Scientific Workflow Provenance Querying with Security Views
Provenance, the metadata that pertains to the derivation history of a data product, has become increasingly important in scientific workflow environments. In many cases, both data products and their provenance can be sensitive and effective access control mechanisms are essential to protect their confidentiality. In this paper, we propose i) a formalization of scientific workflow provenance as the basis for querying and access control; ii) a security specification mechanism for provenance at various granularity levels and the derivation of a full security specification based on inheritance, overriding, and conflict resolution rules; iii) a formalization of security views that are derived from a scientific workflow run provenance for different roles of users; and iv) a framework that integrates abstraction views and security views such that a user can examine provenance at different abstraction levels while respecting the security policy prescribed for her. We have developed the SECPROV prototype to validate the effectiveness of our approach.
Artem Chebotko Seunghan Chang Shiyong Lu Farshad Fotouhi Ping Yang
Department of Computer Science,Wayne State University,Detroit,MI,48202,USA Department of Computer Science, Binghamton University, Binghamton, NY, 13902, USA
国际会议
The Ninth International Conference on Web-Age Information Management(第九届web时代信息管理国际会议)(WAIM 2008)
张家界
英文
2008-07-20(万方平台首次上网日期,不代表论文的发表时间)