ABSTRACT

All of our security mechanisms explored so far for provenance suffer from what is known as an inference attack. That is, a user may employ different inference strategies in order to arrive at new information using prior knowledge and the answers to queries provided by our framework. When the newly inferred information is sensitive, we say the confidentiality of the system is compromised. To prevent the release of the confidential information, a first step is to identify the possible inference strategies available to the user.