124 ◾ Secure Data Provenance and Inference Control
scope = <char>+
condition = (<exp><num>?)+ (<op> | <sp><reg>?)
(<exp><num>?)+
(<bool> (<exp><num>?)+
(<op> | <sp><reg>?)? (<exp><num>?)+)*
effect = <char>+ | <num>
e grammar defined above allows us to evaluate the policy for correctness and also
allows a parser to unambiguously translate the policy into a form that can be used
by the appropriate layer in our architecture.
9.4 Solution Based on Regular Expression Queries
e traditional definition of access control policies is extended in our policy lan-
guage to include relationships over data items in the provenance graph by making
use of regular expressions. e use of an existing access control language to build
policies over the provenance g ...