Towards semantics for provenance security

Authors:
Stephen Chong
Affiliations:
School of Engineering and Applied Sciences, Harvard University
Venue:
TAPP'09 First workshop on on Theory and practice of provenance
Year:
2009

Citing 5
Cited 8

Scientific Workflow Provenance Querying with Security Views

WAIM '08 Proceedings of the 2008 The Ninth International Conference on Web-Age Information Management
Securing provenance

HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
The case of the fake Picasso: preventing history forgery with secure provenance

FAST '09 Proccedings of the 7th conference on File and storage technologies
Security issues in a SOA-Based provenance system

IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

Provenance: a future history

Proceedings of the 24th ACM SIGPLAN conference companion on Object oriented programming systems languages and applications
The Foundations for Provenance on the Web

Foundations and Trends in Web Science
Provenance security guarantee from origin up to now in the e-Science environment

Journal of Systems Architecture: the EUROMICRO Journal
A core calculus for provenance

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Tracing where and who provenance in Linked Data: A calculus

Theoretical Computer Science
A propagation model for provenance views of public/private workflows

Proceedings of the 16th International Conference on Database Theory
Interaction provenance model for unified authentication factors in service oriented computing

Proceedings of the 4th ACM conference on Data and application security and privacy
A core calculus for provenance

Journal of Computer Security - Security and Trust Principles

Quantified Score

Hi-index	0.00

Visualization

Abstract

Provenance records the history of data. Careless use of provenance may violate the security policies of data. Moreover, the provenance itself may be sensitive information, necessitating restrictions on the use of both data and provenance to enforce security requirements. This paper proposes extensional semantic definitions for provenance security. The semantic definitions require that provenance information released to the user does not reveal confidential data, and that neither the provenance information given to the user, nor the program's output, reveal sensitive provenance information.