Grouping Provenance Information to Improve Efficiency of Access Control

Authors:
Amril Syalim;Yoshiaki Hori;Kouichi Sakurai
Affiliations:
Graduate School of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan;Faculty of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan;Faculty of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan
Venue:
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Year:
2009

Citing 7
Cited 2

A Framework for Collecting Provenance in Data-Centric Scientific Workflows

ICWS '06 Proceedings of the IEEE International Conference on Web Services
Scientific Workflow Provenance Querying with Security Views

WAIM '08 Proceedings of the 2008 The Ninth International Conference on Web-Age Information Management
A Model for Sharing of Confidential Provenance Information in a Query Based System

Provenance and Annotation of Data and Processes
The Open Provenance Model: An Overview

Provenance and Annotation of Data and Processes
Securing provenance

HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
A model for user-oriented data provenance in pipelined scientific workflows

IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Security issues in a SOA-Based provenance system

IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data

The Foundations for Provenance on the Web

Foundations and Trends in Web Science
A language for provenance access control

Proceedings of the first ACM conference on Data and application security and privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Provenance is defined in some literature as a complete documentation of process that led to an object. Provenance has been utilized in some contexts, i.e. database systems, file systems and grid systems. Provenance can be represented by a directed acyclic graph (DAG). In this paper we show an access control method to the provenance information that is represented by a directed acyclic graph and a method to improve efficiency of access control by grouping the provenance information. The idea of our model is that by controlling access to nodes, edges and paths in the provenance graph we may build an expressive access control model to the provenance graph. We improve the efficiency of access control model by grouping some provenance information. In our model, the provenance information is stored in a relational database. Before explaining our idea, we describe provenance store, provenance representation, and how to store provenance graph in a relational database.