Back to Security Main Page

Back to HL7 FHIR Security Topics HL7 FHIR Provenance Resource

W3C

Provenance Dimensions

This is a list of important dimensions in provenance that the group identified in order to guide the collection of use cases. Content

1. 1. Object - what the provenance is about
   2. Attribution - provenance as the sources or entities that were used to create a new result ## Responsibility - knowing who endorses a particular piece of information or result
   3. Origin - recorded vs reconstructed, verified vs non-verified (eg with digital signatures), asserted vs inferred

1. 1. Process - provenance as the process that yielded an artifact ## Reproducibility (eg workflows, mashups, text extraction)
   2. Data Access (e.g. access time, accessed server, party responsible for accessed server)

1. 1. Evolution and versioning ## Republishing (e.g. retweeting, reblogging, republishing)
   2. Updates (eg a document that assembles content from various sources and that changes over time)

1. 1. Justification for Decisions - capturing why and how a particular decision is made ## argumentation - what was considered and debated (eg pros and cons) before reaching a solution
   2. hypothesis management (eg in HLCS scientific discourse task when complementary/contrary evidence is provided by different sources)
   3. why-not questions - capturing why a particular choice was not made

1. 1. Entailment - given the results to a particular query in a reasoning system or DB, capture how the system produced an answer given what axioms or tuples it contained that led to those results

Management

1. 1. Publication - Making provenance information available on the web (how do you expose it, how do you distribute it)
   2. Access - Finding and querying provenance information ## Finding the provenance information, perhaps through an authoritative service
   3. Query formulation and execution mechanisms

1. 1. Dissemination control - Using provenance to track the policies for when/how an entity can be used as specified by the creator of that entity ## Access Control - incorporate access control policies to access provenance information
   2. Licensing - stating what rights the object creators and users have based on provenance
   3. Law enforcement (eg enforcing privacy policies on the use of personal information)

1. 1. Scale - how to operate with large amounts of provenance information

Use

1. 1. Understanding - End user consumption of provenance. ## abstraction, multiple levels of description, summary
   2. presentation, visualization

1. 1. Interoperability - combining provenance produced by multiple different systems
   2. Comparison - finding what's in common in the provenance of two or more entities (eg two experimental results)
   3. Accountability - the ability to check the provenance of an object with respect to some expectation ## Verification - of a set of requirements
   4. Compliance - with a set of policies

1. 1. Trust - making trust judgements based on provenance ## Information quality - choosing among competing evidence from diverse sources (eg linked data use cases)
   2. Incorporating reputation and reliability ratings with attribution information

1. 1. Imperfections - reasoning about provenance information that is not complete or correct ## Incomplete provenance
   2. Uncertain/probabilistic provenance
   3. Erroneous provenance
   4. Fraudulent provenance

1. 1. Debugging