296 ◾ Secure Data Provenance and Inference Control
20.2.2.2 Policy Engines
e Policy Engine Layer first evaluates the user queries against the stored data
resources (which can be traditional data or provenance metadata). A data resource
is characterized by a URI, which connects to an actual RDF graph in the data
storage layer. e policy layer uses a factory object to create the underlying policies.
e factory exposes a policy through a consistent interface, thus making it easy
to extend our policy engine to support other types of policies in the future. We
currently support access control, redaction, and information sharing policies. To
support traditional policies, we use SPARQL queries to define views over resources,
where a view can b