-
Securing Provenance
Uri Braun, Avi Shinnar, and Margo Seltzer.
- Abstract
-
Provenance describes how an object came to be in its present state. Intelligence dossiers, medical records and corporate financial reports capture provenance information. Many of these applications call for security, but existing security models are not up to the task.
Provenance is a causality graph with annotations. The causality graph connects the various participating objects describing the process that produced an object's present state. Each node represents an object and each edge represents a relationship between two objects. This graph is an immutable directed acyclic graph (DAG). Existing security models do not apply to DAGs nor do they easily extend to DAGs. Any model to control access to the structure of the graph must integrate with existing security models for the objects. We need to develop an access control model tailored to provenance and study how it interacts with existing access control models. This paper frames the problem and identifies issues requiring further research.
- Full Paper
- The full paper is available as a PDF.
- Citation
-
- Bibtex Citation
-
@InProceedings{braun08:securing_provenance, author = {Uri Braun and Avraham Shinnar and Margo Seltzer}, title = {Securing Provenance}, booktitle = {The 3rd USENIX Workshop on Hot Topics in Security}, year = 2008, series = {USENIX HotSec}, month = {July}, pages = {1--5}, location = {San Jose, CA}, publisher = {USENIX Association}, address = {Berkeley, CA, USA} } - ACM Link
- The ACM page has more information and more citation formats.