cksqjm2oejgq7pef53a3vt5swi

In the trust network [22] the identity provider and cloud service provider which have the authentication services and auditing functions etc. ... Figure1 represents the interaction between web service provider and customer, who access the WS via web browser (e.g.: Mozilla Firefox, Internet explorer, Google chrome etc).the Web browser access the ...

doi:10.5120/6226-8278 fatcat:qjj3up2ujfhbjepqoh7maxdrqe

We present DAP, a transparent architecture for capturing detailed data provenance for web service components. ... of web services. ... This limitation is comparable to the manner in which provenance and audit services track file manipulations at the system call layer; for instance, although the event of a process writing to a file is ...

arXiv:1609.00266v1 fatcat:4spvnliyz5avpakkh5wcpkxvhe

A web-based user interface is also implemented to visualize the data from the blockchain and ease the interaction with the blockchain network. ... We explore the core functionalities of blockchain applied to clinical trials and illustrate its general principle concretely. ... This web application can interact with the fabric network to operate on the resources and perform functions via the REST server's endpoint APIs. ...

doi:10.1155/2021/5554487 pmid:34368352 pmcid:PMC8346314 fatcat:i3q4te56znflpfeu3larsjd7ua

DOAJ

Acknowledgements This work was supported by the US National Science Foundation under grant SSI-1450277 End-to-End Provenance, and the UK Engineering and Physical Sciences Research Council grant EP/K011510 ... Our own provenance capture in CamFlow allows for the collection of provenance across a distributed system via the publication of provenance data over messaging middleware such as Apache ActiveMQ, 5 MQTT ... Current practice for the use of web services is often that the "small print" of the terms and conditions of use explicitly ask users to effectively agree to waive their various rights to privacy and data ...

doi:10.1007/s00779-017-1067-4 fatcat:xtckfdkhtngbzn4old2po3y2oi

modules, and testing the integrated service, in order to achieve the planned functionality. ... The D4Science e-infrastructure also has proven solutions for connecting to external computing platforms and means for orchestrating distributed services, which will be instrumental for smart connections ... to support the interchange of provenance information on the Web). ...

doi:10.5281/zenodo.6330564 fatcat:euwdupmai5gulg432jjgfeyi24

Open Access

modules, and testing the integrated service, in order to achieve the planned functionality. ... In this report, the current architecture and functionalities of each of these components are described in detail as well as the roles of partners that are developing and hosting modules. ... to support the interchange of provenance information on the Web). ...

doi:10.5281/zenodo.6334925 fatcat:yinmvw5iyvbh7famauntlmi2du

Open Access

In order to cope with the new audit requirements in a web service environment, one needs to deliver a concept for a collaborative, flexible, legislation compliant, application independent audit system. ... The technological key to open business environments is the use of web services. Web services are a loosely-coupled, standardized way of linking business logic across borders and platforms. ... Web-service security is about making sure that the integrity and confidentiality of messages is ensured as they are passed on via the Simple Object Access Protocol. ...

doi:10.1007/978-0-387-35693-8_10 fatcat:vqy3cr55fjedfk7ipay2relh5u

and so on, and more importantly provide a mechanism to derive an 'audit trail' for the data reuse with the help of a trusted intermediary called a 'Provenance Tracker Network'. ... This protocol will enable data consumers and data producers to agree to specific usage restrictions, preserve the provenance of data transferred from a web server to a client and back to another web server ... I have also deployed an overlay network on Planetlab that implements the functionality of the provenance trackers. VI. ...

doi:10.1145/2187980.2188006 dblp:conf/www/Seneviratne12 fatcat:qthnj75ycrg3fid4bzxe5nngze

that arrays massive numbers of computers in centralized data centers to deliver web-based applications, application platforms, and services via a utility model [25, 59] . ... Microsoft Azure Services Platform 4 ) and Software as a Service (SaaS), which offers network accessible applications (e.g. Google docs 5 . ... Provenance Increased data and service transparency in the cloud is another impediment to widespread cloud adoption. ...

doi:10.11591/closer.v1i3.790 fatcat:hqlgnmrmwnanfl53kcsbxoarpy

At the core of any transparency architecture is the logging of events in relation to the processing and sharing of personal data. ... Primary obligations include: obtaining explicit consent from the data subject for the processing of personal data, providing full transparency with respect to the processing, and enabling data rectification ... [19] also discuss how transparency and accountability can be achieved via distributed accountability peers that communicate using existing web protocols. ...

doi:10.1007/978-3-319-66284-8_28 fatcat:n7ea73jigvdazkgbr3buhykot4

Transparent Web Service Auditing via Network Provenance Functions

Preserved Fulltext

Enabling privacy through transparency

Preserved Fulltext

TrustCloud: A Framework for Accountability and Trust in Cloud Computing

Preserved Fulltext

STRATUS: Towards Returning Data Control to Cloud Users [chapter]

Preserved Fulltext

SPADE: Support for Provenance Auditing in Distributed Environments [chapter]

Preserved Fulltext

A Survey on Challenges of Integrating Web Service in Cloud Computing

Preserved Fulltext

Retrofitting Applications with Provenance-Based Security Monitoring [article]

Preserved Fulltext

A Permissioned Blockchain-Based Clinical Trial Service Platform to Improve Trial Data Transparency

Preserved Fulltext

Data provenance to audit compliance with privacy policy in the Internet of Things

Preserved Fulltext

D2.6 Blue Cloud Architecture - Release 1

Preserved Fulltext

D2.7 Blue Cloud Architecture (Release 2)

Preserved Fulltext

The Impact of Web Services on Audit [chapter]

Preserved Fulltext

Augmenting the web with accountability

Preserved Fulltext

Conceptualizing a Secure Wireless Cloud

Preserved Fulltext

Transparent Personal Data Processing: The Road Ahead [chapter]

Preserved Fulltext