{"title":"Engineering access control policies for provenance-aware systems","authors":"Lianshan Sun, Jaehong Park, R. Sandhu","doi":"10.1145/2435349.2435390","DOIUrl":null,"url":null,"abstract":"Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.","PeriodicalId":118139,"journal":{"name":"Proceedings of the third ACM conference on Data and application security and privacy","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third ACM conference on Data and application security and privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2435349.2435390","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 16
Abstract
Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
