This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Papel: Provenance-Aware Policy Definition and Execution
January/February 2011 (vol. 15 no. 1)
pp. 49-58
Christoph Ringelstein, University of Koblenz-Landau
Steffen Staab, University of Koblenz-Landau
Data processing is often restricted by contractual and legal requirements for protecting privacy and intellectual-property rights. Internet policies help control how and by whom data is processed. Policy conditions could depend on previous data processing and thus on the processing histories' temporal structure. However, existing policy languages don't allow for expressing the temporal aspects of such conditions. Papel (Provenance-Aware Policy Definition and Execution Language) uses provenance information to connect data-processing policies and histories and to map the processing histories' temporal structure to a graph structure.

1. H.M. Hinton and E.S. Lee, "The Compatibility of Policies," Proc. 2nd ACM Conf. Computer and Comm. Security (CCS 94), ACM Press, 1994, pp. 258–269.
2. Oasis eXtensible Access Control Markup Language (XACML), v2.0, Oasis, 2005; www.oasis-open.org/specs#xacmlv2.0.
3. L. Kagal, T. Finin, and A. Joshi, "A Policy Language for a Pervasive Computing Environment," Proc. 4th IEEE Int'l Workshop Policies for Distributed Systems and Networks, IEEE CS Press, 2003, pp. 63–75.
4. C. Ringelstein and S. Staab, "DiALog: A Distributed Model for Capturing Provenance and Auditing Information," Int'l J. Web Services Research, vol. 7, no. 2, 2010, pp. 1–20.
5. L. Moreau et al., "The Open Provenance Model: An Overview," Proc. 2nd Int'l Provenance and Annotation Workshop (IPAW 08), Provenance and Annotation of Data and Processes, LNCS 5272, Springer, 2008, pp. 323–326.
6. C. Ringelstein and S. Staab, "PAPEL: A Language and Model for Provenance-Aware Policy Definition and Execution," Proc. 8th Int'l Conf. Business Process Management (BPM 10), LNCS 6336, Springer, 2010, pp. 195–210.
7. P.M. Hallam-Baker and B. Behlendorf, "Extended Log File Format," World Wide Web Consortium (W3C) draft, work in progress, 1996; www.w3.org/TRWD-logfile-960323.html.
1. Oasis eXtensible Access Control Markup Language (XACML), v2.0, Oasis, 2005; www.oasis-open.org/specs#xacmlv2.0.
2. L. Kagal, T. Finin, and A. Joshi, "A Policy Language for a Pervasive Computing Environment," Proc. 4th IEEE Int'l Workshop Policies for Distributed Systems and Networks, IEEE CS Press, 2003, pp. 63–75.
3. C. Ringelstein and S. Staab, "PAPEL: A Language and Model for Provenance-Aware Policy Definition and Execution," Proc. 8th Int'l Conf. Business Process Management (BPM 10), LNCS 6336, Springer, 2010, pp. 195–210.
4. A. Bauer, R. Goré, and A. Tiu, "A First-Order Policy Language for History-Based Transaction Monitoring," Proc. 6th Int'l Colloquium Theoretical Aspects of Computing (ICTAC 09), LNCS 5684, Springer, 2009, pp. 96–111.
5. A.S. Vedamuthu et al., eds., Web Services Policy 1.5 – Framework, World Wide Web Consortium (W3C) recommendation, Sept. 2007; www.w3.org/TRws-policy.
6. P. Ashley et al., Enterprise Privacy Authorization Language (EPAL 1.2), World Wide Web Consortium (W3C) member submission, Nov. 2003; www.w3.org/Submission/2003SUBM-EPAL-20031110.
7. F.L. Gandon and N.M. Sadeh, "Semantic Web Technologies to Reconcile Privacy and Context Awareness," J. Web Semantics, vol. 1, no. 3, 2004, pp. 241–260.
8. X. Wang et al., "XrML—Extensible Rights Markup Language," Proc. ACM Workshop XML Security (XMLSEC 02), ACM Press, 2002, pp. 71–79.
9. M.Y. Becker and P. Sewell, "Cassandra: Distributed Access Control Policies with Tunable Expressiveness," Proc. 5th IEEE Int'l Workshop Policies for Distributed Systems and Networks (Policy 04), IEEE CS Press, pp. 159–168.
10. R. Accorsi and C. Wonnemann, "Auditing Workflow Executions against Dataflow Policies," Proc. 13th Int'l Conf. Business Information Systems (BIS 10), LNBIP 47, Springer, 2010, pp. 207–217.

Index Terms:
Papel, provenance, data processing, data communications, privacy, public policy issues, computers and society, intellectual-property rights, communication/networking and information technology, medical information systems, Internet/Web
Citation:
Christoph Ringelstein, Steffen Staab, "Papel: Provenance-Aware Policy Definition and Execution," IEEE Internet Computing, vol. 15, no. 1, pp. 49-58, Jan.-Feb. 2011, doi:10.1109/MIC.2010.128
Usage of this product signifies your acceptance of the Terms of Use.