Workpackage on Security

In a first stage of this workpackage, the focus will be on specifying secure methods for all parties to generate provenance data. The technical requirements will identify the security measures that will have to be provided for provenance generation, but there needs to be systems provided as part of a provenance architecture for mutual authentication and non-repudiation. Current practices in the Grid and Web Services communities rely on a public key infrastructure (PKI), and it is likely that PKI will also be adopted in this context. We also expect the provenance requirements to identify multiple security configurations, which will be best expressed in a security policy language; we will seek to integrate such security policies with the standardised WS-policy format, and all the security issues to be expressed in compliance with the overarching WS-Security and WS-Trust frameworks, underpinning the security effort in the Grid and Web Services communities.

In a second stage, the workpackage will be concerned with specifying the visibility of provenance data. We expect this analysis to take into account the ethical requirements to be produced by the requirements workpackage. The outcomes of the two activities (secure methods for submitting provenance data, visibility of provenance data) will be a set of security specifications for provenance, which will be fed into the architecture definition.

Finally, in the last stage, the security specifications will be implemented, and the resulting implementation will contribute to the final prototype.
to top