Foundations of Language-Based Provenance Security
Technical Report,01 Jan 2013,30 Jun 2018
University of Edinburgh (THE) Edinburgh United Kingdom
Pagination or Media Count:
Provenance is information about the origin, history or derivation of something, which could be a physical object such as a work of art, information such as a Word document containing security-critical information, or a combination of the two such as a computer system with both physical and informational characteristics. Provenance tracking has been identified as both an opportunity and a challenge for security it offers the opportunity of increased awareness of actionable information about information quality and trustworthiness, while also introducing new risks such as unintended consequences of pervasive system monitoring. Although provenance has been studied in other settings, such as computational science, foundational research on provenance has not yet addressed key questions needed in security-critical settings. In this project, a range of foundational and practical aspects of provenance security were studied, organized around the following four themes 1 models and semantics of provenance, 2 expressing provenance security policies and properties, 3 language integration and efficiency and 4 verification. This project adopted a language-based approach to provenance, seeking to understand provenance and its relationship to other concepts such as program slicing, bidirectional transformations, and concurrency studied by the programming languages community. The main results were new techniques for program slicing, auditing and provenance inspection, benchmarking techniques for provenance-tracking systems, efficient language-based support for provenance and view updates, and the first formally verified results about languages with provenance-tracking.
- Computer Programming and Software