A Cloud-Based Policy Manager for Assured Information Sharing ◾ 301
Example 20.1: Provenance Path Query
Select ?x
{ex:PubRpt1 arq:OnPath(“([opm:WasGeneratedBy]/
[opm:WasTriggeredBy]/[ex:location])”?x).}
is query would return the location as a binding to the variable x and could be
used to pinpoint the origin of a compromise (and leakage) of the original report.
is could also serve to alert policy designers to add appropriate policies for reports
and servers in their respective agencies.
Policy sequence. e execution of the policies over an agency’s resource results
in a policy sequence. In particular, a protected resource could employ the services
of multiple policy engines and policy types. Each policy type produces a new
subgraph of its input ...