Title :
Scientific Workflow Provenance Querying with Security Views
Author :
Chebotko, Artem ; Chang, Seunghan ; Lu, Shiyong ; Fotouhi, Farshad ; Yang, Ping
Author_Institution :
Dept. of Comput. Sci., Wayne State Univ., Detroit, MI
Abstract :
Provenance, the metadata that pertains to the derivation history of a data product, has become increasingly important in scientific workflow environments. In many cases, both data products and their provenance can be sensitive and effective access control mechanisms are essential to protect their confidentiality. In this paper, we propose i) a formalization of scientific workflow provenance as the basis for querying and access control; ii) a security specification mechanism for provenance at various granularity levels and the derivation of a full security specification based on inheritance, overriding, and conflict resolution rules; iii) a formalization of security views that are derived from a scientific workflow run provenance for different roles of users; and iv) a framework that integrates abstraction views and security views such that a user can examine provenance at different abstraction levels while respecting the security policy prescribed for her. We have developed the SecProv prototype to validate the effectiveness of our approach.
Keywords :
access control; meta data; query processing; security of data; SecProv; access control mechanisms; data products; granularity levels; scientific workflow provenance querying; security policy; security specification mechanism; security views; Access control; Computer science; Computer security; DNA; History; Information management; Information security; Protection; Proteins; Sequences; access control; provenance; querying; scientific workflow; security; security view;
Conference_Titel :
Web-Age Information Management, 2008. WAIM '08. The Ninth International Conference on
Conference_Location :
Zhangjiajie Hunan
Print_ISBN :
978-0-7695-3185-4
Electronic_ISBN :
978-0-7695-3185-4
DOI :
10.1109/WAIM.2008.41
