Provenance-Based Security Risk Assessment Framework

Abstract

Large-scale massive heterogeneous data have been accumulated in various fields of scientific research and society. As a result, discovering new knowledge by linking sensing and science data, such as web archives, has attracted attention. We developed a Knowledge Language Grid (KLG) system that combines multiple asset data from different providers and allows users to use or re-use them. KLG structures a great quantity of information that can be confidential for individuals, companies, or institutions, but it can also be misused or disclosed to inappropriate people. In this paper, we propose a risk assessment framework based on provenance information. In addition, since KLG allows user to access security knowledge-bases, it is possible to provide actual and on time information about risk and security controls. Our proposed system implements a graphic representation of provenance using Open Provenance Model (OPM), and users are allowed to see graphically where and what kinds of data generate security conflicts.