data provenance at internet scale architecture
play

Data Provenance at Internet Scale: Architecture, Experiences, and - PowerPoint PPT Presentation

Dec 18, 2022 •30 likes •960 views

Data Provenance at Internet Scale: Architecture, Experiences, and the Road Ahead Ang Chen, Yang Wu, Andreas Haeberlen, Boon Thau Loo, Wenchao Zhou Motivation D E A foo.com Alice C B An example scenario: network routing System

  1. Data Provenance at Internet Scale: Architecture, Experiences, and the Road Ahead Ang Chen, Yang Wu, Andreas Haeberlen, Boon Thau Loo, Wenchao Zhou

  2. Motivation D E A foo.com Alice C B • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  3. Motivation D E A foo.com Alice C B Route r 1 • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  4. Motivation Route r 2 D E A foo.com Alice C B • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  5. Motivation Route r 2 Why did my route to D E foo.com change?! A foo.com Alice C B • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  6. Motivation Route r 2 Why did my route to D E foo.com change?! A foo.com Innocent Reason? Alice C B • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  7. Motivation Route r 2 Why did my route to D E foo.com change?! A foo.com Innocent Reason? Software Bugs? Alice C B • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  8. Motivation Route r 2 Why did my route to D E foo.com change?! A foo.com Innocent Reason? Software Bugs? Alice C B Malicious Attack? • An example scenario: network routing – System administrator observes strange behavior – Example: the route to foo.com has suddenly changed – Anomalies in distributed systems • Need a way to explain system behavior. 2

  9. Data-centric Perspective on Network Debugging D E foo.com A Alice B C • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) 3

  10. Data-centric Perspective on Network Debugging D E foo.com route(A, foo.com) route(A, B) A Alice route(A, D) …… B C • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) 3

  11. Data-centric Perspective on Network Debugging D E foo.com route(A, foo.com) route(A, B) A Alice route(A, D) link(A, B) …… link(A, D) B C • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) 3

  12. Data-centric Perspective on Network Debugging D E foo.com route(A, foo.com) A Alice B C • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) – Idea : Explanation as reasoning about distributed state dependencies 3

  13. Data-centric Perspective on Network Debugging D E foo.com route(A, foo.com) A link(A, B) route(B, foo.com) Alice B C • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) – Idea : Explanation as reasoning about distributed state dependencies 3

  14. Data-centric Perspective on Network Debugging D E foo.com route(A, foo.com) A link(A, B) route(B, foo.com) Alice route(C, foo.com) B C link(C, foo.com) link(B, C) • We assume a general distributed system – Network consists of nodes (routers, middleboxes, ...) – The state of a node is a set of tuples (routes, config, ...) – Idea : Explanation as reasoning about distributed state dependencies 3

  15. Network Provenance [SIGMOD 2010] route(D, foo.com) route(E, foo.com) D E link(D, E) link(E, B) foo.com route(A, foo.com) A link(A, B) route(B, foo.com) Alice route(C, foo.com) B C link(C, foo.com) link(B, C) 4

  16. Network Provenance [SIGMOD 2010] route(D, foo.com) route(E, foo.com) link(D, E) link(E, B) route(A, foo.com) link(A, B) route(B, foo.com) route(C, foo.com) link(C, foo.com) link(B, C) • Provenance for encoding distributed state dependencies – Explains the derivation of tuples – Captures the dependencies between tuples as a graph 4

  17. Network Provenance [SIGMOD 2010] route(A, foo.com) link(A, B) route(B, foo.com) route(C, foo.com) link(C, foo.com) link(B, C) • Provenance for encoding distributed state dependencies – Explains the derivation of tuples – Captures the dependencies between tuples as a graph – Explanation of a tuple is an acyclic graph rooted at the tuple 4

  18. NetTrails: First Generation Network Provenance Tool http://netdb.cis.upenn.edu/nettrails/ [SIGMOD 2011 demo] • 5

  19. Network Provenance Research (2010 – 2017) Network provenance [SIGMOD’10] • Secure network provenance [SOSP’11] • Explanations Provenance in dynamic environments [VLDB’13] • Negative provenance [SIGCOMM’14] • Distributed provenance compression [SIGMOD’17] • Deeper Differential provenance [SIGCOMM’16] • diagnostics and Meta- provenance [NSDI’17] • repair Ph.D. dissertation work of Ang Chen (2017), Chen Chen (2017), Yang Wu (2017), and Wenchao Zhou (2012). 6

  20. Assumption #1: All nodes in the network can be trusted Route r 2 Why did my route to D E foo.com change?! A foo.com Alice C B 7

  21. Assumption #1: All nodes in the network can be trusted Route r 2 Q: Explain why the route to foo.com D E changed to r2. A foo.com Alice C B The Network 7

  22. Assumption #1: All nodes in the network can be trusted Route r 2 Q: Explain why the route to foo.com D E changed to r2. A foo.com Alice C B The Network A: Because someone accessed Router D and changed the configuration from X to Y. 7

  23. Assumption #1: All nodes in the network can be trusted Route r 2 Q: Explain why the route to foo.com D E changed to r2. A foo.com Alice C B The Network A: Because someone accessed Router D and changed the configuration from X to Y. Not realistic: adversary can tell lies 7

  24. Challenge: Adversaries Can Lie I should cover up the intrusion. Route r 2 Q: Explain why the route to foo.com D E changed to r2. A foo.com Alice C B The Network  Problem: a dversary can …  ... fabricate plausible (yet incorrect) response  … point accusation towards innocent nodes 8

  25. Challenge: Adversaries Can Lie Everything is fine. Router E advertised a new route. Route r 2 Q: Explain why the route to foo.com D E changed to r2. A foo.com Alice C B The Network  Problem: a dversary can …  ... fabricate plausible (yet incorrect) response  … point accusation towards innocent nodes 8

  26. Secure Network Provenance (SNP) SOSP 2011 route(D, foo.com) route(E, foo.com) link(D, E) link(E, B) route(A, foo.com) link(A, B) route(B, foo.com) route(C, foo.com) link(C, foo.com) link(B, C) • Step 1: Each node keeps vertices about local actions – Split cross-node communications 9

  27. Secure Network Provenance (SNP) SOSP 2011 • Step 1: Each node keeps vertices about local actions – Split cross-node communications 9

  28. Secure Network Provenance (SNP) SOSP 2011 • Step 1: Each node keeps vertices about local actions – Split cross-node communications 9

  29. Secure Network Provenance (SNP) SOSP 2011 • Step 1: Each node keeps vertices about local actions – Split cross-node communications 9

  30. Secure Network Provenance (SNP) SOSP 2011 RECV SEND • Step 1: Each node keeps vertices about local actions – Split cross-node communications 9

  31. Secure Network Provenance (SNP) SOSP 2011 RECV SEND • Step 1: Each node keeps vertices about local actions – Split cross-node communications • Step 2: Make the graph tamper-evident 9

  32. SNP Guarantees Route r 2 Q: Why did my route to D E foo.com change to r2? A foo.com Alice C B The Network A: Because someone accessed Router D and changed its router configuration from X to Y. • No faults: Explanation is complete and accurate • Byzantine fault: Explanation identifies at least one faulty node 10

  33. SNP Guarantees Route r 2 Q: Why did my route to D E foo.com change to r2? A foo.com Alice C B The Network A: Because someone accessed Router D and changed its router configuration from X to Y. • No faults: Explanation is complete and accurate • Byzantine fault: Explanation identifies at least one faulty node 10

  34. SNP Guarantees Route r 2 Q: Why did my route to D E foo.com change to r2? A foo.com Alice C B The Network A: Because someone accessed Router D and changed its router configuration from X to Y. • No faults: Explanation is complete and accurate • Byzantine fault: Explanation identifies at least one faulty node 10

Recommend

Provenance of astronomical data The IVOA Provenance Working Group: Catherine Boisson Franois

Provenance of astronomical data The IVOA Provenance Working Group: Catherine Boisson Franois

Provenance Data Model Provenance of astronomical data The IVOA Provenance Working Group: Catherine Boisson Franois Bonnarel Johan Bregeon Pierre Le Sidaner Julien Lefaucheur Mireille Louys Markus Nullmeier Ana Palacios Kristin Riebe

360 views • 22 slides
Provenance from the data provider view constructing provenance information for the APPLAUSE

Provenance from the data provider view constructing provenance information for the APPLAUSE

Provenance from the data provider view constructing provenance information for the APPLAUSE archive Anastasia Galkin Ole Streicher Kristin Riebe Harry Enke EDP Forum Heidelberg 2018 6 Constructing the provenance Used Used for or the

610 views • 15 slides
Secure Data Provenance in Home Energy Monitoring Networks Ming Hong Chia, Sye Loong Keoh, Zhaohui

Secure Data Provenance in Home Energy Monitoring Networks Ming Hong Chia, Sye Loong Keoh, Zhaohui

Secure Data Provenance in Home Energy Monitoring Networks Ming Hong Chia, Sye Loong Keoh, Zhaohui Tang 1 Outline Data Provenance and Smart Metering Security Threats and Requirements Proposed Architecture Threshold Cryptography

368 views • 22 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
Sharing Experiments and their Provenance David Koop Juliana Freire Large-Scale Visualization and

Sharing Experiments and their Provenance David Koop Juliana Freire Large-Scale Visualization and

Sharing Experiments and their Provenance David Koop Juliana Freire Large-Scale Visualization and Data Analysis (VIDA) Center Polytechnic Institute of New York University www.vistrails.org NSF Community Codes 2012 Science Today 011100101

631 views • 47 slides
Internet-Scale Event Notification: Architecture Alternatives Jie Ren Information and Computer

Internet-Scale Event Notification: Architecture Alternatives Jie Ren Information and Computer

Internet-Scale Event Notification: Architecture Alternatives Jie Ren Information and Computer Science University of California, Irvine 05/08/2000 Before Routing Event Types: protocol or business? Routing Paradigm: on subject, or

198 views • 3 slides
Towards Semantics for Provenance Security Stephen Chong Harvard University TaPP 09

Towards Semantics for Provenance Security Stephen Chong Harvard University TaPP 09

Towards Semantics for Provenance Security Stephen Chong Harvard University TaPP 09 Provenance security Some data are sensitive Must ensure provenance does not reveal sensitive data E.g., John participated in medical study S reveals

277 views • 27 slides
Challenges in managing implicit and abstract provenance data: experiences with ProvManager

Challenges in managing implicit and abstract provenance data: experiences with ProvManager

Workshop on the Theory and Practice of Provenance 2011 Challenges in managing implicit and abstract provenance data: experiences with ProvManager Anderson Marinho, Marta Mattoso, Cludia Werner, Vanessa Braganholo, Leonardo Murta

785 views • 12 slides
Automated Metadata, Provenance Cataloging and Navigable Interfaces: Ensuring the Usefulness of

Automated Metadata, Provenance Cataloging and Navigable Interfaces: Ensuring the Usefulness of

Automated Metadata, Provenance Cataloging and Navigable Interfaces: Ensuring the Usefulness of Extreme-Scale Data David Schissel, Gheni Abla, Bobby Chanthavong, Sean Flanagan, Xia Lee General Atomics Alex Romosan, Arie Shoshani - LBNL

360 views • 19 slides
Big Data, Big Problem Data-intensive systems are highly complex Manipulate large-scale

Big Data, Big Problem Data-intensive systems are highly complex Manipulate large-scale

Towards Big Data Provenance Daniel Deutch Blavatnik School of Computer Science, Raymond and Beverly Sackler Faculty of Exact Sciences Tel Aviv University cartoon by T. Gregorius Big Data, Big Problem Data-intensive systems are highly

358 views • 6 slides
Scalable Uncertainty Management 03 Provenance Rainer Gemulla May 18, 2012 Overview In this

Scalable Uncertainty Management 03 Provenance Rainer Gemulla May 18, 2012 Overview In this

Scalable Uncertainty Management 03 Provenance Rainer Gemulla May 18, 2012 Overview In this lecture Introduction to datalog What is provenance? Which types of provenance do exist? Lineage Why-provenance How-provenance How to

466 views • 43 slides
ZooKeeper Wait-free coordination for Internet-scale systems Patrick Hunt and Mahadev (Yahoo!

ZooKeeper Wait-free coordination for Internet-scale systems Patrick Hunt and Mahadev (Yahoo!

ZooKeeper Wait-free coordination for Internet-scale systems Patrick Hunt and Mahadev (Yahoo! Grid) Flavio Junqueira and Benjamin Reed (Yahoo! Research) Internet-scale Challenges Lots of servers, users, data FLP, CAP Mere mortal

271 views • 24 slides
Whats the Problem? What does it mean to collect provenance when you dont control:

Whats the Problem? What does it mean to collect provenance when you dont control:

Provenance in the Wild Peter Macko, Margo Seltzer June 14, 2012 Whats the Problem? What does it mean to collect provenance when you dont control: The data (types, format, organization, structure) The operators The

445 views • 10 slides
France integration of Provenance data: the Bibale database Zakad Narodowy im. Ossoliskich ,

France integration of Provenance data: the Bibale database Zakad Narodowy im. Ossoliskich ,

France integration of Provenance data: the Bibale database Zakad Narodowy im. Ossoliskich , Wrocaw 29-30 October 2016 Monique Hulvey Federating at the national level? Research on provenance is an international project In France,

296 views • 15 slides
VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY

VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY

VERSIONING, VERSIONING, PROVENANCE, AND PROVENANCE, AND REPRODUCABILITY REPRODUCABILITY Christian Kaestner Required reading: Halevy, Alon, Flip Korn, Natalya F. Noy, Christopher Olston, Neoklis Polyzotis, Sudip Roy, and Steven Euijong

755 views • 46 slides
End-to-end principle All control in end stations by Dave Clark e.g. error and flow

End-to-end principle All control in end stations by Dave Clark e.g. error and flow

Introduction to routing in the Internet Internet architecture IPv4, ICMP, ARP Addressing, routing principles (Chapters 23 in Huitema) Internet-1 S-38.121 / Fall-04 / RKa, NB Internet Architecture Principles End-to-end principle All

893 views • 21 slides
Open Source Tools for Mining and Analysing Web Data @ Scale Kris Carpenter Negulescu, Internet

Open Source Tools for Mining and Analysing Web Data @ Scale Kris Carpenter Negulescu, Internet

Open Source Tools for Mining and Analysing Web Data @ Scale Kris Carpenter Negulescu, Internet Archive Annual Meeting, Washington DC July 20, 2011 Key Problems to Address & Primary Benefits Archived Web Data is often isolated,

262 views • 5 slides
A World on NDN Affordances and Implications of the Named Data Networking Future Internet

A World on NDN Affordances and Implications of the Named Data Networking Future Internet

A World on NDN Affordances and Implications of the Named Data Networking Future Internet Architecture Shilton, Burke, claffy, Duan, Zhang Examines the social impacts of NDN generated by key aspects of the architecture and critical

277 views • 6 slides
Future Internet Future Internet Internet has evolved from 4-node network to ubiquituous, global

Future Internet Future Internet Internet has evolved from 4-node network to ubiquituous, global

An Architecture for An Architecture for Supporting Future Internet Supporting Future Internet Applications Applications Sebastian Mies Institute of Telematics, University of Karlsruhe (TH), Germany The SpoVNet Consortium: University of

268 views • 11 slides
VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants

VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants

VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants Nodir Kodirov , Sam Bayless, Fabian Ruffy, Ivan Beschastnikh, Holger Hoos, Alan Hu Network Functions (NF) are useful and widespread Security

649 views • 40 slides
VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants

VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants

VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants Nodir Kodirov , Sam Bayless, Fabian Ruffy, Ivan Beschastnikh, Holger Hoos, Alan Hu Network Functions (NF) are useful and widespread Security

1.07k views • 41 slides
Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and

Internet-scale Experimentation The challenges of large-scale networked system experimentation and measurements MIT Tech Review on The Loon Project The state of affairs An ever growing Internet ~3 billion people 15 billion devices

1.21k views • 107 slides
Trusted Architecture for Secure Shared Services (with Privacy), Future of Internet PPP, and

Trusted Architecture for Secure Shared Services (with Privacy), Future of Internet PPP, and

TAS 3 Trusted Architecture for Secure Shared Services (with Privacy), Future of Internet PPP, and Internet of Subject Personal Data Store Sampo Kellomki (sampo@zxidp.org) 11. October 2010, IIW London 09 TAS 3 Intro and Vision EU FP7

968 views • 75 slides
Fine Grain Provenance Using Temporal Databases Outline of the talk Use case: Classic

Fine Grain Provenance Using Temporal Databases Outline of the talk Use case: Classic

<Insert Picture Here> Fine Grain Provenance Using Temporal Databases Outline of the talk Use case: Classic management of patient data Data types, queries History Security and context information Fine grain provenance

401 views • 19 slides

More recommend