Security & Provenance
Provenance is the difference between an output you believe and an output you can defend.
What Belongs Here
<ul><li>Lineage, chain of custody, and verifiable transformations</li><li>Threat models: ground, link, space segments</li><li>"Claim vs proof" and how to build systems that can be audited</li></ul>
Start Here
Data Provenance
SEC-001
Data provenance is the complete, verifiable record of where a piece of data came from, every transformation it underwent, and who or what performed those transformations. In satellite imagery and remote sensing, provenance is not a nice-to-have audit trail — it is the difference between evidence and hearsay.
Trusted Execution Environments for Geospatial Processing
SEC-003
A Trusted Execution Environment (TEE) is a hardware-enforced isolated region within a processor where code and data are protected from the rest of the system — including the operating system, hypervisor, and anyone with physical access to the machine. In geospatial processing, TEEs enable cryptographic proof that a specific transformation was applied to specific data, generated by hardware that the operator cannot tamper with. This is the mechanism that turns provenance from a claim into a proof.
Chain of Custody in Multi-Sensor Fusion
SEC-002
When multiple sensor datasets are combined — SAR with optical, optical with terrain models, thermal with multispectral — the provenance record is no longer a chain. It is a graph. Most processing systems were designed for linear workflows and cannot adequately represent what happens when data from independent sources converges into a single product. This is the central unsolved problem in geospatial data provenance.
Space Cybersecurity: The Attack Surface Above Us
SEC-004
Space systems are among the most critical and least defended digital infrastructure on Earth. Satellites underpin GPS navigation, financial transaction timing, weather forecasting, military communications, and Earth observation — yet most were designed with security as an afterthought, operate on decades-old firmware that cannot be patched remotely, and communicate over radio frequency links that are inherently exposed to interception, jamming, and spoofing. The attack surface spans three segments — ground, link, and space — each with distinct vulnerabilities. As the orbital population grows past 15,000 active satellites and commercial dependence deepens, the gap between threat sophistication and defensive capability is widening.
Key Concepts
- Lineage
- A graph, not a chain.
- Attestation
- The bridge from metadata to proof.
- Threat models
- Define what "secure" can mean.
All Entries
Chain of Custody in Multi-Sensor Fusion
SEC-002
When multiple sensor datasets are combined — SAR with optical, optical with terrain models, thermal with multispectral — the provenance record is no longer a chain. It is a graph. Most processing systems were designed for linear workflows and cannot adequately represent what happens when data from independent sources converges into a single product. This is the central unsolved problem in geospatial data provenance.
Data Provenance
SEC-001
Data provenance is the complete, verifiable record of where a piece of data came from, every transformation it underwent, and who or what performed those transformations. In satellite imagery and remote sensing, provenance is not a nice-to-have audit trail — it is the difference between evidence and hearsay.
Space Cybersecurity: The Attack Surface Above Us
SEC-004
Space systems are among the most critical and least defended digital infrastructure on Earth. Satellites underpin GPS navigation, financial transaction timing, weather forecasting, military communications, and Earth observation — yet most were designed with security as an afterthought, operate on decades-old firmware that cannot be patched remotely, and communicate over radio frequency links that are inherently exposed to interception, jamming, and spoofing. The attack surface spans three segments — ground, link, and space — each with distinct vulnerabilities. As the orbital population grows past 15,000 active satellites and commercial dependence deepens, the gap between threat sophistication and defensive capability is widening.
Trusted Execution Environments for Geospatial Processing
SEC-003
A Trusted Execution Environment (TEE) is a hardware-enforced isolated region within a processor where code and data are protected from the rest of the system — including the operating system, hypervisor, and anyone with physical access to the machine. In geospatial processing, TEEs enable cryptographic proof that a specific transformation was applied to specific data, generated by hardware that the operator cannot tamper with. This is the mechanism that turns provenance from a claim into a proof.
Coming Next
Signing EO products (hashes, manifests, tamper-evidence), Provenance as proof (claims to verifiable transformations)
Related Domains