Layering in Provenance Systems Kiran-Kumar Muniswamy-Reddy , Uri - PowerPoint PPT Presentation

Layering in Provenance Systems Kiran-Kumar Muniswamy-Reddy , Uri Braun, David A. Holland, Peter Macko, Diana Maclean, Daniel Margo, Margo Seltzer, Robin Smogor

 Observes system calls that applications make and infers relationships between objects write Process P C Prov. records read read B A

Application Prov. records write read PASS Prov. records

Browser URL1 URL2 URL3 write read PASS Prov. records

Browser URL1 virus.com Browser knows virus came from PASS knows which virus.com, but write files were affected, doesn’t know but doesn’t know which files were PASS where the virus came affected from

Browser URL1 URL2 URL3 Need an interface to disclose file URL write read PASS Prov. records

Browser Need an interface to Plug-in module disclose plug-in algorithm browser URL1 URL2 URL3 write read PASS Prov. records

Browser Tab URL1 URL2 URL3 write read How do you represent a tab in PASS? Need to represent PASS Prov. records objects non-existent in another layer

Browser Tab URL1 URL2 URL3 Writing prov and data separately can compromise write Prov. records consistency PASS

Browser Tab Cache URL Cycles spanning layers PASS

Browser Tab URL1 URL2 URL3 pass_write: File data + URL2 PASS Prov. records

Browser Tab Cache’ Issue Cache pass_freeze PASS

Browser Tab URL1 URL2 pass_write( f pass_write( f fd = pass_mkobj d,..,URL1) d,..,URL2) PASS Prov. records

Application Data-set fd = pass_write( f pass_write( f pass_mkobj pass_write( f d,…, file1) d,…, file2) d,…, file3) PASS files

 A set of wrappers to track provenance in Python applications  Wrap objects, modules, basic types, and output files  Create Python bindings for DPAPI

Browser Tab Tab’s provenance: URL1, URL2 are not manifested on disk, until URL1 URL2 it writes to a file. If you want to save the provenance even without file write, use pass_sync PASS Prov. records