Assured Data Provenance
Original Publication Date: 2003-Jan-16
Included in the Prior Art Database: 2003-Jan-16
A method is disclosed for creating and protecting provenance metadata by means of a trusted third party that maintains the provenance metadata in a form that enables that party to underwrite both the integrity and the origin of the provenance. By providing full control of the provenance metadata, the method offers advantages over known systems that provide assurance of data integrity.
Assured Data Provenance
A method is disclosed for creating and protecting provenance metadata by means of a trusted third party that maintains the provenance metadata in a form that enables that party to underwrite both the integrity and the origin of the provenance.
Data is collected for many purposes, some of which require metadata that establishes the provenance of the data. For example, a document that is to be used for evidential purposes must carry proof that includes the identity of the originator, the time of creation, and the integrity of the original document data.
Provenance metadata is vital in other areas, and so we use the testing of a compound with pharmacological activity to illustrate the process that is the subject of this disclosure. In this instance, the metadata is likely to include information such as the testing protocol, and the dates and times of tests. Any governmental body considering authorizing the use of this potential drug will want to assure itself about the integrity of the test results and, to do so, will rely upon the provenance metadata.
This disclosure proposes a trusted third party acting as a provenance broker. The flow of assured provenance information is as follows:
The creator and owner of the data (the owner) generates the provenance metadata
(the provenance) that is appropriate to the owner's area of work. The owner sends the provenance to the trusted provenance broker (the broker), encrypted with the broker's public key. The broker decrypts the provenance and then encrypts it again using a key that only
the broker will ever know. Note that the broker is a trusted party. At this stage there are two options:
(a) The broker sends the freshly-encrypted provenance back to the owner, who saves it in association with the original data, for which he already has a duty of care.
(b) The broker retains the freshly-encrypted provenance on behalf of the owner. When the broker receives a legitimate request (see below) for the provenance, the
(a) Requests the encrypted provenance from the owner and decrypts it using...