Mercurial > hg > prov / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset
Updated security considerations to mention audit
authorGraham Klyne
Thu, 08 Nov 2012 12:12:17 +0000
changeset 4664 098e7be8b4d5
parent 4649 12b42521f2b6
child 4665 4dd30a320272
Updated security considerations to mention audit
paq/prov-aq.html 
--- a/paq/prov-aq.html	Tue Nov 06 17:05:14 2012 +0000
+++ b/paq/prov-aq.html	Thu Nov 08 12:12:17 2012 +0000
@@ -789,7 +789,7 @@
         When retrieving a provenance URI from a document, steps SHOULD be taken to ensure the document itself is an accurate copy of the original whose author is being trusted (e.g. signature checking, or use of a trusted secure web service).
       </p>
       <p>
-        Provenance information may provide a route for leakage of privacy-related information, combining as it does a diversity of information types with possible personally-identifying information; e.g. editing timestamps may provide clues to the working patterns of document editors, or derivation traces might indicate access to sensitive materials.  In particular, note that the fact that a resource is openly accessible does not mean that its provenance information should also be.  When publishing provenance, its sensitivity SHOULD be considered and appropriate access controls applied where necessary.  When a provenance-aware publishing service accepts some resource for publication, the contributors SHOULD have some opportunity to review and correct or conceal any provenance information that they don't wish to be exposed.
+        Provenance information may provide a route for leakage of privacy-related information, combining as it does a diversity of information types with possible personally-identifying information; e.g. editing timestamps may provide clues to the working patterns of document editors, or derivation traces might indicate access to sensitive materials.  In particular, note that the fact that a resource is openly accessible does not mean that its provenance information should also be.  When publishing provenance, its sensitivity SHOULD be considered and appropriate access controls applied where necessary.  When a provenance-aware publishing service accepts some resource for publication, the contributors SHOULD have some opportunity to review and correct or conceal any provenance information that they don't wish to be exposed.  Provenance management systems SHOULD embody mechanisms for enforcement and auditing of privacy policies as they apply to provenance information.
       </p>
     </section>
prov

Hosted by W3C Systems Team, please report bugs to sysreq@w3.org