A core calculus for provenance

Umut A. Acar, Amal Ahmed, James Cheney, Roly Perera

Research output: Contribution to journalArticlepeer-review

Abstract / Description of output

Provenance is an increasing concern due to the ongoing revolution in sharing and processing scientific data on the Web and in other computer systems. It is proposed that many computer systems will need to become provenance-aware in order to provide satisfactory accountability, reproducibility, and trust for scientific or other high-value data. To date, there is not a consensus concerning appropriate formal models or security properties for provenance. In previous work, we introduced a formal framework for provenance security and proposed formal definitions of properties called disclosure and obfuscation.

In this article, we study refined notions of positive and negative disclosure and obfuscation in a concrete setting, that of a general-purpose programing language. Previous models of provenance have focused on special-purpose languages such as workflows and database queries. We consider a higher-order, functional language with sums, products, and recursive types and functions, and equip it with a tracing semantics in which traces themselves can be replayed as computations. We present an annotation-propagation framework that supports many provenance views over traces, including standard forms of provenance studied previously. We investigate some relationships among provenance views and develop some partial solutions to the disclosure and obfuscation problems, including correct algorithms for disclosure and positive obfuscation based on trace slicing.
Original languageEnglish
Pages (from-to)919-969
Number of pages51
JournalJournal of Computer Security
Issue number6
Publication statusPublished - 2013

Keywords / Materials (for Non-textual outputs)

  • provenance
  • slicing
  • obfuscation
  • disclosure


Dive into the research topics of 'A core calculus for provenance'. Together they form a unique fingerprint.

Cite this