Data Provenance is multi-dimensional metadata that can be used to determine Information Assurance attributes like Confidentiality, Authenticity, Integrity, and Non-Repudiation. Traditionally, these Information Assurance attributes have been specified probabilistically as a belief value (or corresponding disbelief value). In this paper, we introduce a framework based on Subjective Logic that directly incorporates uncertainty by representing values as a triple of <belief, disbelief, uncertainty>. This framework allows us to work with uncertainty as well as conflicting pieces of information that may arise from multiple views of an object. We also develop a formal semantic model for specifying and reasoning over Information Assurance properties in a workflow. This model uses a controlled English representation which facilitates the dialogue with domain experts to capture and vet domain knowledge. Since Data Provenance information can grow substantially as the amount of information kept for each object increases and/or as the complexity of a workflow increases, we show how this information can be summarized. This summarization can also generate a trust value in the data so that it can cross security boundaries with user-controllable covert channel implications. Finally, we discuss a range of visualizations ranging from attention-directing high-level visualization to finer-level contextual visualization.
[1]
Audun Jøsang,et al.
An Algebra for Assessing Trust in Certification Chains
,
1999,
NDSS.
[2]
A. Jøsang.
Artificial Reasoning with Subjective Logic
,
2008
.
[3]
Audun Jøsang,et al.
The consensus operator for combining beliefs
,
2002,
Artif. Intell..
[4]
Abha Moitra,et al.
Data Provenance architecture to support Information Assurance in a Multi-Level Secure Environment
,
2009,
MILCOM 2009 - 2009 IEEE Military Communications Conference.
[5]
Dag Arne Osvik,et al.
MD5 considered harmful today, creating a rogue CA certificate
,
2008
.