Grouping Provenance Information to Improve Efficiency of Access Control
نویسندگان
چکیده
Provenance is defined in some literature as a complete documentation of process that led to an object. Provenance has been utilized in some contexts, i.e. database systems, file systems and grid systems. Provenance can be represented by a directed acyclic graph (DAG). In this paper we show an access control method to the provenance information that is represented by a directed acyclic graph and a method to improve efficiency of access control by grouping the provenance information. The idea of our model is that by controlling access to nodes, edges and paths in the provenance graph we may build an expressive access control model to the provenance graph. We improve the efficiency of access control model by grouping some related information in the provenance system. In our model, the provenance information is stored in a relational database. Before explaining our idea, we describe provenance store, provenance representation, and how to store provenance graph in a relational database.
منابع مشابه
Privacy-preserving Network Provenance
Network accountability, forensic analysis, and failure diagnosis are becoming increasingly important for network management and security. Network provenance significantly aids network administrators in these tasks by explaining system behavior and revealing the dependencies between system states. Although resourceful, network provenance can sometimes be too rich, revealing potentially sensitive...
متن کاملA Framework for Policies over Provenance
Provenance captures the history of a data item. This ensures the quality, the trustworthiness and the correctness of shared information, but the provenance may contain sensitive information so we may need to hide it. Sometimes we need access control policies to protect sensitive components and allow access based on certain properties. In other cases, we may need to share provenance but use reda...
متن کاملSpeech Acts and Tokens for Access Control and Provenance Tracking
In many applications, ontology-based technologies will be only only be successful if they support access control and provenance tracking. In this paper we present a novel approach to implementation of both access control and provenance in deductive information systems. A key feature of our approach is the explicit representation of speech acts as well as sentence tokens that are used to encode ...
متن کاملProvenance for SQL through Abstract Interpretation: Value-less, but Worthwhile
We demonstrate the derivation of fine-grained whereand why-provenance for a rich dialect of SQL that includes recursion, (correlated) subqueries, windows, grouping/aggregation, and the RDBMS’s library of built-in functions. The approach relies on ideas that originate in the programming language community—program slicing and abstract interpretation, in particular. A two-stage process first recor...
متن کاملSession and Network Support for Autonomous Context-Aware Multiparty Communications in Heterogeneous Mobile Systems
The increase of networking complexity requires the design of new performance optimization schemes for delivering different types of sessions to users under different conditions. In this regard, special attention is given to multi-homed environments, where mobile devices cross areas with overlapping access technologies (Wi-Fi, 3G, WiMax). In such a scenario, efficient multiparty delivery depends...
متن کامل