![[PRINT]](/_images/printer1.png)
Assessing workflow privacy by hiding provenance data
Background
Scientific workflow systems increasingly store provenance information about the module executions used to produce a data item, as well as the parameter settings and intermediate data items passed between module executions. However, authors/owners of workflows may wish to keep some of this information confidential.
Given a workflow, abstractly modeled by a relation R, a privacy requirement Γ and costs associated with data, the owner of the workflow may decide which data (attributes) to hide, and may therefore provide the user with a view R' which is the projection of R over attributes which have not been hidden. The challenge is to minimize the cost of hidden data while guaranteeing that individual modules are Γ-private in large setups. The theoretical work has been provided by Davidson et al. in their paper "Provenance Views of Module Privacy".
Objectives
In this thesis we want to evaluate Davidson's paper practically by prototyping a solution, applying it to non-trivial large-scale workflows, and providing tools to assess the privacy of workflow setups.
Consequently, the thesis consists of the following steps:
- Evaluate the Davidson model (Does it still hold for real large-scale workflows?)
- Define a meta language to map real workflows onto the Davidson model.
- Define a metric for workflow privacy.
- Implement a protoype (based on the previous steps) to assess module privacy in workflows.
- Apply this methodology to selected large-scale workflows as for example encountered in the EU-funded DRIHM project.
Assigner:
Prof. Dr. D. Kranzlmüller
Requirements:
no specific
Duration: according to study guidelines
Number of Students: 1
Supervisors:
Dr. Michael Schiffers, Oettingenstr. 67, Raum E 003 (Erdgeschoß), Tel. 2180-9164