Securing Provenance

DSpace/Manakin Repository

Securing Provenance

Citable link to this page


Title: Securing Provenance
Author: Braun, Uri Jacob; Shinnar, Avraham; Seltzer, Margo I.

Note: Order does not necessarily reflect citation order of authors.

Citation: Braun, Uri, Avraham Shinnar, and Margo Seltzer. 2008. Securing provenance. In Proceedings of the 3rd USENIX Workshop on Hot Topics in Security (HotSec '08), July 29, 2008, San Jose, CA. Berkeley, CA: USENIX Association.
Full Text & Related Files:
Abstract: Provenance describes how an object came to be in its present state. Intelligence dossiers, medical records and corporate financial reports capture provenance information. Many of these applications call for security, but existing security models are not up to the task. Provenance is a causality graph with annotations. The causality graph connects the various participating objects describing the process that produced an object’s present state. Each node represents an object and each edge represents a relationship between two objects. This graph is an immutable directed acyclic graph (DAG). Existing security models do not apply to DAGs nor do they easily extend to DAGs. Any model to control access to the structure of the graph must integrate with existing security models for the objects. We need to develop an access control model tailored to provenance and study how it interacts with existing access control models. This paper frames the problem and identifies issues requiring further research.
Published Version:
Terms of Use: This article is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at
Citable link to this page:
Downloads of this work:

Show full Dublin Core record

This item appears in the following Collection(s)


Search DASH

Advanced Search