An Access Control Model for Protecting Provenance Graphs

Liang Chen, Peter Edwards, John D Nelson, Timothy J Norman

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

24 Downloads (Pure)


Securing provenance has recently become an important research topic, resulting in a number of models for protecting access to provenance. Existing work has focused on graph transformation mechanisms that supply a user with a provenance view that satisfies both access control policies and validity constraints of provenance. However, it is not always possible to satisfy both of them simultaneously, because these two conditions are often inconsistent which require sophisticated conflict resolution strategies to be put in place. In this paper we develop a new access control model tailored for provenance. In particular, we explicitly take into account validity constraints of provenance when specifying certain parts of provenance to which access is restricted. Hence, a provenance view that is granted to a user by our authorisation mechanism would automatically satisfy the validity constraints. Moreover, we propose algorithms that allow provenance owners to deploy fine-grained access control for their provenance data.
Original languageEnglish
Title of host publication2015 13th Annual Conference on Privacy, Security and Trust (PST)
EditorsAli Ghorbani, Vincenç Torra , Hüseyin Hışıl , Ali Miri, Ahmet Koltuksuz , Jie Zhang , Murat Sensoy , Joaquin Garcia-Alfaro , Ibrahim Zincir
PublisherIEEE Press
Number of pages8
ISBN (Electronic)978-1-4673-7828-4, 978-1-4673-7827-7
Publication statusPublished - 1 Jul 2015


  • provenance
  • access control
  • constraints


Dive into the research topics of 'An Access Control Model for Protecting Provenance Graphs'. Together they form a unique fingerprint.

Cite this