PACLP: a fine-grained partition-based access control policy language for   provenance

Xinyu Fan; Faen Zhang; Jianfei Song; Jingming Guo; Fujie Gao

arXiv:1912.00442·cs.CR·January 8, 2020

PACLP: a fine-grained partition-based access control policy language for provenance

Xinyu Fan, Faen Zhang, Jianfei Song, Jingming Guo, Fujie Gao

PDF

Open Access

TL;DR

This paper introduces PACLP, a novel language for fine-grained access control of provenance data using graph segments and regular expressions, enabling targeted data retrieval and restrictions.

Contribution

It presents a new approach to provenance access control by segmenting provenance graphs and applying regular expressions for precise data access management.

Findings

01

Enables partial graph retrieval for access requests

02

Uses segments as restrictions to filter targeted data

03

Introduces a language for fine-grained provenance access control

Abstract

Even though the idea of partitioning provenance graphs for access control was previously proposed, employing segments of the provenance DAG for fine-grained access control to provenance data has not been thoroughly explored. Hence, we take segments of a provenance graph, based on the extended OPM, and defined use a variant of regular expressions, and utilize them in our fine-grained access control language. It can not only return partial graphs to answer access requests but also introduce segments as restrictions in order to screen targeted data.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsScientific Computing and Data Management · Advanced Data Storage Technologies · Distributed and Parallel Computing Systems