
143
Chapter 10
Transforming Provenance
Using Redaction
10.1 Overview
So far we have mainly focused on access control policies that are mostly used to con-
trol access to a document. In this chapter we explore other policies (namely redaction)
that enable the sharing of provenance. Our idea of executing an access control policy
over a provenance graph is to identify those resources of the graph that a user is per-
mitted or denied to view. An access control policy is used to determine whether a user
is allowed access to a subset (a single node, a path, or a subgraph) of the provenance
graph. Such a subset is found by queries that operate over graph ...