Font Size: a A A

Secured data provenance using semantic web technologies

Posted on:2012-03-09Degree:Ph.DType:Thesis
University:The University of Texas at DallasCandidate:Cadenhead, TyroneFull Text:PDF
GTID:2458390011952257Subject:Computer Science
Provenance is the lineage of a resource (or data item) and is essential for various domains, including healthcare, intelligence, E-science, legal and industry. The ongoing mutual relationships among entities in these domains rely on sharing quality information, which has created a critical need for provenance in these domains. However, revealing complete provenance raises security concerns, as provenance contains both sensitive and non-sensitive information. The main challenge of protecting provenance lies in its directed graph structure. This structure captures the history of data items and their causal relationships. Furthermore, current security policies such as access control and redaction were mainly developed for protecting single data items or data records; and therefore cannot extend to protecting the lineage of a data item. Therefore, A security model for provenance is missing.;In this thesis, we present a security framework for provenance, which extends the definition of traditional policies to allow specification of policies over a provenance document. The policies are extended in two dimensions. First, we extend the policies to adapt to changing environments with the use of key Semantic Web technologies. Second, we extend the definition of the policies to include the notion of a provenance path or lineage.;The main contributions of this thesis are as follows: · Flexible policies, which are independent of our implementation. A domain user may use any policy language that describes the security policies of the domain. A suitable parser will produce a correct low-level policy. · Definition of an access control policy language for provenance. We can now protect provenance not only as comprising of single data items, but also as paths in a connected directed graph. · Perform Redaction over a Provenance graph. This is accomplished using the application of a graph grammar technique to circumvent parts of a provenance graph. · Semantic Web-based inference attacks. A risk-based inference approach is taken to decide suitable tradeoffs for hiding and sharing provenance.
Keywords/Search Tags:Provenance, Data, Semantic, Policies
Related items