A Provenance-Aware Policy Language (cProvl) and a Data Traceability Model (cProv) for the Cloud

Book chapter

Ali, M. and Moreau, Luc 2013. A Provenance-Aware Policy Language (cProvl) and a Data Traceability Model (cProv) for the Cloud. in: 2013 International Conference on Cloud and Green Computing IEEE. pp. 479-486
AuthorsAli, M. and Moreau, Luc

Provenance plays a pivotal in tracing the origin
of something and determining how and why something had
occurred. With the emergence of the cloud and the benefits it
encompasses, there has been a rapid proliferation of services
being adopted by commercial and government sectors. However,
trust and security concerns for such services are on an unprecedented
scale. Currently, these services expose very little internal
working to their customers; this can cause accountability and
compliance issues especially in the event of a fault or error,
customers and providers are left to point finger at each other.
Provenance-based traceability provides a mean to address part of
this problem by being able to capture and query events occurred
in the past to understand how and why it took place. However,
due to the complexity of the cloud infrastructure, the current
provenance models lack the expressibility required to describe
the inner-working of a cloud service. For a complete solution, a
provenance-aware policy language is also required for operators
and users to define policies for compliance purpose. The current
policy standards do not cater for such requirement.
To address these issues, in this paper we propose a provenance
(traceability) model cProv, and a provenance-aware policy language
(cProvl) to capture traceability data, and express policies
for validating against the model. For implementation, we have
extended the XACML3.0 architecture to support provenance, and
provided a translator that converts cProvl policy and request into
XACML type.

Book title2013 International Conference on Cloud and Green Computing
Page range479-486
Publication dates
Print19 Dec 2013
Publication process dates
Deposited30 Sep 2016
Event2013 IEEE Third International Conference on Cloud and Green Computing (CGC 2013)
Web address (URL)http://dx.doi.org/10.1109/CGC.2013.81
Copyright holderIEEE
Additional information

Presented at The 2nd International Symposium on Privacy and Security
in Cloud and Social Networks (PriSecCSN 2013).

© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Accepted author manuscript
Permalink -


Download files

  • 76
    total views
  • 316
    total downloads
  • 0
    views this month
  • 105
    downloads this month

Export as