|
The Provenance Aware Storage Systems project (PASS) currently collects
system-level provenance by intercept- ing system calls in the Linux
kernel and storing the provenance in a stackable filesystem. While this
ap- proach is reasonably efficient, it suffers from two sig- nificant
drawbacks: each new revision of the kernel re- quires reintegration of
PASS changes, the stability of which must be continually tested; also,
the use of a stack- able filesystem makes it difficult to collect
provenance on root volumes, especially during early boot. In this paper
we describe an approach to collecting system-level provenance from
virtual guest machines running under the Xen hypervisor. We make the case
that our approach alleviates the aforementioned difficulties and promotes
adoption of provenance collection within cloud comput- ing platforms.
|
