Towards semantics for provenance security
TAPP'09 First workshop on on Theory and practice of provenance
Scalable access controls for lineage
TAPP'09 First workshop on on Theory and practice of provenance
Grouping Provenance Information to Improve Efficiency of Access Control
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Do You Know Where Your Data's Been? --- Tamper-Evident Database Provenance
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Privacy issues in scientific workflow provenance
Proceedings of the 1st International Workshop on Workflow Approaches to New Data-centric Science
Searching workflows with hierarchical views
Proceedings of the VLDB Endowment
The Foundations for Provenance on the Web
Foundations and Trends in Web Science
Proceedings of the 14th International Conference on Database Theory
Provenance views for module privacy
Proceedings of the thirtieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Surrogate parenthood: protected and informative graphs
Proceedings of the VLDB Endowment
PROPUB: towards a declarative approach for publishing customized, policy-aware provenance
SSDBM'11 Proceedings of the 23rd international conference on Scientific and statistical database management
Reconciling provenance policy conflicts by inventing anonymous nodes
ESWC'11 Proceedings of the 8th international conference on The Semantic Web
A propagation model for provenance views of public/private workflows
Proceedings of the 16th International Conference on Database Theory
A declarative approach to customize workflow provenance
Proceedings of the Joint EDBT/ICDT 2013 Workshops
| Hi-index | 0.00 |
Provenance, the metadata that pertains to the derivation history of a data product, has become increasingly important in scientific workflow environments. In many cases, both data products and their provenance can be sensitive and effective access control mechanisms are essential to protect their confidentiality. In this paper, we propose i) a formalization of scientific workflow provenance as the basis for querying and access control; ii) a security specification mechanism for provenance at various granularity levels and the derivation of a full security specification based on inheritance, overriding, and conflict resolution rules; iii) a formalization of security views that are derived from a scientific workflow run provenance for different roles of users; and iv) a framework that integrates abstraction views and security views such that a user can examine provenance at different abstraction levels while respecting the security policy prescribed for her. We have developed the SecProv prototype to validate the effectiveness of our approach.