Foundations of Language-Based Provenance Security
Abstract
Provenance is information about the origin, history or derivation of something, which could be a physical object (such as a work of art), information (such as a Word document containing security-critical information), or a combination of the two (such as a computer system with both physical and informational characteristics). Provenance tracking has been identified as both an opportunity and a challenge for security: it offers the opportunity of increased awareness of actionable information about information quality and trustworthiness, while also introducing new risks such as unintended consequences of pervasive system monitoring. Although provenance has been studied in other settings, such as computational science, foundational research on provenance has not yet addressed key questions needed in security-critical settings. In this project, a range of foundational and practical aspects of provenance security were studied, organized around the following four themes: (1) models and semantics of provenance, (2) expressing provenance security policies and properties, (3) language integration and efficiency and (4) verification. This project adopted a language-based approach to provenance, seeking to understand provenance and its relationship to other concepts such as program slicing, bidirectional transformations, and concurrency studied by the programming languages community. The main results were new techniques for program slicing, auditing and provenance inspection, benchmarking techniques for provenance-tracking systems, efficient language-based support for provenance and view updates, and the first formally verified results about languages with provenance-tracking.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 27, 2018
- Accession Number
- AD1099410
Entities
People
- James Cheney
Organizations
- University of Edinburgh