A Provenance-Based Compliance Framework
نویسندگان
چکیده
Given the significant amount of personal information available on the Web, verifying its correct use emerges as an important issue. When personal information is published, it should be later used under a set of usage policies. If these policies are not followed, sensitive data could be exposed and used against its owner. Under these circumstances, processing transparency is desirable since it allows users to decide whether information is used appropriately. It has been argued that data provenance can be used as the mechanism to underpin such a transparency. Thereby, if provenance of data is available, processing becomes transparent since the provenance of data can be analysed against usage policies to decide whether processing was performed in compliance with such policies. The aim of this paper is to present a Provenance-based Compliance Framework that uses provenance to verify the compliance of processing to predefined information usage policies. It consists of a provenance-based view of past processing of information, a representation of processing policies and a comparison stage in which the past processing is analysed against the processing policies. This paper also presents an implementation using a very common on-line activity: on-line shopping .
منابع مشابه
Formal Policy-Based Provenance Audit
Data processing within large organisations is often complex, impeding both the traceability of data and the compliance of processing with usage policies. The chronology of the ownership, custody, or location of data — its provenance — provides the necessary information to restore traceability. However, to be of practical use, provenance records should include sufficient expressiveness by design...
متن کاملA Provenance-Based Policy Control Framework for Cloud Services
In the context of software, provenance holds the key to retaining a mirror instance of the lifespan of a service, which can be replayed/reproduced from the beginning. This entails the nature of invocations that took place, how/where the data were created, modified, updated and the user’s engagement with the service. With such an encyclopedia of information, it opens up a diversity of value-adde...
متن کاملStandardisation of Provenance Systems in Service Oriented Architectures
This White Paper presents provenance in computer systems as a mechanism by which business and e-science can undertake compliance validation and analysis of their past processes. We discuss an open approach that can bring benefits to application owners, IT providers, auditors and reviewers. In order to capitalise on such benefits, we make specific recommendations to move forward a standardisatio...
متن کاملTracing the Provenance of Object- Oriented Computations on RDF Data
This paper presents a new method for tracing the provenance of RDF data within object-oriented computations. The proposed approach eliminates the burden of manually keeping track of data provenance from software developers. Using object triple mapping, the source data items used for generating result data can be identified efficiently. The integration into an existing object triple mapping fram...
متن کاملTowards Semantic Provenance in CRISTAL
Traceability is an important feature of workflow based systems, and is a key source of provenance data. This paper presents CRISTAL, a mature software platform developed and used at CERN for experiment construction at the LHC. It is entirely workflow based capturing provenance on every aspect of its use from application development to end-user interaction. In this paper we summarize some initia...
متن کامل