Re: PROV-AQ security (privacy) considerations

I think it is a great description and would be happy to see it included.

Regards,
Tim


On Nov 6, 2012, at 9:35 AM, Graham Klyne <GK@ninebynine.org> wrote:

> I'm working through some outstanding TODO issues in PROV-AQ.
> 
> There are some notes for discussion of potential privacy concerns. Based on these notes, I've drafted the following, which might be controversial:
> 
> [[
>        Provenance information may provide a route for leakage of privacy-related information, combining as it does a diversity of information types with possible personally-identifying information; e.g. editing timestamps may provide clues to the working patterns of document editors, or derivation traces might indicate access to sensitive materials.  In particular, note that the fact that a resource is openly accessible does not mean that its provenance information should also be.  When publishing provenance, its sensitivity should be considered and appropriate access controls applied where necessary.  When a provenance-aware publishing service accepts some resource for publication, the contributors should have some opportunity to review and correct or conceal any provenance information that they don't wish to be exposed.
> ]]
> 
> Are there any objections to this?
> 
> #g
> 
> 

Received on Tuesday, 6 November 2012 14:50:52 UTC