--- a/model/prov-constraints.html Tue Apr 24 16:48:38 2012 +0200
+++ b/model/prov-constraints.html Tue Apr 24 16:53:10 2012 +0200
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<html><head>
- <title>PROV-DM Part II: Constraints of the Provenance Data Model</title>
+ <title>Constraints of the Provenance Data Model</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<!--
=== NOTA BENE ===
@@ -85,7 +85,8 @@
// if your specification has a subtitle that goes below the main
// formal title, define it here
- subtitle : "Initial document for discussion, WD5",
+ subtitle : "WD5, being updated following internal review",
+
// if you wish the publication date to be other than today, set this
//publishDate: "2012-02-01",
@@ -100,7 +101,7 @@
//previousMaturity: "WD",
// if there a publicly available Editor's Draft, this is the link
- edDraftURI: "http://dvcs.w3.org/hg/prov/raw-file/default/model/prov-dm-constraints.html",
+ edDraftURI: "http://dvcs.w3.org/hg/prov/raw-file/default/model/prov-constraints.html",
// if this is a LCWD, uncomment and set the end of its review period
// lcEnd: "2009-08-05",
@@ -112,10 +113,13 @@
// editors, add as many as you like
// only "name" is required
editors: [
+ { name: "James Cheney", url:
+ "http://homepages.inf.ed.ac.uk/jcheney", company:
+ "University of Edinburgh" },
+ { name: "Paolo Missier", url: "http://www.cs.ncl.ac.uk/people/Paolo.Missier",
+ company: "Newcastle University" },
{ name: "Luc Moreau", url: "http://www.ecs.soton.ac.uk/~lavm/",
company: "University of Southampton" },
- { name: "Paolo Missier", url: "http://www.cs.ncl.ac.uk/people/Paolo.Missier",
- company: "Newcastle University" },
],
// authors, add as many as you like.
@@ -152,137 +156,78 @@
<section id="abstract">
<p>
-PROV-DM, the PROV data model, is a data model for provenance that describes the entities, people and activities involved in producing a piece of data or thing. PROV-DM is structured in six components, dealing with: (1) entities and activities, and the time at which they were created, used, or ended; (2) agents bearing responsibility for entities that were generated and actities that happened; (3) derivations between entities; (4) properties to link entities that refer to a same thing; (5) collections of entities, whose provenance can itself be tracked; (6) a simple annotation mechanism.</p>
-
-
-<p>
- This document introduces a
- further set of concepts underpinning the PROV-DM data model and defines constraints that well-structured provenance descriptions should follow. These constraints help provide an interpretation for provenance descriptions. They are useful for readers who develop applications that generate provenance or reason over provenance.
+PROV-DM, the PROV data model, is a data model for provenance that describes
+the entities, people and activities involved in
+producing a piece of data or thing.
+PROV-DM is structured in six components, dealing with:
+(1) entities and activities, and the time at which they were created, used, or ended;
+(2) agents bearing responsibility for entities that were generated and activities that happened;
+(3) derivations of entities from entities;
+(4) properties to link entities that refer to a same thing;
+(5) collections forming a logical structure for its members;
+(6) a simple annotation mechanism.
</p>
- </section>
+
+
+<p> This document introduces a further set of concepts useful for
+ understanding the PROV data model and defines <i>inferences</i>
+ that are allowed on provenance descriptions and <i>validity
+ constraints</i> that well-structured provenance descriptions should
+ follow. These inferences and constraints are useful for readers who
+ develop applications that generate provenance or reason over
+ provenance.
+</p>
+</section>
<section id="sotd">
<h4>PROV Family of Specifications</h4>
-This document is part of the PROV family of specifications, a set of specifications aiming to define the various aspects that are necessary to achieve the vision of inter-operable
-interchange of provenance information in heterogeneous environments such as the Web. The specifications are as follows.
+This document is part of the PROV family of specifications, a set of specifications defining various aspects that are necessary to achieve the vision of inter-operable
+interchange of provenance information in heterogeneous environments such as the Web. The specifications are:
<ul>
-<li> PROV-DM, the PROV data model for provenance,</li>
-<li> PROV-DM-CONSTRAINTS, a set of constraints applying to the PROV data model (this document),</li>
-<li> PROV-N, a notation for provenance aimed at human consumption,</li>
+<li> PROV-DM, the PROV data model for provenance;</li>
+<li> PROV-CONSTRAINTS, a set of constraints applying to the PROV data model (this document);</li>
+<li> PROV-N, a notation for provenance aimed at human consumption;</li>
<li> PROV-O, the PROV ontology, an OWL-RL ontology allowing the mapping of PROV to RDF;</li>
<li> PROV-AQ, the mechanisms for accessing and querying provenance; </li>
-<li> PROV-PRIMER, a primer for the PROV data model,</li>
-<li> PROV-SEM, a formal semantics for the PROV data model.</li>
+<li> PROV-PRIMER, a primer for the PROV data model;</li>
+<li> PROV-SEM, a formal semantics for the PROV data model;</li>
<li> PROV-XML, an XML schema for the PROV data model.</li>
</ul>
<h4>How to read the PROV Family of Specifications</h4>
<ul>
-<li>The primer is the entry point to PROV offering a pedagogical presentation of the provenance model.</li>
-<li>The Linked Data and Semantic Web community should focus on PROV-O defining PROV classes and properties specified in an OWL-RL ontology. For further details, PROV-DM and PROV-DM-CONSTRAINTS specify the constraints applicable to the data model, and its interpretation. PROV-SEM provides a mathematical semantics.</li>
-<li>The XML community should focus on PROV-XML defining an XML schema for PROV-DM. Further details can also be found in PROV-DM, PROV-DM-CONSTRAINTS, and PROV-SEM.</li>
-<li>Developers seeking to retrieve or publish provenance should focus of PROV-AQ.</li>
+<li>The primer is the entry point to PROV offering an introduction to the provenance model.</li>
+<li>The Linked Data and Semantic Web community should focus on PROV-O defining PROV classes and properties specified in an OWL-RL ontology. For further details, PROV-DM and PROV-CONSTRAINTS specify the constraints applicable to the data model, and its interpretation. PROV-SEM provides a mathematical semantics.</li>
+<li>The XML community should focus on PROV-XML defining an XML schema for PROV-DM. Further details can also be found in PROV-DM, PROV-CONSTRAINTS, and PROV-SEM.</li>
+<li>Developers seeking to retrieve or publish provenance should focus on PROV-AQ.</li>
<li>Readers seeking to implement other PROV serializations
-should focus on PROV-DM and PROV-DM-CONSTRAINTS. PROV-O, PROV-N, PROV-XML offer examples of mapping to RDF, text, and XML, respectively.</li>
+should focus on PROV-DM and PROV-CONSTRAINTS. PROV-O, PROV-N, PROV-XML offer examples of mapping to RDF, text, and XML, respectively.</li>
</ul>
-
-<h4>Fourth Public Working Draft</h4>
-<p>This is the fourth public release of the PROV-DM document. Following feedback, the Working Group has decided to reorganize this document substantially, separating the data model, from its contraints, and the notation used to illustrate it. The PROV-DM release is synchronized with the release of the PROV-O, PROV-PRIMER, PROV-N, PROV-DM-CONSTRAINTS documents. We are now making clear what the entry path to the PROV family of specifications is.</p>
+<h4>First Public Working Draft</h4>
+ <p>This is the first public release of the PROV-CONSTRAINTS
+document. Following feedback, the Working Group has decided to
+reorganize the PROV-DM document substantially, separating the data model,
+from its constraints, and the notation used to illustrate it. The
+PROV-CONSTRAINTS release is synchronized with the release of the PROV-DM, PROV-O,
+PROV-PRIMER, and PROV-N documents.
+</p>
</section>
-<!--
-<div class="buttonpanel">
-<form action="#"><p>
-<input id="hide-bnf" onclick="set_display_by_class('div','grammar','none'); set_display_by_id('hide-bnf','none'); set_display_by_id('show-bnf','');" type="button" value="Hide Grammar" />
-<input id="show-bnf" onclick="set_display_by_class('div','grammar',''); set_display_by_id('hide-bnf',''); set_display_by_id('show-bnf','none');" style="display: none" type="button"
-value="Show Grammar" />
-<input id="hide-examples" onclick="set_display_by_class('div','anexample','none'); set_display_by_id('hide-examples','none'); set_display_by_id('show-examples','');" type="button"
-value="Hide Examples" />
-<input id="show-examples" onclick="set_display_by_class('div','anexample',''); set_display_by_id('hide-examples',''); set_display_by_id('show-examples','none');" style="display: none"
-type="button" value="Show Examples" />
-</p>
-</form>
-</div>
--->
<section id="introduction">
<h2>Introduction<br>
</h2>
-<p> Provenance is defined as a record that describes the people,
-institutions, entities, and activities, involved in producing,
-influencing, or delivering a piece of data or a thing. A
-companion specification [[PROV-DM]] defines PROV-DM, a data model for
-provenance, allowing such descriptions to be expressed.
-</p>
-
-
-
-
-<p>This specification is one of several specifications, referred to as the PROV family of specifications, defining the various aspects
-that are necessary to achieve the vision of inter-operable exchange of provenance:</p>
-<ul>
-<li>A data model for provenance, which is presented in three documents:
-<ul>
-<li> PROV-DM (part I): the provenance data model itself, expressed in natural language [[PROV-DM]];
-<li> PROV-DM-CONSTRAINTS (part II): constraints underpinning the data model (this document);
-<li> PROV-N (part III): a notation to express instances of that data model for human consumption [[PROV-N]];
-</ul>
-</li>
-<li>PROV-O: the PROV ontology, an OWL-RL ontology allowing the mapping of PROV to RDF [[!PROV-O]];</li>
-<li>PROV-AQ: the mechanisms for accessing and querying provenance [[PROV-AQ]];</li>
-<li>PROV-PRIMER: a primer for the PROV approach [[PROV-PRIMER]];</li>
-<li>PROV-SEM: semantics of the PROV-DM data model [[PROV-SEM]];</li>
-</ul>
-
-
-<p>PROV-DM is essentially defined without any constraints [[PROV-DM]]. This document introduces a further set of concepts underpinning this data model and defines constraints that well-structured provenance descriptions should follow and that provide an interpretation for these descriptions. </p>
-
-
-<p>In [[PROV-DM]], a data model for provenance has been defined without introducing any constraint that this data model has to satisfy. First we introduce and refine various concepts such as attributes, event, entity, entity, interval, accounts, which underpin the PROV-DM data model. Using these notions, we explore the constraints
-that the PROV-DM data model has to satisfy. </p>
-
-<p>Several types of constraints are specified.</p>
-<ul>
-<li>Definitional constraints are constraints directly following the definition of concepts in the PROV data model (<a href="#definitional-constraints">Section 4</a>). </li>
-<li>Account constraints have to be satisfied by provenance descriptions in the context of a given account (<a href="#account-constraints">Section 5</a>)</li>
-<li>Event ordering constraints provide a "temporal interpretation" for provenance descriptions (<a href="#interpretation">Section 6</a>)</li>
-<li>Structural constraints are further constraints to be satisfied by generation descriptions (<a href="#structural-constraints">Section 7</a>)</li>
-<li>Collection constraints are the constraints that hold for collections (<a href="#collection-constraints">Section 8</a>)</li>
-</ul>
-
-
-
-
-<!--
- <section id="structure-of-this-document">
-<h3>Structure of this Document</h3>
-
-<div class='note'>TODO</div>
-
-<p>In <a href="#prov-dm-refinement">section 2</a>, further concepts underpinning PROV-DM are introduced.</p>
-
-<p><a href="#data-model-constraints">Section 3</a></p>
-
-
-<p><a href="#definitional-constraints">Section 4</a></p>
-
-<p><a href="#account-constraints">Section 5</a>
-</p>
-
-<p><a href="#interpretation">Section 6</a></p>
-<p><a href="#structural-constraints">Section 7</a></p>
-<p><a href="#collection-constraints">Section 8</a></p>
-<p><a href="#refining-provenance-descriptions">Section 9</a> successively review refined provenance descriptions, and examine their meaning, in light of the constraints introduced in previous sections. </p>
-
-
-
- </section>
-
-
--->
+<p> Provenance is a record that describes the people, institutions,
+ entities, and activities, involved in producing, influencing, or
+ delivering a piece of data or a thing. This document complements
+ the PROV-DM specification [[PROV-DM]] that defines a data model for
+ provenance on the Web. </p>
+
+
+
<section id="conventions">
<h3>Conventions</h3>
@@ -294,449 +239,171 @@
[[!RFC2119]].</p>
</section>
-</section>
-
-
-<section id='prov-dm-refinement'>
-<h2>Data Model Refinement</h2>
-
-<p>Underpinning the PROV-DM data model is a notion of event, marking transitions in the world (when entities are generated, used, or invalidated, or activities started or ended). This notion of event is not first-class in the data model, but underpins many of its concepts and its semantics [[PROV-SEM]]. Thus, using this notion of event, we can provide an interpretation for the data model, which in turn can allow creators of provenance descriptons to make their descriptions more robust. </p>
-
-
- <section id='section-time-event'>
-<h4>Time and Event</h4>
-
-<p>Time is critical in the context of provenance, since it can help corroborate provenance claims. For instance, if an entity is claimed to be obtained by transforming another, then the
-latter must have existed before the former. If it is not the case, then there is something wrong with such a provenance claim. </p>
-
-<p> Although time is critical, we should also recognize that provenance can be used in many different contexts: in a single system, across the Web, or in spatial data management, to name a
-few. Hence, it is a design objective of PROV-DM to minimize the assumptions about time, so that PROV-DM can be used in varied contexts. </p>
-
-
-<p>Furthermore, consider two activities that started at the same time
-instant. Just by referring to that instant, we cannot distinguish
-which activity start we refer to. This is particularly relevant if we
-try to explain that the start of these activities had different
-reasons. We need to be able to refer to the start of an activity as a
-first class concept, so that we can talk about it and about its
-relation with respect to other similar starts. </p>
-
-
-<p>Hence, in our conceptualization of the world, an <em>instantaneous event</em>, or <dfn id="dfn-event">event</dfn> for short, happens in the world and marks a change in the world, in its
-activities and in its entities.
-The term "event" is commonly used in process algebra with a similar meaning. For instance, in CSP [[CSP]], events represent communications or interactions; they are assumed to be atomic and
-instantaneous.</p>
-
-
-
-
-<section id="types-of-events">
-<h4>Types of Events</h4>
-
-<p>Five kinds of <a title="event">instantaneous events</a> underpin the PROV-DM data model. The <strong>activity start</strong> and <strong>activity end</strong> events demarcate the
-beginning and the end of activities, respectively. The <strong>entity generation</strong>, <strong>entity usage</strong>, and <strong>entity invalidation</strong> events demarcate the characterization interval for entities. More
-specifically:
-
-</p>
-
-<p>An <dfn id="dfn-generation-event">entity generation event</dfn> is the <a title="event">instantaneous event</a> that marks the final instant of an entity's creation timespan, after which
-it is no longer available for use.</p>
-
-<p>An <dfn id="dfn-usage-event">entity usage event</dfn> is the <a title="event">instantaneous event</a> that marks the first instant of an entity's consumption timespan by an activity.</p>
-
-<p>An <dfn id="dfn-invalidation-event">entity invalidation event</dfn> is the <a title="event">instantaneous event</a> that marks the initial instant of the destruction, invalidation, or cessation of an entity, after which the entity is no longer available for use.</p>
-
-<p>An <dfn id="dfn-start-event">activity start event</dfn> is the <a title="event">instantaneous event</a> that marks the instant an activity starts.</p>
-
-<p>An <dfn id="dfn-end-event">activity end event</dfn> is the <a title="event">instantaneous event</a> that marks the instant an activity ends.</p>
-
-</section>
-
-<section id="event-ordering">
-<h4>Event Ordering</h4>
-
-<p>To allow for minimalistic clock assumptions, like Lamport
-[[CLOCK]], PROV-DM relies on a notion of relative ordering of <a title="event">instantaneous events</a>,
-without using physical clocks. This specification assumes that a partial order exists between <a title="event">instantaneous events</a>.
-</p>
-
-
-<p>Specifically, <dfn id="dfn-follows">follows</dfn> is a partial
-order between <a title="event">instantaneous events</a>, indicating that an <a title="event">instantaneous event</a> occurs at the same time as or after another.
-For symmetry, <dfn id="dfn-precedes">precedes</dfn> is defined as
-the inverse of follows. (Hence, these relations are reflexive and transitive.)</p>
-
-
-<p> How such partial order is realized in practice is beyond the scope
-of this specification. This specification only assumes that
-each <a title="event">instantaneous event</a> can be mapped to an instant in some form of
-timeline. The actual mapping is not in scope of this
-specification. Likewise, whether this timeline is formed of a single
-global timeline or whether it consists of multiple Lamport's style
-clocks is also beyond this specification. It is anticipated
-that <a>follows</a> and <a>precedes</a> correspond to some ordering
-over this timeline.
-</p>
-
-
-<p>This specification introduces a set of "temporal interpretation"
-rules allowing ordering constraints between <a title="event">instantaneous event</a> to inferred from
-provenance descriptions. According to such temporal interpretation,
-descriptions MUST satisfy such constraints. We note that the
-actual verification of such ordering constraints is outside the
-scope of this specification. </p>
-
-<p>PROV-DM also allows for time observations to be inserted in specific
-descriptions, for each recognized <a title="event">instantaneous event</a> introduced
-in this specification. The presence of a time observation for a
-given <a title="event">instantaneous event</a> fixes the mapping of this <a title="event">instantaneous event</a> to the
-timeline. It can also help with the verification of associated
-ordering constraints (though, again, this verification is outside the
-scope of this specification).
-</p>
-
-
-
-</section>
-
- </section>
-
-
-
- <section id='section-attributes'>
-<h4>Attributes in Entities and Beyond </h4>
-
-<p>When we talk about things in the world in natural language and even when we assign identifiers, we are often imprecise in ways that make it difficult to clearly and unambiguously report
-provenance: a resource with a URL may be understood as referring to a report available at that URL, the version of the report available there today, the report independent of where it is
-hosted over time, etc.</p>
-
-<p>From a provenance viewpoint, it is important to identify a "<em>partial state</em>" of something, i.e. something with some aspects that have been fixed, so that it becomes possible to express its provenance, and what causes that thing, with these specific aspects to be as such. </p>
-
-<p>It is the purpose of attributes in PROV-DM to help fix some aspect of entities.
-Indeed, we previously defined
-entities as things one wants to provide provenance for;
-we refine this definition as follows, using attribute-values to describe entities' "partial states", and linking them to the very existence of entities.</p>
-
-<p>
-An <dfn>entity</dfn> is a thing one wants to provide provenance for and whose situation in the world is described by some attribute-value pairs. An entity's attribute-value pairs are specified when the entity description is created and remain unchanged. An entity's attribute-value pairs are expected to describe the entity's situation and (partial) state during an entity's characterization interval, which is defined as the period comprised between its <a title="entity generation event">generation event</a> and its <a title="entity invalidation event">invalidation event</a>.</p>
-
-<p>An entity fixes some aspects of a thing and its situation in the
-world. An alternative entity may fix other aspects, and its provenance
-may be different.</p>
-
-
-
-
-
-
-<div class="anexample" id="a-report-example">
-Different users may take different perspectives on a resource with
-a URL. For each perspective, an entity may be expressed:
-<ul>
-<li>a report available at a URL: fixes the nature of the thing, i.e. a document, and its location; </li>
-<li>the version of the report available there today: fixes its version number, contents, and its date;</li>
-<li>the report independent of where it is hosted and of its content over time: fixes the nature of the thing as a conceptual artifact.</li></ul>
-The provenance of these three entities may differ, and may be along the following lines:
-<ul>
-<li>the provenance of a report available at a URL may include: the act of publishing it and making it available at a given location, possibly under some license and access control;</li>
-<li>the provenance of the version of the report available there today may include: the authorship of the specific content, and reference to imported content;</li>
-<li>the provenance of the report independent of where it is hosted over time may include: the motivation for writing the report, the overall methodology for producing it, and the broad team
-involved in it.</li>
-</ul>
-</div>
-
-<p>We do not assume that any entity is more important than any other; in fact, it is possible to describe the processing that occurred for the report to be commissioned, for
-individual versions to be created, for those versions to be published at the given URL, etc., each via a different entity with attribute-value pairs that fix some aspect of the report appropriately.</p>
-
-<p>Attributes are not restricted to entities, but they belong to a variety of PROV-DM objects, including activity, generation, usage, start, end, communication, attribution, association, responsibility, and derivation. Each object has its duration interval (potentially collapsing to a single time point), and attribute-value pairs for a given object, are expected to be descriptions that hold for the object's duration.</p>
-</section>
-
-
-
- <section id="representation-term-assertion-inference">
-<h3>Description, Assertion, and Inference</h3>
-
-<p>
-PROV-DM is a provenance data model designed to express <em>descriptions</em> of the world.
-</p>
-
-<div class="anexample">
-A file at some point during its lifecycle, which includes multiple edits by multiple people, can be described by its type, its location in the file system, a creator, and content.
-</div>
-
-
-<p>The data model is designed to capture activities that happened in the past, as opposed to activities
-that may or will happen.
-However, this distinction is not formally enforced.
-Therefore, all PROV-DM descriptions SHOULD be interpreted as what has happened, as opposed to what may or will happen.</p>
-
-
-
-<p>
-This specification does not prescribe the means by which descriptions can be arrived at; for example, descriptions can be composed on the basis of observations, reasoning, or any other means.
-</p>
-
-
-<p>
-Sometimes, inferences about the world can be made from descriptions
-conformant to the PROV-DM data model. When this is the case, this
-specification defines such inferences, allowing new descriptions
-to be inferred from existing ones. Hence, descriptions of the world
-can result either from direct assertion or from inference
-by application of inference rules defined by this specification.
-</p>
-
-
-</section>
-
-
-
-
- <section id="account-section">
- <h3>Account</h3>
-
-
-<p>It is common for multiple provenance records to co-exist. For
-instance, when emailing a file, there could be a provenance record
-kept by the mail client, and another by the mail server. Such
-provenance records may provide different explanations about something
-happening in the world, because they are created by different parties
-or observed by different witnesses. A given party could also create
-multiple provenance records about an execution, to capture different
-levels of details, targeted at different end-users: the programmer of
-an experiment may be interested in a detailed log of execution, while
-the scientists may focus more on the scientific-level description.
-Given that multiple provenance records can co-exist, it is important
-to have details about their origin, who they are attributed to, how
-they were generated, etc. In other words, an important requirement is
-to be able to express the provenance of provenance. </p>
+
+<section id="purpose">
+
+<h3>Purpose of this document</h3>
+
+<p> PROV-DM is a conceptual data model for provenance (realizable
+using different serializations such as PROV-N, PROV-O, or PROV-XML).
+However, nothing in the PROV-DM specification [[PROV-DM]] forces PROV
+descriptions to be meaningful, that is, to correspond to a consistent
+history of objects and interactions. Furthermore, nothing in the
+PROV-DM specification enables applications to perform inferences over
+provenance descriptions. </p>
+
+<p> This document specifies <em>inferences</em> over PROV descriptions that
+applications MAY employ, including definitions of some provenance
+descriptions in terms of others, and also defines a class of <em>valid</em>
+PROV descriptions by specifying <em>constraints</em> that valid PROV descriptions must
+satisfy. Applications SHOULD produce valid provenance and
+MAY reject provenance that is not valid in order to increase
+the usefulness of provenance and reliability of applications that
+process it.</p>
+
+<p> This specification lists inferences and definitions together in one
+section (<a href="#inferences" class="sectionRef"></a>), defines the
+induced notion of <a>equivalence</a> (<a href="#equivalence"
+class="sectionRef"></a>), and then
+considers two kinds of validity constraints (<a href="#constraints"
+class="sectionRef"></a>): <em>structural constraints</em> that
+prescribe properties of PROV descriptions that can be checked directly
+by inspecting the syntax, and <em>event ordering</em> constraints that
+require that the records in a <a>PROV description</a> are consistent with a
+sensible ordering of events relating the activities, entities and
+agents involved. In separate sections we consider additional
+constraints specific to collections and accounts (<a
+ href="#collection-constraints" class="sectionRef"></a> and <a
+ href="#account-constraints" class="sectionRef"></a>). </p>
+
+<div class="note">Question to James: The term 'PROV Instance' seems to have a precise meaning. I read this as a PROV Description Set. Should we define it? Every where it occurs, there is a link to its first occurrence.</div>
<p>
- <span class="glossary" id="glossary-account">
-An <dfn>account</dfn> is a entity that contains a bundle of provenance descriptions.
-</span> PROV-DM does not provide an actual mechanism for creating accounts, i.e. for bundling up provenance descriptions and naming them. Accounts MUST satisfy some properties:
-<ul>
-<li>An account is as a container of provenance descriptions, hence its content MAY change over time.</li>
-<li>If an account's set of descriptions changes over time, it increases monotonically with time. </li>
-<li>A given description of e.g. an entity in a given account, in terms of its identifier and attribute-value pairs, does not change over time. </li>
-</ul>
-
-<div class='note'>
-The last point is important. It indicates that within an account:
-<ul>
-<li>It is always possible to add new provenance descriptions, e.g. stating that a given entity was used by an activity, or derived from another. This is very much an open world assumption.
-<li>It is not permitted to add new attributes to a given entity (a form of closed world assumption from the attributes point of view), though it is always permitted to create a new description for an entity, which is a "copy" of the original description extended with novel attributes (cf Example <a href="#merge-with-rename">merge-with-rename</a>).
-</ul>
-</div>
-
-<p>
-There is no construct in PROV-DM to create such bundles of descriptions. Instead, it is assumed that some mechanism, outside PROV-DM can create them. However, from a provenance viewpoint, such accounts are things we may want to describe the provenance of. In order to be able to do so, we need to see accounts as entities, whose origin can be described using PROV-DM vocabulary. Thus, PROV-DM introduces the reserved type <span class="name">Account</span>.
+The specification also describes how the inferences, definitions, and
+constraints should be used (<a href="#compliance"
+class="sectionRef"></a>). Briefly, a PROV compliant application is
+allowed (but not required) to treat two PROV descriptions the same
+if they are equal after applying the inference rules and possibly
+reordering expressions, and we can define a canonical form for <a title="PROV instance">PROV
+instances</a> obtained by applying all possible inference rules. In
+addition, a validating PROV application is required to check that
+the constraints are satisfied in (the normal form of) provenance data generated or consumed by the application.
</p>
- </section>
-</section>
-
-
-
-<section id="definitional-constraints">
-
-<h2>PROV-DM Definitional Constraints and Inferences</h2>
-
-<p>In this section, we revisit the types and relations of PROV-DM that have constraints associated with their definitions. </p>
-
-<p>
-<div id="optional-attributes1">PROV-DM allows for some attributes to be optionally expressed. Unless otherwise specified, when an optional attribute is not present in a description, some value SHOULD be assumed to exist for this attribute, though it is not known which. </div>
-
-
-
-
- <section id="component1">
-<h3>Component 1: Entities and Activities</h3>
-
- <section id="term-Entity">
-
-<h4>Entity</h4>
-
-
<p>
-An <dfn>entity</dfn> is a thing one wants to provide provenance for and whose situation in the world is described by some attribute-value pairs. An entity's attribute-value pairs are specified when the entity description is created and remain unchanged. An entity's attribute-value pairs are expected to describe the entity's situation and (partial) state during an entity's characterization interval,
- i.e. a continuous interval between two <a title="event">instantaneous events</a>, namely its <a title="entity generation event">generation event</a> and its <a title="entity invalidation event">invalidation event</a>.</p>
-
-<p>If an entity's situation or state changes, this may result in its description being invalid, because one or more attribute-value pairs no longer hold. In that case, from the PROV viewpoint, there exists a new entity, which needs to be given a distinct identifier, and associated with the attribute-value pairs that reflect its new situation or state.</p>
-
-
-
-Further considerations:
-<ul>
-<li>In order to describe something over several intervals, it is required to create multiple entities, each with its own identifier. This allow potential dependencies between the various entities to be expressed.
-</li>
-
-<li>There is no assumption that the set of attributes is complete and that the attributes are independent or orthogonal of each other.</li>
-
-<li>A characterization interval may collapse into a single instant.</li>
-</ul>
-
-
-<div class="interpretation-forward">
-For the interpretation of an entity, see <a href="#usage-precedes-invalidation">usage-precedes-invalidation</a>.
-</div>
-
-
-
-</section>
-
- <section id="term-Activity">
-
-<h3>Activity</h3>
-
-
-
-<p>An activity is delimited by its <a title="activity start event">start</a> and its <a title="activity end event">end</a> events; hence, it occurs over
-an interval delimited by two <a title="event">instantaneous events</a>. However, an activity need not mention time information, nor duration, because they may not be known.
-An activity's attribute-value pairs are expected to describe the activity's situation during its interval, i.e. an interval between two instantaneous events, namely its <a title="activity start event">start</a> event and its <a title="activity end event">end</a> event.
+Finally, the specification includes a section (<a
+ href="#rationale" class="sectionRef"></a>) describing the rationale
+for the inferences and constraints in greater detail, particularly
+background on events, attributes, the role of inference, and
+accounts. A formal mathematical model that further justifies the
+constraints and inferences is found in [[PROV-SEM]].
</p>
-<div class="interpretation-forward">
-For the interpretation of an activity, see <a href="#start-precedes-end">start-precedes-end</a>.
-</div>
-
-<p>Further considerations:</p>
-<ul>
-<li>An activity is not an entity.
-Indeed, an entity exists in full at
-any point in its lifetime, persists during this
-interval, and preserves the characteristics that makes it
-identifiable. In contrast, an activity is something that occurs, happens,
-unfolds, or develops through time, but is typically not identifiable by
-the characteristics it exhibits at any point during its duration.
-This distinction is similar to the distinction between
-'continuant' and 'occurrent' in logic [[Logic]].</li>
-</ul>
-
-
+</section>
+<section id="audience">
+<h3> Audience </h3>
+
+<p> The audience for this document is the same as for [[PROV-DM]]: developers
+and users who wish to create, process, share or integrate provenance
+records on the (Semantic) Web. Not all PROV-compliant applications
+need to check validity when processing provenance, but many
+applications could benefit from the inference rules specified here.
+Conversely, applications that create or transform provenance should
+try to produce valid provenance, to make it more useful to other
+applications.
+</p>
+
+<p>This document assumes familiarity with [[PROV-DM]].
+</p>
+</section>
</section>
-<section id="term-Generation">
-<h4>Generation</h4>
-
-
-<p>A <dfn id="dfn-Generation">generation</dfn> is an instantaneous world <a title="entity generation event">event</a>, the completed creation of a new
-entity by an activity. This entity becomes available for usage after this <a title="event">instantaneous
-event</a>. This entity did not exist before creation.
- This <a title="event">instantaneous event</a> encompasses a description of the modalities of generation of this entity by this activity, by means of key-value pairs.</p>
-
-
-
-
-<p>
-A generation's id is OPTIONAL. It MUST be used when annotating generations or when defining
-derivations (see <a href="#Derivation-Relation">Derivation</a>).
-</p>
-
-
-<div class="interpretation-forward">
-For the interpretation of a generation, see <a href="#generation-within-activity">generation-within-activity</a>.
-</div>
-
-
-<p>A generation can be used to indicate a generation time without having to specify the involved activity. A generation time is unique, as specified by the following constraint.<p>
-
-<div class='constraint' id='unique-generation-time'>
-Given an entity denoted by <span class="name">e</span> and
-two time instants <span class="name">t1</span> and <span
-class="name">t2</span>,
-<span class='conditional'>if</span> <span class="name">wasGeneratedBy(e, -, t1)</span> and <span class="name">wasGeneratedBy(e, -, t2)</span> hold, then <span class="name">t1</span>=<span class="name">t2</span>.
-</div>
-
-<p></p>
-<div class="structural-forward">
-See <a href="#generation-uniqueness">generation-uniqueness</a> for further structural constraints on generations.
-</div>
-
-
-
-</section>
-
-
-<section id="term-Usage">
-<h3>Usage</h3>
-
-
-
-<p>A <dfn id="dfn-Use">usage</dfn> is an instantaneous world <a title="entity usage event">event</a>: an activity beginning to consume an entity.
-Before this event, the activity had not begun to consume or use to this entity.
- The description includes the modalities of usage of this entity by this activity.</p>
-
-
-
-
-<p>
-A usage id is OPTIONAL. It MUST be present when annotating usages or when defining derivations (see
-<a href="#Derivation-Relation">Derivation</a>).</p>
+
+
+
+<section id="inferences">
+<h2>Inferences and Definitions</h2>
<p>
-A reference to a given entity MAY appear in multiple usages for a given activity identifier.
-</p>
-
-
-<div class="interpretation-forward">
-For the interpretation of a usage, see <a href="#generation-precedes-usage">generation-precedes-usage</a> and <a href="#usage-within-activity">usage-within-activity</a>.
-</div>
-
-
-
-</section>
-
-<section id="term-Start">
-<h3>Start</h3>
-
-
-<p>An <a>activity start event</a> is the <a title="event">instantaneous event</a> that marks the instant an activity starts. It allows for an optional time attribute. <span id="optional-attributes2">Activities also allow for an optional start time attribute. If both are specified, they MUST be the same, as expressed by the following constraint.</span>
-</p>
-
-<div class='constraint' id='unique-startTime'>
-Given an activity <span class="name">activity(a,t1,t2,attrs1)</span> and its start <span class="name">wasStartedBy(id,a,e,t,attrs2)</span>, then <span class="name">t</span>=<span class="name">t1</span>.
-</div>
-</section>
-
-<section id="term-End">
-<h3>End</h3>
-
-
-<p>An <a>activity end event</a> is the <a title="event">instantaneous event</a> that marks the instant an activity ends. It allows for an optional time attribute. <span id="optional-attributes3">Activities also allow for an optional end time attribute. If both are specified, they MUST be the same, as expressed by the following constraint.</span>
+In this section, we describe <a title="inference">inferences</a> and <a title="definition">definitions</a> that MAY be used on
+ provenance data, and a notion of <a
+title="equivalence">equivalence</a> on PROV descriptions.
+An <dfn id="inference">inference</dfn> is a rule that can be applied
+ to PROV descriptions to add new PROV expressions. A <dfn
+ id="definition">definition</dfn> is a rule that states that a
+ provenance expression is equivalent to some other expressions; thus,
+ defined provenance expressions can be replaced by their definitions,
+and vice versa.
</p>
-<div class='constraint' id='unique-endTime'>
-Given an activity <span class="name">activity(a,t1,t2,attrs1)</span> and its end <span class="name">wasEndedBy(id,a,e,t,attrs2)</span>, then <span class="name">t</span>=<span class="name">t2</span>.
-</div>
-
-
-</section>
-
-
-<section id="term-Communication">
-<h3>Communication</h3>
-
-
-
-<p>Communication is formally defined as follows.</p>
-
-<div class='constraint' id='wasInformedBy-Definition'>Given two activities identified by <span class="name">a1</span> and <span class="name">a2</span>,
- <span class="name">wasInformedBy(a2,a1)</span>
-holds, <span class='conditional'>if and only if</span>
+<p> Inferences have the following general form:</p>
+<div class='inference' id='inference-example'>
+ <span class='conditional'>IF</span> <span class="name">hyp_1</span> and ... and
+<span class="name">hyp_k</span> <span class='conditional'>THEN</span>
+ there exists <span class="name">a_1</span> and ... and <span
+ class="name">a_m</span> such that <span
+ class="name">conclusion_1</span> and ... and <span class="name">conclusion_n</span>.
+ </div>
+
+<p>
+ This means that if all of the provenance expressions matching <span class="name">hyp_1</span>... <span class="name">hyp_k</span>
+ can be found in a PROV description, we can add all of the expressions
+ <span class="name">concl_1</span> ... <span class="name">concl_n</span> to the instance, possibly after generating fresh
+ identifiers <span class="name">a_1</span>,...,<span class="name">a_m</span> for unknown objects. These fresh
+ identifiers might later be found to be equal to known identifiers;
+ these fresh identifiers play a similar role in PROV descriptions to existential variables in logic.
+</p>
+<div class='note'>
+ TODO: Is this re-inventing blank nodes in PROV-DM, and do we want to
+ do this? A lot of the inferences have existentially quantified
+ conclusions (and there is some theory that supports this).
+
+ TODO: Make sure conjunctive reading of conclusion is clear.
+ </div>
+
+<p> Definitions have the following general form:</p>
+
+<div class='definition' id='definition-example'>
+ <span class="name">defined_exp</span> holds <span class='conditional'>IF AND ONLY IF </span>
+ there exists <span class="name">a_1</span>,..., <span
+ class="name">a_m</span> such that <span
+ class="name">defining_exp_1</span> and ... and <span class="name">defining_exp_n</span>.
+ </div>
+
+ <p>
+ This means that a provenance expression defined_exp is defined in
+ terms of other expressions. This can be viewed as a two-way
+ inference: If <span class="name">defined_exp</span>
+ can be found in a PROV description, we can add all of the expressions
+<span class="name">defining_exp_1</span> ... <span class="name">defining_exp_n</span> to the instance, possibly after generating fresh
+ identifiers <span class="name">a_1</span>,...,<span class="name">a_m</span> for unknown objects. Conversely, if there
+ exist identifiers <span class="name">a_1</span>...<span class="name">a_m</span> such that <span class="name">defining_exp_1</span>
+ and ... and <span class="name">defining_exp_n</span> hold in the instance, we can add the defined
+ expression <span class="name">def_exp</span>. When an expression is defined in terms of
+ others, it is in a sense redundant; it is safe to replace it with
+ its definition.
+</p>
+
+
+
+<section>
+ <h3>Component 1: Entities and Activities</h3>
+
+
+<p>Communication between activities is <a title="definition">defined</a> in terms
+as the existence of an underlying entity generated by one activity and used by the
+other.</p>
+
+<div class='definition' id='wasInformedBy-definition'>Given two activities identified by <span class="name">a1</span> and <span class="name">a2</span>,
+<span class="name">wasInformedBy(a2,a1)</span>
+holds <span class='conditional'>IF AND ONLY IF</span>
there is an entity with some identifier <span class="name">e</span> and some sets of attribute-value pairs <span class="name">attrs1</span> and <span class="name">attrs2</span>,
-such that <span class="name">wasGeneratedBy(e,a1,-,attrs1)</span> and <span class="name">used(a2,e,-,attrs2)</span> hold.
+such that <span class="name">wasGeneratedBy(-,e,a1,-,attrs1)</span> and <span class="name">used(-,a2,e,-,attrs2)</span> hold.
</div>
-
-<p>
-<div class="interpretation-forward">
-For the interpretation of an information flow ordering, see <a href="#wasInformedBy-ordering">wasInformedBy-ordering</a>.
-</div>
-
-
-<p>The relationship <span class="name">wasInformedBy</span> is not transitive. Indeed, consider the following descriptions.</p>
+<p>The relationship <span class="name">wasInformedBy</span> is not
+transitive. Indeed, consider the following descriptions.</p>
<pre class="codeexample">
wasInformedBy(a2,a1)
wasInformedBy(a3,a2)
@@ -757,171 +424,125 @@
</figure>
</div>
-</section>
-
-
-
-
-<section id="term-StartByActivity">
-<h3>Start by Activity</h3>
-</section>
-
-
-<p>Start of <span class="name">a2</span> by activity <span class="name">a1</span> is specified as follows.</p>
-
-<div class='constraint' id='wasStartedBy'>Given two activities with identifiers <span class="name">a1</span> and <span class="name">a2</span>,
- <span class="name">wasStartedBy(a2,a1)</span>
-holds <span class='conditional'>if and only if</span>
- there exist an entity with some identifier <span class="name">e</span>
-and some attributes <span class="name">gAttr</span> and <span class="name">sAttr</span>,
+
+<p>Start of <span class="name">a2</span> by activity <span
+class="name">a1</span> is <a title="definition">defined</a> as follows.</p>
+
+<div class='definition' id='wasStartedByActivity-definition'>Given two activities with identifiers <span class="name">a1</span> and <span class="name">a2</span>,
+ <span class="name">wasStartedByActivity(a2,a1)</span>
+holds <span class='conditional'>IF AND ONLY IF</span>
+ there exists an entity <span class="name">e</span>
such that
- <span class="name">wasGeneratedBy(e,a1,-,gAttr)</span>
- and <span class="name">wasStartedBy(a2,e,-,sAttr)</span> hold.
-</div>
-
-
-<p>
-
-<div class="interpretation-forward">
-For the interpretation of a control flow ordering, see <a href="#wasStartedBy-ordering">wasStartedBy-ordering</a>.
-</div>
-
-
-
- </section>
-
-
-
- <section id="component2">
-<h3>Component 2: Agents and Responsibility</h3>
-
-
-<section id="term-attribution">
-<h3>Attribution</h3>
-
-
-<div class='inference' id='attribution-implication'>
-<span class='conditional'>If</span>
-<span class="name">wasAttributedTo(e,ag)</span> holds for some identifiers
-<span class="name">e</span> and <span class="name">ag</span>,
-<span class='conditional'>then</span> there exists an activity with some identifier <span class="name">a</span> such that the following statements hold:
-<pre>
-activity(a, t1, t2, attr1)
-wasGenerateBy(e, a, -)
-wasAssociatedWith(a, ag, -, attr2)
-</pre>
-for some sets of attribute-value pairs <span class="name">attr1</span> and <span class="name">attr2</span>, time <span class="name">t1</span>, and <span class="name">t2</span>.
+ <span class="name">wasGeneratedBy(-,e,a1,-,-)</span>
+ and <span class="name">wasStartedBy(-,a2,e,-,-)</span> hold.
</div>
-</section>
-
-
-
-
-<section id="term-Association">
-<h4>Association</h4>
-
-<div id="optional-attributes4">
-<p>In an association of the form <span class="name">wasAssociatedWith(a, ag, -, attr)</span>, the absence of a plan means: either no plan exists, or a plan exists but it is not identified.</p>
-
-
-<p>In an association of the form <span class="name">wasAssociatedWith(a, -, pl, attr)</span>, an agent exists but it is not identified.</p>
-</div>
-
-
-<div class="interpretation-forward">
-For the interpretation of an association, see <a href="#wasAssociatedWith-ordering">wasAssociatedWith-ordering</a>.
-</div>
-
-
-
-</section>
-
-<section id="term-Responsibility">
-<h3>Responsibility</h3>
-</section>
-
-<div class="interpretation-forward">
-For the interpretation of responsibility, see <a href="#actedOnBehalfOf-ordering">actedOnBehalfOf-ordering</a>.
-</div>
-
-
-</section>
-
-
-
-
-
- <section id="component3">
-<h3>Component 3: Derivations</h3>
-
-
-
-
-<section id="Derivation-Relation">
-<h4>Derivation</h4>
-
-<div class="interpretation-forward">
-For the interpretation of a derivation, see <a href="#derivation-usage-generation-ordering">derivation-usage-generation-ordering</a> and <a
-href="#derivation-generation-generation-ordering">derivation-generation-generation-ordering</a>
-</div>
-
-
-<p>
-Note that inferring derivation from usage and generation does not hold
-in general. Indeed, when a generation <span class="name">wasGeneratedBy(g, e2, a, -, attrs2)</span>
-<a>precedes</a> <span class="name">used(u, a, e1, -, attrs1)</span>, for
-some <span class="name">e1</span>, <span class="name">e2</span>, <span class="name">attrs1</span>, <span class="name">attrs2</span>, and <span class="name">a</span>, one
-cannot infer derivation <span class="name">wasDerivedFrom(e2, e1, a, g, u)</span>
-or <span class="name">wasDerivedFrom(e2,e1)</span> since
-of <span class="name">e2</span> cannot possibly be derived from
- <span class="name">e1</span>, given the creation of <span class="name">e2</span> <a>precedes</a> the use
-of <span class="name">e1</span>.
-</p>
-
-<p> Derivation is not defined to be transitive. Domain-specific specializations of derivation may be defined in such a way that the transitivity property
-holds.</p>
-
-
-
-<p></p>
-<div class="structural-forward">
-See <a href="#derivation-use">derivation-use</a> for a structural constraint on derivations.
-</div>
-
-
-
-
</section>
-<section id="term-Revision">
-<h3>Revision</h3>
-
-
-
-<p>A revision needs to satisfy the following constraint, linking the two entities by a derivation, and stating them to be a specialization of a third entity.</p>
+<section >
+<h3>Component 2: Agents</h3>
+
+Attribution identifies an agent as responsible for an entity. An
+agent can only be responsible for an entity if it was associated with
+an activity that generated the entity. If the activity, generation
+and association events are not explicit in the description, they can
+be inferred.
+<div class='inference' id='attribution-implication'>
+<span class='conditional'>If</span>
+<span class="name">wasAttributedTo(e,ag)</span> holds for some identifiers
+<span class="name">e</span> and <span class="name">ag</span>,
+<span class='conditional'>THEN</span> there exists an activity with some identifier <span class="name">a</span> such that the following statements hold:
+<pre>
+activity(a, -, -,-)
+wasGeneratedBy(-,e, a, -,_)
+wasAssociatedWith(-,a, ag, -, -)
+</pre>
+</div>
+
+<p> Responsibility relates agents where one agent acts on behalf of
+another, in the context of some activity. The supervising agent
+delegates some responsibility for part of the activity to the
+subordinate agent, while retaining some responsibility for the overall
+activity. </p>
+
+
+<div class="note">
+ @@TODO: Could this be an inference? Does it imply that
+ a1 is associated with all activities a2 is associated with?
+ </div>
+
+
+</section>
+
+ <section>
+<h3>Component 3: Derivations</h3>
+
+
+ <p>Derivations with an explicit activity and no usage admit the
+ following inference: </p>
+<div class='inference' id='derivation-use'>
+<p>Given an activity <span class="name">a</span>, entities denoted by <span class="name">e1</span> and <span class="name">e2</span>,
+<span class='conditional'>IF</span> <span class="name">wasDerivedFrom(-,e2,e1, a, -)</span> and <span class="name">wasGeneratedBy(-,e2,a,-,-)</span> hold, <span
+class='conditional'>THEN</span> <span class="name">used(-,a,e1,-,-)</span> also holds.
+</div>
+<p>This inference is justified by the fact that the entity denoted by <span class="name">e2</span> is generated by at most one activity in a given account
+(see <a href="#generation-uniqueness">generation-uniqueness</a>). Hence, this activity is also the one referred to by the usage of <span class="name">e1</span>.
+</p>
+
+<div class="note">
+ There is some redundancy in the following discussion.
+ </div>
+
+<p>The converse inference does not hold.
+From <span class="name">wasDerivedFrom(e2,e1)</span> and <span class="name">used(a,e1,-)</span>, one cannot
+derive <span class="name">wasGeneratedBy(e2,a,-)</span> because identifier <span class="name">e1</span> may occur in usages performed by many activities, which may have not generated the entity denoted by <span class="name">e2</span>.</p>
+
+ <p>
+Note that derivation cannot in general be inferred from the existence
+of related usage and generation events. Indeed, when a generation <span class="name">wasGeneratedBy(g, e2, a, -, attrs2)</span>
+<a>precedes</a> <span class="name">used(u, a, e1, -, attrs1)</span>, for
+some <span class="name">e1</span>, <span class="name">e2</span>, <span class="name">attrs1</span>, <span class="name">attrs2</span>, and <span class="name">a</span>, one
+cannot infer derivation <span class="name">wasDerivedFrom(e2, e1, a, g, u)</span>
+or <span class="name">wasDerivedFrom(e2,e1)</span> since
+ <span class="name">e2</span> cannot possibly be derived from
+ <span class="name">e1</span>, given the creation of <span class="name">e2</span> <a>precedes</a> the use
+of <span class="name">e1</span>. That is, if <span class="name">e1</span> is generated
+by an activity before <span class="name">e2</span> is used, then
+obviously <span class="name">e2</span> cannot have been derived from
+<span class="name">e1</span>. However, even if <span
+class="name">e2</span> happens used before <span class="name">e1</span>
+is generated, it is not safe to assume that <span
+class="name">e2</span> was derived from <span class="name">e1</span>.
+</p>
+
+<p> Derivation is not defined to be transitive. Domain-specific specializations of derivation may be defined in such a way that the transitivity property
+holds.</p>
+
+
+
+
+
+<p>A revision admits the following inference, linking the two entities
+ by a derivation, and stating them to be alternates.</p>
<div class='inference' id='wasRevision'>
Given two identifiers <span class="name">e1</span> and <span class="name">e2</span> identifying two entities, and an identifier <span class="name">ag</span> identifying an agent,
-<span class='conditional'>if</span> <span class="name">wasRevisionOf(e2,e1,ag)</span> holds, <span class='conditional'>then</span>
-there exists an entity with some identifier <span class="name">e</span> and some attribute-values <span class="name">eAttrs</span>, <span class="name">dAttrs</span>, such that the following
+<span class='conditional'>IF</span> <span class="name">wasRevisionOf(-,e2,e1,ag)</span> holds, <span class='conditional'>THEN</span> the following
hold:
<pre>
-wasDerivedFrom(e2,e1,dAttrs)
-entity(e,eAttrs)
-specializationOf(e2,e)
-specializationOf(e1,e)
+wasDerivedFrom(-,e2,e1,-)
+alternateOf(e1,e2)
wasAttributedTo(e2,ag)
</pre>
</div>
-<p>
-<div id="optional-attributes5">In a revision of the form <span class="name">wasRevisionOf(e2,e1,-,attr)</span>, the absence of an agent means: either no agent exists, or an agent exists but it is not identified.</div>
-
-
+<div class="note">
+ The following doesn't make sense because wasRevisionOf and
+ wasDerivedFrom have different types.
+ </div>
<p><span class="name">wasRevisionOf</span> is a strict sub-relation
of <span class="name">wasDerivedFrom</span> since two entities <span class="name">e2</span> and <span class="name">e1</span>
may satisfy <span class="name">wasDerivedFrom(e2,e1)</span> without being a variant of
@@ -929,17 +550,14 @@
</p>
-</section>
-
-<section id="term-quotation">
-<h3>Quotation</h3>
-
-
+ <div class="note">
+ Motivation for quotation inference
+ </div>
<div class='inference' id='quotation-implication'>
-<span class='conditional'>If</span>
+<span class='conditional'>IF</span>
<span class="name">wasQuotedFrom(e2,e1,ag2,ag1,attrs)</span> holds for some identifiers
<span class="name">e2</span>, <span class="name">e1</span>, <span class="name">ag2</span>, <span class="name">ag1</span>,
-<span class='conditional'>then</span> the following hold:
+<span class='conditional'>THEN</span> the following hold:
<pre>
wasDerivedFrom(e2,e1)
wasAttributedTo(e2,ag2)
@@ -949,76 +567,125 @@
<p>
-<div id="optional-attributes6">In a quotation of the form <span class="name">wasQuotedFrom(e2,e1,-,-,attrs)</span>, the absence of an agent means: either no agent exists, or an agent exists but it is not identified.</div>
-
-
-</section>
-
-
-
-
-<section id="term-traceability">
-<h3>Traceability</h3>
+
<p>Traceability allows an entity to be transitively linked to another entity it is derived from, to an agent it is attributed to, or another agent having some responsibility, or a trigger of an activity that generated it.</p>
<p>Traceability can be inferred from existing descriptions, or can be asserted stating that a dependency path exists without its individual steps being expressed. This is captured
-by the following inference and constraint, respectively.
+by the following inferences:
<div class='inference' id='traceability-inference'>
Given two identifiers <span class="name">e2</span> and <span class="name">e1</span> for entities,
the following statements hold:
<ol>
-<li><span class='conditional'>If</span> <span class="name">wasDerivedFrom(e2,e1,a,g2,u1)</span> holds, for some <span class="name">a</span>, <span class="name">g2</span>, <span
-class="name">u1</span>, <span class='conditional'>then</span> <span class="name">tracedTo(e2,e1)</span> also holds.</li>
-<li><span class='conditional'>If</span> <span class="name">wasDerivedFrom(e2,e1)</span> holds, <span class='conditional'>then</span> <span class="name">tracedTo(e2,e1)</span> also
+<li><span class='conditional'>IF</span> <span class="name">wasDerivedFrom(e2,e1,a,g2,u1)</span> holds, for some <span class="name">a</span>, <span class="name">g2</span>, <span
+class="name">u1</span>, <span class='conditional'>THEN</span> <span class="name">tracedTo(e2,e1)</span> also holds.</li>
+<li><span class='conditional'>IF</span> <span class="name">wasDerivedFrom(e2,e1)</span> holds, <span class='conditional'>THEN</span> <span class="name">tracedTo(e2,e1)</span> also
holds.</li>
-<li><span class='conditional'>If</span> <span class="name">wasAttributedTo(e2,ag1,aAttr)</span> holds, <span class='conditional'>then</span> <span class="name">tracedTo(e2,ag1)</span> also holds.</li>
-<li><span class='conditional'>If</span> <span class="name">wasAttributedTo(e2,ag2,aAttr)</span>, <span class="name">wasGeneratedBy(e2,a,gAttr)</span>, and <span
+<li><span class='conditional'>IF</span> <span
+class="name">wasAttributedTo(e2,ag1,aAttr)</span> holds, <span
+class='conditional'>THEN</span> <span
+class="name">tracedTo(e2,ag1)</span> also holds.
+</li>
+<li>
+<span class='conditional'>IF</span> <span class="name">wasAttributedTo(e2,ag2,aAttr)</span>, <span class="name">wasGeneratedBy(-,e2,a,-,gAttr)</span>, and <span
class="name">actedOnBehalfOf(ag2,ag1,a,rAttr)</span> hold, for some <span class="name">a</span>, <span class="name">ag2</span>, <span class="name">ag1</span>, <span class="name">aAttr</span>, <span class="name">gAttr</span>, and <span class="name">rAttr</span>, <span
-class='conditional'>then</span> <span class="name">tracedTo(e2,ag1)</span> also holds.</li>
-
-<li><span class='conditional'>If</span> <span class="name">wasGeneratedBy(e2,a,gAttr)</span> and <span class="name">wasStartedBy(a,e1,sAttr)</span> hold, for some <span class="name">a</span>, <span class="name">gAttr</span> , <span class="name">sAttr</span> </li>
-<li><span class='conditional'>If</span> <span class="name">tracedTo(e2,e)</span> and <span class="name">tracedTo(e,e1)</span> hold for some <span class="name">e</span>, <span
-class='conditional'>then</span> <span class="name">tracedTo(e2,e1)</span> also holds.</li>
+class='conditional'>THEN</span> <span class="name">tracedTo(e2,ag1)</span> also holds.</li>
+
+<li><span class='conditional'>IF</span> <span
+class="name">wasGeneratedBy(e2,a,gAttr)</span> and <span
+class="name">wasStartedBy(a,e1,sAttr)</span> hold, for some <span
+class="name">a</span>, <span class="name">gAttr</span> , <span
+class="name">sAttr</span> then <span
+class="name">tracedTo(e2,e1)</span> holds.</li>
+<li><span class='conditional'>IF</span> <span class="name">tracedTo(e2,e)</span> and <span class="name">tracedTo(e,e1)</span> hold for some <span class="name">e</span>, <span
+class='conditional'>THEN</span> <span class="name">tracedTo(e2,e1)</span> also holds.</li>
</ol>
</div>
-<p>We note that the inference rule <a href="#traceability-inference">traceability-inference</a> does not allow us to infer attributes, which are application specific. </p>
-
-<div class='constraint' id='traceability-assertion'>
-<span class='conditional'>If</span> <span class="name">tracedTo(r2,r1,attrs)</span> holds for two identifiers <span class="name">r2</span> and <span class="name">r1</span>
-identifying entities, and attribute-value pairs <span class="name">attrs</span>,
- <span class='conditional'>then</span> there exist
-<span class="name">e<sup>0</sup></span>, <span class="name">e<sup>1</sup></span>, ..., <span class="name">e<sup>n</sup></span> for <span class="name">n≥1</span>, with <span
-class="name">e<sup>0</sup></span>=<span class="name">r2</span> and <span class="name">e<sup>n</sup></span>=<span class="name">r1</span>, and
-for any i such that <span class="name">0≤i≤n-1</span>, at least of the following statements holds:
-<ul>
-<li> <span class="name">wasDerivedFrom(e<sup>i</sup>,e<sup>i+1</sup>,a,g2,u1)</span> holds, for some <span class="name">a</span>, <span class="name">g2</span>, <span class="name">u1</span>,
-or</li>
-<li> <span class="name">wasDerivedFrom(e<sup>i</sup>,e<sup>i+1</sup>)</span> holds, or</li>
-<li> <span class="name">wasAttributedTo(e<sup>i</sup>,e<sup>i+1</sup>)</span> holds, or</li>
-<li> <span class="name">wasAttributedTo(e<sup>i</sup>,e)</span>, <span class="name">wasGeneratedBy(e<sup>i</sup>,a,gAttr)</span>, and <span class="name">actedOnBehalfOf(e,e<sup>i+1</sup>,a,rAttr)</span> hold,
-for some <span class="name">a</span>, <span class="name">e</span> and <span class="name">gAttr</span>, <span class="name">rAttr</span>, or</li>
-<li> <span class="name">wasGeneratedBy(e<sup>i</sup>,a,gAttr) and wasStartedBy(a,e<sup>i+1</sup>,sAttr)</span> hold, for some <span class="name">a</span>, <span class="name">e</span>, and
-<span class="name">gAttr</span>, and <span class="name">sAttr</span>.</li>
-</ul>
-</div>
-
-<p>We note that the previous constraint is not really an inference <em>rule</em>, since there is nothing that we can actually infer. Instead, this constraint should simply be seen as part
-of the definition of the traceability relation. </p>
+<p>We note that the inference rule <a
+href="#traceability-inference">traceability-inference</a> does not
+allow us to infer anything about the attributes of the related
+entities, agents or events.
+</p>
</section>
-</section>
-
-<section id="component4">
+
+ <section>
<h3>Component 4: Alternate Entities</h3>
-
-
-<section id="term-Specialization">
+<div class="note">TODO: There is currently no consensus what inferences on
+ alternate or specialization should be assumed. The following
+ section lists possible inferences that may or may not be adopted. Section is under review, pending ISSUE-29.
+</div>
+
+
+ <p>The relation <span class='name'>alternateOf</span> is an equivalence relation: <a>reflexive</a>,
+ <a>transitive</a> and <a>symmetric</a>.</p>
+
+ <div class='inference' id="alternate-reflexive">
+ For any entity <span class='name'>e</span>, we have <span class='name'>alternateOf(e,e)</span>.
+ </div>
+
+
+ <div class='inference' id="alternate-transitive">
+ For any entities <span class='name'>e1</span>, <span
+ class='name'>e2</span>, <span class='name'>e3</span>, <span class="conditional">IF</span> <span class='name'>alternateOf(e1,e2)</span> and
+ <span class='name'>alternateOf(e2,e3)</span> <span class="conditional">THEN</span> <span class='name'>alternateOf(e1,e3)</span>.
+ </div>
+ <div class='inference' id="alternate-symmetric">
+ For any entity <span class='name'>e1</span>, <span class='name'>e2</span>, <span class='conditional'>IF</span> <span class='name'>alternateOf(e1,e2)</span> <span class='conditional'>THEN</span> <span class='name'>alternateOf(e2,e1)</span>.
+ </div>
+
+<p>Similarly, specialization is a partial order: it is <a>reflexive</a>,
+ <a>anti-symmetric</a> and
+ <a>transitive</a>.</p>
+ <div class='inference' id="specialization-reflexive">
+ For any entity <span class='name'>e</span>, we
+ have <span class='name'>specializationOf(e,e)</span>.
+ </div>
+
+<div class='inference' id="specialization-antisymmetric">
+ For any
+ entities <span class='name'>e1</span>, <span
+ class='name'>e2</span>,
+ <span class='conditional'>IF</span>
+ <span class='name'>specializationOf(e1,e2)</span>
+ and
+ <span class='name'>specializationOf(e2,e1)</span> <span
+ class='conditional'>THEN</span> <span class='name'>e1 = e2</span>.
+ </div>
+ <div class='inference' id="specialization-transitive">
+ For any
+ entities <span class='name'>e1</span>, <span class='name'>e2</span>, <span class='name'>e3</span>, <span class='conditional'>IF</span> <span class='name'>specializationOf(e1,e2)</span>
+ and
+ <span class='name'>specializationOf(e2,e3)</span> <span class='conditional'>THEN</span> <span class='name'>specializationOf(e1,e3)</span>.
+ </div>
+
+
+
+ <p>Finally, if one entity specializes another, then they are also
+ alternates:</p>
+
+ <div class='inference' id="specialization-alternate">
+ For any entities <span class='name'>e1</span>, <span class='name'>e2</span>, <span class='conditional'>IF</span> <span class='name'>specializationOf(e1,e2)</span> <span class='conditional'>THEN</span> <span class='name'>alternateOf(e1,e2)</span>.
+ </div>
+
+
+ <div class="note">TODO: Possible inferences about attributes,
+ generation, invalidation?
+ </div>
+
+
+ <div class="note">
+ The following sections are retained from an older version, and are
+ not consistent with the above constraints. This will be revised
+ once the consensus on ISSUE-29 is clearer.
+ </div>
+
+ <section id="term-Specialization">
<h3>Specialization</h3>
@@ -1034,7 +701,19 @@
</div>
-<p>Specialization is <em>transitive</em>. Indeed if <span class="name">specializationOf(e1,e2)</span> holds, then there is some common thing, say <span class="name">T1-2</span> they both refer to. Likewise, if <span class="name">specializationOf(e2,e3)</span> holds, then there is some common thing, say <span class="name">T2-3</span> they both refer to. The Things <span class="name">T1-2</span> and <span class="name">T2-3</span> are the same since <span class="name">e2</span> refers to only one thing. </p>
+<p>Specialization is <em>transitive</em>. Indeed if <span
+class="name">specializationOf(e1,e2)</span> holds, then there is some
+common thing, say <span class="name">T1-2</span> they both refer to,
+and <span class="name">e1</span> is a more specific aspect of this
+thing than <span class="name">e2</span>. Likewise, if <span
+class="name">specializationOf(e2,e3)</span> holds, then there is some
+common thing, say <span class="name">T2-3</span> they both refer to, and <span class="name">e2</span> is a more specific aspect of this
+thing than <span class="name">e3</span>. The things <span
+class="name">T1-2</span> and <span class="name">T2-3</span> are the
+same since <span class="name">e2</span> is an aspect of both of them,
+so <span
+class="name">specializationOf(e1,e3)</span> follows since <span class="name">e1</span> and <span class="name">e3</span>
+are aspects fo the same thing and <span class="name">e1</span> is more specific than <span class="name">e3</span>. </p>
<div class="anexample" id="anexample-specialization-is-transitive">
@@ -1072,7 +751,7 @@
<div class="anexample" id="anexample-alternate-not-transitive1">
-<p>At 6pm, the customer in a chair is a woman in a red dress, who happens to be Alice. After she leaves, another customer arrives at 7pm, a man with glasses, who happens to be Bob. Transitivity does not hold since the <span class="name">womanInRedDress</span> is not alternate of <span class="name">customerInChairAt7pm</span>.
+<p>At 6pm, the customer in a chair is a woman in a red dress, who happens to be Alice. After she leaves, another customer arrives at 7pm, a man with glasses, who happens to be Bob. Transitivity does not hold since the <span class="name">womanInRedDress\</span> is not alternate of <span class="name">customerInChairAt7pm</span>.
<pre>
alternate(womanInRedDress,customerInChairAt6pm)
specialization(customerInChairAt6pm,Alice)
@@ -1097,105 +776,311 @@
</section>
-
-
-
-
+</section>
+
+
+
+ <section id="equivalence">
+<h2>Equivalence</h2>
+
+
+ For the purpose of checking inferences and constraints, we define a
+notion of <a>equivalence</a> of PROV descriptions. Equivalence is
+has the following characteristics:
+
+
+<ul>
+ <li>Missing attributes that are interpreted as omitted values are
+ handled by generating a fresh
+ identifier for the omitted value.
+ </li>
+ <li> Redundant expressions are merged according to uniqueness
+ constraints. </li>
+ <li>
+ The order of provenance expressions is irrelevant to the meaning of a PROV description. That is, a
+ PROV description is equivalent to any other instance obtained by
+ permuting its expressions.
+ </li>
+ <li>
+ Inference rules and definitions preserve equivalence. That is, a <a>PROV
+ instance</a> is equivalent to the instance obtained by applying any
+ inference rule.
+ </li>
+ <li>Equivalence is reflexive, symmetric, and transitive.</li>
+</ul>
+
+ <section id="optional-attributes">
+ <h3>Optional Attributes</h3>
+
+<div class="note">
+ TODO: Clarify how optional attributes are handled; clarify merging. The following is
+ not very explicit about the difference between "not present" and
+ "omitted but inferred".
+ </div>
+<div id="optional-attributes1">PROV-DM allows for some attributes to
+ be optionally expressed. Unless otherwise specified, when an
+ optional attribute is not present in a description, some value
+ SHOULD be assumed to exist for this attribute, though it is not
+ known which.
+
+ The only exceptions are:
+ <ul>
+ <li><span id="optional-attributes2">Activities also allow for an
+ optional start time attribute. If both are specified, they MUST be
+ the same, as expressed by the following constraint.</span></li>
+ <li><span id="optional-attributes3">Activities also allow for an optional end time attribute. If both are specified, they MUST be the same, as expressed by the following constraint.</span></li>
+ <li>
+ <div id="optional-attributes6">In a quotation of the form <span class="name">wasQuotedFrom(e2,e1,-,-,attrs)</span>, the absence of an agent means: either no agent exists, or an agent exists but it is not identified.</div>
+</li>
+<li><div id="optional-attributes4">In an association of the form
+ <span class="name">wasAssociatedWith(a, ag, -, attr)</span>, the
+ absence of a plan means: either no plan exists, or a plan exists but
+ it is not identified.</div></li>
+ <li><div id="optional-attributes5">
+In an association of the form <span class="name">wasAssociatedWith(a, -, pl, attr)</span>, an agent exists but it is not identified.</div>
+</li>
+<li><div id="optional-activity">
+In a a delegation of the form <span class="name">actedOnBehalfOf(a,
+ ag2, ag1, -, attr)</span>, the absence of an activity means that
+ <span class="name">a2</span> acts on behalf of <span
+ class="name">a1</span> for all activities with which <span
+ class="name">a2</span> is
+ associated.
+</div></li>
+ </ul>
+</div>
</section>
-
-
-
-<section id="account-constraints">
-<h3>PROV-DM Account Constraints</h3>
-
-
-<p>PROV-DM allows for multiple descriptions of entities (and in general any identifiable object) to be expressed. </p>
-
-<div class="anexample" id="example-two-entities-one-id">
-<p>Let us consider two descriptions of a same entity, which we have taken from two different contexts. A working draft published by the <span class="name">w3:Consortium</span>:</p>
-<pre class="codeexample">
-entity(tr:WD-prov-dm-20111215, [ prov:type="pr:RecsWD" %% xsd:QName ])
-</pre>
-The second version of a document edited by some authors:
-<pre class="codeexample">
-entity(tr:WD-prov-dm-20111215, [ prov:type="document", ex:version="2" ])
-</pre>
-<p>Both descriptions are about the same entity identified by
-<span class="name">tr:WD-prov-dm-20111215</span>, but they contain different attributes, describing the situation or partial state of the these entities according to the context in which they occur.
-</p>
-</div>
-
-
-
-<p>Two different descriptions of a same entity cannot co-exist in a same account
- as formalized in <a href="#unique-description-in-account">unique-description-in-account</a>.</p>
-
-<div class='constraint' id='unique-description-in-account'>
-<p>Given an entity identifier <span class="name">e</span>, there is at most one description
-<span class="name">entity(e,attrs)</span> occurring in a given account, where <span class="name">attrs</span> is some set of attribute-values. Other descriptions of the same entity can exist in different accounts.</p>
-
-<p>This constraint similarly applies to all other types and relations, with explicit identity.</p>
-</div>
+<section id="normalization">
+<h3>Normalization</h3>
+
<p>
- <div class="structural-forward">
- See Section <a href="#structural-constraints">structural-constraints</a> for a structural constraint on accounts
- </div>
-
-
-<p>In some cases, there may be a requirement for two different descriptions of a same entity to be included in a same account. To satisfy the constraint <a href="#unique-description-in-account">unique-description-in-account</a>, we can adopt a different identifier for one of them, and relate the two descriptions with the <span class="name">alternateOf</span> relation. </p>
-
-<div class="anexample" id="merge-with-rename">
-<p>We now reconsider the same two descriptions of a same entity, but we change the identifier for one of them:</p>
-<pre class="codeexample">
-entity(tr:WD-prov-dm-20111215, [ prov:type="pr:RecsWD" %% xsd:QName ])
-entity(ex:alternate-20111215, [ prov:type="document", ex:version="2" ])
-alternateOf(tr:WD-prov-dm-20111215,ex:alternate-20111215)
-alternateOf(ex:alternate-20111215,tr:WD-prov-dm-20111215)
-</pre>
-</div>
-
+We define the <dfn>normal form</dfn> of a PROV description as the set
+of provenance expressions resulting from merging all of the overlapping
+expressions in the instance and applying all possible inference rules
+to this set. Formally, we say that two PROV descriptions are
+<dfn>equivalent</dfn> if they have the same normal form (that is,
+after applying all possible inference rules, the two instances produce
+the same set of PROV-DM expressions.)
+</p>
+
+<div class="note">
+ We should check that normal forms exist, i.e. that applying rules
+ and definitions eventually terminates. More clarity is needed about
+ enforcing uniqueness via merging vs. constraint checking.
+ </div>
+
+<p> An application that processes PROV-DM data SHOULD handle
+equivalent instances in the same way. (Common exceptions to this rule
+include, for example, pretty printers that seek to preserve the
+original order of statements in a file and avoid expanding
+inferences.) </p>
</section>
-
-
- <section id="interpretation">
-<h3>PROV-DM Event Ordering Constraints</h3>
-
-<p>Section <a href="#section-time-event">section-time-event</a>
-introduces a notion of <a title="event">instantaneous event</a>
-marking changes in the world, in its activities and entities. PROV-DM
-identifies five kinds of <a title="event">instantaneous events</a>, namely <a>entity generation
+
+</section> <!-- inferences -->
+
+<section id="constraints">
+<h2>Validity Constraints</h2>
+
+
+
+
+<p>
+This section defines a collection of constraints on PROV descriptions. An PROV description is <dfn id="dfn-valid">valid</dfn>
+ if, after applying all possible inference and definition rules from
+ <a href="#inferences">Section 2</a>, the resulting instance
+ satisfies all of the constraints specified in this section.
+ Applications that process PROV descriptions SHOULD check that the data
+ they generate is <a title="valid">valid</a> and MAY reject input
+ provenance data that is not <a title="valid">valid</a>.
+ </p>
+
+ <p> There are two kinds of constraints:
+ <ul><li><em>uniqueness constraints</em> that say that a <a>PROV
+ instance</a> can contain at most one expression or that multiple
+ expressions about the same objects need to have the same values (for
+ example, if we describe the same generation event twice, then the
+ two expressions should have the same times);
+ </li>
+ <li> and <em>event ordering constraints</em> that say that it
+ should be possible to arrange the
+ events (generation, usage, invalidation, start, end) described in a
+ PROV description into a partial order that corresponds to a sensible
+ "history" (for example, an entity should not be generated after it
+ is used).
+ </li>
+ </ul>
+
+<p>The PROV data model is implicitly based on a notion of <dfn
+ id="dfn-event">instantaneous event</dfn>s (or just <a
+ title="instantaneous event">event</a>s), that mark
+transitions in the world. Events include generation, usage, or
+invalidation of entities, as well as starting or ending of activities. This
+notion of event is not first-class in the data model, but it is useful
+for explaining its other concepts and its semantics [[PROV-SEM]].
+Thus, events help justify <i>inferences</i> on provenance as well as
+<i>validity</i> constraints indicating when provenance is self-consistent. In <a href="#section-event-time" class="sectionRef"></a> we
+discuss the motivation for <a title="instantaneous event">instantaneous events</a>
+and their relationship to time in greater detail.</p>
+
+<p> PROV-DM
+identifies five kinds of <a title="instantaneous event">instantaneous events</a>, namely <a>entity generation
event</a>, <a>entity usage event</a>, <a>entity invalidation event</a>, <a>activity start event</a>
and <a>activity end event</a>. PROV-DM adopts Lamport's clock
assumptions [[CLOCK]] in the form of a reflexive, transitive partial order <a>follows</a>
-(and its inverse <a>precedes</a>) between <a title="event">instantaneous events</a>. Furthermore,
-PROV-DM assumes the existence of a mapping from <a title="event">instantaneous events</a> to time clocks,
+(and its inverse <a>precedes</a>) between <a title="instantaneous event">instantaneous events</a>. Furthermore,
+PROV-DM assumes the existence of a mapping from <a title="instantaneous event">instantaneous events</a> to time clocks,
though the actual mapping is not in scope of this specification.</p>
+
+<div class="note">
+ TODO: More about what it means for constraints to be satisfied;
+ constraint template(s)
+ </div>
+
+ <section id="structural-constraints">
+<h3>Uniqueness Constraints</h3>
+
+<div class="note">
+Attribute uniqueness constraints?
+</div>
+
+ <p> We assume that the various identified objects of PROV-DM have
+ unique expressions describing them within a PROV description.
+ </p>
+ <div class='constraint' id='entity-unique'>
+<p>Given an entity identifier <span class="name">e</span>, there is at
+ most one expression
+<span class="name">entity(e,attrs)</span>, where <span
+ class="name">attrs</span> is some set of attribute-values.</p>
+ </div>
+ <div class='constraint' id='activity-unique'>
+<p>Given an activity identifier <span class="name">a</span>, there is
+ at most one expression
+<span class="name">activity(a,t1,t2,attrs)</span>, where <span
+ class="name">attrs</span> is some set of attribute-values.</p>
+ </div>
+ <div class="note">TODO: Same goes for all other objects:
+ agent, note, generation, usage, invalidation, start, end,
+ communication, start by, attribution, association, responsibility,
+ derivation, revision, quotation. We should find a
+ way of saying this once concisely.
+ </div>
+
+<p>We assume that an entity has exactly one generation and
+invalidation event (either or both may, however, be left implicit).
+So, PROV-DM allows for two distinct <a>generations</a> <span class="name">g1</span> and <span class="name">g2</span> referencing the same entity provided they occur
+<em>simultaneously</em>.
+This implies that the two generation events are actually the same and
+caused by the same <em>activity</em>, though provenance may contain
+several descriptions for the same world activity.
+</p>
+
+
+<div class='constraint' id='generation-uniqueness'>Given an entity denoted by <span class="name">e</span>, two activities denoted by <span class="name">a1</span> and <span
+class="name">a2</span>, two time instants <span class="name">t1</span> and <span
+class="name">t2</span>, and two sets of attribute-value pairs <span class="name">attrs1</span> and <span class="name">attrs2</span>,
+<span class='conditional'>IF</span> <span class="name">wasGeneratedBy(id1, e, a1, t1, attrs1)</span> and <span class="name">wasGeneratedBy(id2, e, a2, t2, attrs2)</span> exist,
+<span class='conditional'>THEN</span> <span class="name">id1</span>=<span class="name">id2</span>, <span class="name">a1</span>=<span class="name">a2</span>, <span class="name">t1</span>=<span class="name">t2</span> and <span class="name">attrs1</span>=<span class="name">attrs2</span>.
+</div>
+
+<div class="note">
+Wouldn't the above constraint violate uniqueness?
+</div>
+
+<div class="note">
+Invalidation uniqueness?
+</div>
+
+<p>A generation can be used to indicate a generation time without having to specify the involved activity. A generation time is unique, as specified by the following constraint.<p>
+<div class="note">
+Seems redundant given generation-uniqueness
+</div>
+<div class='constraint' id='unique-generation-time'>
+Given an entity denoted by <span class="name">e</span> and
+two time instants <span class="name">t1</span> and <span
+class="name">t2</span>,
+<span class='conditional'>IF</span> <span class="name">wasGeneratedBy(e, -, t1)</span> and <span class="name">wasGeneratedBy(e, -, t2)</span> hold, <span class='conditional'>THEN</span> <span class="name">t1</span>=<span class="name">t2</span>.
+</div>
+
+<p>An <a>activity start event</a> is the <a title="instantaneous event">instantaneous event</a> that marks the instant an activity starts. It allows for an optional time attribute. <span id="optional-start-time">Activities also allow for an optional start time attribute. If both are specified, they MUST be the same, as expressed by the following constraint.</span>
+</p>
+
+<div class='constraint' id='unique-startTime'>
+<span class='conditional'>IF</span> <span class="name">activity(a,t1,t2,-)</span> and <span class="name">wasStartedBy(id,a,e,t,-)</span>, <span class='conditional'>THEN</span> <span class="name">t</span>=<span class="name">t1</span>.
+</div>
+
+<p>An <a>activity end event</a> is the <a title="instantaneous event">instantaneous event</a> that marks the instant an activity ends. It allows for an optional time attribute. <span id="optional-end-time">Activities also allow for an optional end time attribute. If both are specified, they MUST be the same, as expressed by the following constraint.</span>
+</p>
+
+<div class='constraint' id='unique-endTime'>
+<span class='conditional'>IF</span> <span
+ class="name">activity(a,t1,t2,-)</span> and <span
+ class="name">wasEndedBy(id,a,e,t,-)</span>, <span
+ class='conditional'>THEN</span> <span class="name">t</span> = <span class="name">t2</span>.
+</div>
+
+
+
+
+</section> <!-- uniqueness-constraints-->
+
+<section id="event-ordering-constraints">
+<h3>Event Ordering Constraints</h3>
+
+
<p>Given that provenance consists of a description of past entities
-and activities, to be meaningful provenance descriptions MUST
+and activities, <a>valid</a> provenance descriptions MUST
satisfy <em>ordering constraints</em> between instantaneous events, which we introduce in
this section. For instance, an entity can only be used after it was
generated; hence, we say that an entity's <a title="entity generation
event">generation event</a> precedes any of this
-entity's <a title="entity usage event">usage event</a>. Should this
-ordering constraint be proven invalid, the associated generation and
+entity's <a title="entity usage event">usage events</a>. Should this
+ordering constraint be violated, the associated generation and
usage could not be credible. The rest of this section defines
the <dfn>temporal interpretation</dfn> of provenance descriptions as a
set of instantaneous event ordering constraints. </p>
+<p>To allow for minimalistic clock assumptions, like Lamport
+[[CLOCK]], PROV-DM relies on a notion of relative ordering of <a title="instantaneous event">instantaneous events</a>,
+without using physical clocks. This specification assumes that a partial order exists between <a title="instantaneous event">instantaneous events</a>.
+</p>
+
+
+<p>Specifically, <dfn id="dfn-precedes">precedes</dfn> is a partial
+order between <a title="instantaneous event">instantaneous events</a>. When we say
+<span class="name">e1</span> precedes <span class="name">e2</span>,
+this means that either the two events are equal or <span
+class="name">e1</span> happened before <span class="name">e2</span>.
+For symmetry, <dfn id="dfn-follows">follows</dfn> is defined as the
+inverse of <a title="precedes">precedes</a>; that is, when we say
+<span class="name">e1</span> follows <span class="name">e2</span>,
+this means that either the two events are equal or <span
+class="name">e1</span> happened after <span
+class="name">e2</span>. Both relations are partial orders, meaning
+that they are reflexive, transitive, and antisymmetric.</p>
+
+<div class="note"> Define reflexivity, transitivity
+and antisymmetry in glossary. Also, do we want to allow an event to
+ "precede" itself?
+</div>
+
+<div class="note">
+ The following discussion is unclear: what is being said here, and why?
+ </div>
+
<p>PROV-DM also allows for time observations to be inserted in
specific provenance descriptions, for each of the five kinds
-of <a title="event">instantaneous events</a> introduced in this specification. The
+of <a title="instantaneous event">instantaneous events</a> introduced in this specification. The
presence of a time observation for a given <a>instantaneous event</a> fixes the
mapping of this <a>instantaneous event</a> to the timeline. The presence of time
information in a provenance description instantiates the ordering constraint with
that time information. It is expected that such instantiated
-constraint can help corroborate provenance information. We anticipate
+constraints can help corroborate provenance information. We anticipate
that verification algorithms could be developed, though this
verification is outside the scope of this specification.
</p>
@@ -1205,69 +1090,241 @@
right. Activities are represented by rectangles, whereas entities are
represented by circles. Usage, generation and derivation are
represented by the corresponding edges between entities and
-activities. The four kind of <a title="event">instantaneous events</a> are represented by vertical
+activities. The five kinds of <a title="instantaneous event">instantaneous events</a> are represented by vertical
dotted lines (adjacent to the vertical sides of an activity's
rectangle, or intersecting usage and generation edges). The ordering
-constraints are represented by triangles: an occurrence of a triangle between two <a title="event">instantaneous event</a> vertical dotted lines represents that the event denoted by the left
+constraints are represented by triangles: an occurrence of a triangle between two <a title="instantaneous event">instantaneous event</a> vertical dotted lines represents that the event denoted by the left
line precedes the event denoted by the right line.</p>
+
+
<div style="text-align: center;">
<figure>
-<img src="images/constraints.png" alt="constraints between events" />
-<figcaption id="constraint-summary">Summary of <a title="event">instantaneous event</a> ordering constraints</figcaption>
+<figcaption id="ordering-activity-fig">Summary of <a title="instantaneous event">instantaneous event</a> ordering constraints for activities</figcaption>
+<img src="../images/ordering-activity.png" alt="constraints between events" />
</figure>
</div>
-
-
-<p>The mere existence of an activity entails some <a>event</a> ordering, since an <a>activity start event</a> always <a>precedes</a> the corresponding <a>activity end
+<!-- Constraint template:
+<span class="conditional">IF</span>
+<span class="name">blah</span>
+and
+<span class="name">blah</span>
+<span class="conditional">THEN</span>
+<span class="name">XX</span>
+<a>precedes</a>
+<span class="name">YY</span>.
+-->
+
+<section>
+<h3>Activity constraints</h3>
+
+<p>
+In this section we discuss constraints from the perspective of
+the <a>lifetime</a> of an activity. An activity starts, then during
+its lifetime uses, generates entities and communicates with or starts
+other
+activities, and finally ends. The following constraints amount to
+checking that all of the events associated with an activity take place
+within the activity's lifetime, and the start and end events mark the
+start and endpoints of its lifetime.
+</p>
+
+<hr />
+
+<p>The existence of an activity implies that the <a>activity start event</a> always <a>precedes</a> the corresponding <a>activity end
event</a>. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (a) and expressed by constraint <a href="#start-precedes-end">start-precedes-end</a>.</p>
-
-<div class='interpretation' id='start-precedes-end'> The following ordering constraint holds for any activity: the
-<a title="activity start event">start event</a> <a>precedes</a> the <a title="activity end event">end event</a>.</div>
-
-<p> A usage and a generation for a given entity implies ordering of <a title="event">events</a>, since the <a title="entity generation
-event">generation event</a> had to precede the <a title="entity usage event">usage event</a>. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (b) and expressed by constraint <a href="#generation-precedes-usage">generation-precedes-usage</a>.</p>
-
-<div class='interpretation' id='generation-precedes-usage'>For any entity, the following ordering constraint holds: the <a title="entity generation event">generation</a> of an entity always
-<a>precedes</a> any of its <a title="entity usage event">usages</a>.
-</div>
-
-
-<p>Invalidation is defined at the event at which an entity ceases to exist as such. All usages of an entity precede its invalidation, which is captured by constraint <a href="#usage-precedes-invalidation">usage-precedes-invalidation</a> (without any explicit graphical representation).</p>
-
-<div class='interpretation' id='usage-precedes-invalidation'>For any entity, the following ordering constraint holds: any <a title="entity usage event">usage</a> of an entity always
-<a>precedes</a> its <a title="entity invalidation event">invalidation</a>.
+illustrated by Subfigure <a href="#ordering-activity-fig">ordering-activity-fig</a> (a) and expressed by constraint <a href="#start-precedes-end">start-precedes-end</a>.</p>
+<div class='constraint' id='start-precedes-end'>
+<span class="conditional">IF</span>
+<span class="name">wasStartedBy(start,a,-,-)</span>
+and
+<span class="name">wasEndedBy(end,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">end</span>.
</div>
-<p>By transitivity with <a href="#generation-precedes-usage">generation-precedes-usage</a>, generation of an entity precedes its invalidation. </p>
-
-
-
-<p>A usage implies ordering of <a title="event">events</a>, since the <a title="entity usage event">usage event</a> had to occur during the associated activity. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (c) and expressed by constraint <a href="#usage-within-activity">usage-within-activity</a>.</p>
-
-<div class='interpretation' id='usage-within-activity'>Given an activity with identifier <span class="name">a</span>, an entity with identifier <span class="name">e</span>, a set
-of attribute-value pairs <span class="name">attrs</span>, and optional time <span class="name">t</span>, <span class='conditional'>if</span>
- <span class="name">used(a,e,attrs)</span> or <span class="name">used(a,e,attrs,t)</span> holds, <span class='conditional'>then</span> the following ordering constraint holds:
- the <a title="entity usage event">usage</a> of the entity denoted by <span class="name">e</span> <a>precedes</a> the <a title="activity end event">end</a> of
-activity denoted by <span class="name">a</span> and <a>follows</a> its <a title="activity start event">start</a>.
+<hr />
+
+<p>A usage implies ordering of <a title="instantaneous event">events</a>, since the <a title="entity usage event">usage event</a> had to occur during the associated activity. This is
+illustrated by Subfigure <a href="#ordering-activity-fig">ordering-activity-fig</a> (b) and expressed by constraint <a href="#usage-within-activity">usage-within-activity</a>.</p>
+
+<div class='constraint' id='usage-within-activity'>
+<ol>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">used(use,a,e,-,-)</span>
+and
+<span class="name">wasStartedBy(start,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">use</span>.
+ </li>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">used(use,a,e,-,-)</span>
+and
+<span class="name">wasEndedBy(end,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">use</span>
+<a>precedes</a>
+<span class="name">end</span>.
+ </li>
+ </ol>
</div>
-
-
-<p>A generation implies ordering of <a title="event">events</a>, since the <a title="entity generation event">generation event</a> had to occur during the associated activity. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (d) and expressed by constraint <a href="#generation-within-activity">generation-within-activity</a>.</p>
-
-<div class='interpretation' id='generation-within-activity'>Given an activity with identifier <span class="name">a</span>, an entity with identifier <span class="name">e</span>, a set
-of attribute-value pairs <span class="name">attrs</span>, and optional time <span class="name">t</span>, <span class='conditional'>if</span> <span class="name">wasGeneratedBy(e,a,attrs)</span> or <span
-class="name">wasGeneratedBy(e,a,attrs,t)</span> holds, <span class='conditional'>then</span> the following ordering constraint also holds: the <a title="entity generation
-event">generation</a> of the entity denoted by <span class="name">e</span> <a>precedes</a> the <a title="activity end event">end</a>
-of activity <span class="name">a</span> and <a>follows</a> the <a title="activity start event">start</a> of <span class="name">a</span>.
+<hr />
+
+
+<p>A generation implies ordering of <a title="instantaneous event">events</a>, since the <a title="entity generation event">generation event</a> had to occur during the associated activity. This is
+illustrated by Subfigure <a href="#ordering-activity-fig">ordering-activity-fig</a> (c) and expressed by constraint <a href="#generation-within-activity">generation-within-activity</a>.</p>
+
+<div class='constraint' id='generation-within-activity'>
+ <ol>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">wasGeneratedBy(gen,a,e,-,-)</span>
+and
+<span class="name">wasStartedBy(start,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">gen</span>.
+ </li>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">wasGeneratedBy(gen,a,e,-,-)</span>
+and
+<span class="name">wasEndedBy(end,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">end</span>.
+ </li>
+ </ol>
</div>
+<hr />
+
+<p>Communication between two activities <span class="name">a1</span> and <span class="name">a2</span> also implies ordering of <a
+title="instantaneous event">events</a>, since some entity must have been generated by the former and used by the latter, which implies that the start event of <span class="name">a1</span>
+cannot follow the end event of <span class="name">a2</span>. This is
+illustrated by Subfigure <a href="#ordering-activity-fig">ordering-activity-fig</a> (d) and expressed by constraint <a href="#wasInformedBy-ordering">wasInformedBy-ordering</a>.</p>
+
+<div class='constraint' id='wasInformedBy-ordering'>
+ <span class="conditional">IF</span>
+<span class="name">wasInformedBy(a2,a1)</span>
+and
+<span class="name">wasStartedBy(start,a1,-,-)</span>
+and
+<span class="name">wasEndedBy(end,a2,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">end</span>.
+
+</div>
+
+<hr />
+
+<p>Start of <span class="name">a2</span> by activity <span class="name">a1</span> also implies ordering of <a
+title="instantaneous event">events</a>, since <span class="name">a1</span> must have been active before <span class="name">a2</span> started. This is
+illustrated by Subfigure <a href="#ordering-activity-fig">ordering-activity-fig</a> (e) and expressed by constraint <a href="#wasStartedByActivity-ordering">wasStartedByActivity-ordering</a>.</p>
+
+
+<div class='constraint' id='wasStartedByActivity-ordering'>
+ <span class="conditional">IF</span>
+<span class="name">wasStartedByActivity(a2,a1)</span>
+and
+<span class="name">wasStartedBy(start1,a1,-,-)</span>
+and
+<span class="name">wasStartedBy(start2,a2,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start1</span>
+<a>precedes</a>
+<span class="name">start2</span>.
+
+</div>
+
+</section>
+
+<section>
+<h3> Entity constraints</h3>
+
+<p>
+As with activities, entities have lifetimes: they are generated, then
+can be used, revised, or other entities can be derived from them, and
+finally are invalidated.
+</p>
+
+
+
+<div style="text-align: center;">
+<figure>
+<figcaption id="ordering-entity-fig">Summary of <a title="instantaneous event">instantaneous event</a> ordering constraints for entities</figcaption>
+<img src="../images/ordering-entity.png" alt="ordering constraints for entities" />
+</figure>
+</div>
+
+
+<hr />
+
+<p>Generation of an entity precedes its invalidation. (This
+follows from other constraints if the entity is used, but we state it
+explicitly to cover the case of an entity that is generated and
+invalidated without being used.)</p>
+
+<div class='constraint' id='generation-precedes-invalidation'>
+ <span class="conditional">IF</span>
+<span class="name">wasGeneratedBy(gen,e,_,_)</span>
+and
+<span class="name">wasInvalidatedBy(inv,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+</div>
+<hr />
+
+<p> A usage and a generation for a given entity implies ordering of <a title="instantaneous event">events</a>, since the <a title="entity generation
+event">generation event</a> had to precede the <a title="entity usage event">usage event</a>. This is
+illustrated by Subfigure <a href="#ordering-entity-fig">ordering-entity-fig</a> (a) and expressed by constraint <a href="#generation-precedes-usage">generation-precedes-usage</a>.</p>
+
+<div class='constraint' id='generation-precedes-usage'>
+ <span class="conditional">IF</span>
+<span class="name">wasGeneratedBy(gen,e,_,_)</span>
+and
+<span class="name">used(use,_,e,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">use</span>.
+</div>
+
+<hr />
+
+<p>All usages of an entity precede its invalidation, which is captured by constraint <a href="#usage-precedes-invalidation">usage-precedes-invalidation</a> (without any explicit graphical representation).</p>
+
+<div class='constraint' id='usage-precedes-invalidation'>
+ <span class="conditional">IF</span>
+<span class="name">used(use,_,e,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,e,_,_)</span>
+<span class="conditional">THEN</span>
+<span class="name">use</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+</div>
+
+
+
+<hr />
+
+
+
@@ -1276,32 +1333,38 @@
First, we consider derivations, where the activity and usage are known. In that case, the <a title="entity usage event">usage</a> of <span class="name">e1</span> has to precede the <a title="entity generation
event">generation</a> of <span class="name">e2</span>.
This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (e) and expressed by constraint <a
+illustrated by Subfigure <a href="#ordering-entity-fig">ordering-entity-fig</a> (b) and expressed by constraint <a
href="#derivation-usage-generation-ordering">derivation-usage-generation-ordering</a>.</p>
-<div class='interpretation' id='derivation-usage-generation-ordering'>Given an activity with identifier <span class="name">a</span>, entities with identifier <span
-class="name">e1</span> and <span class="name">e2</span>, a generation identified by <span class="name">g2</span>, and a usage identified by <span class="name">u1</span>, <span
-class='conditional'>if</span> <span class="name">wasDerivedFrom(e2,e1,a,g2,u1,attrs)</span>
- holds, <span class='conditional'>then</span>
-the following ordering constraint holds:
-the <a title="entity usage event">usage</a>
-of entity denoted by <span class="name">e1</span> <a>precedes</a> the <a title="entity generation event">generation</a> of
-the entity denoted by <span class="name">e2</span>.
+<div class='constraint' id='derivation-usage-generation-ordering'>
+ <span class="conditional">IF</span>
+<span class="name">wasDerivedFrom(d,e2,e1,a,g2,u1,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">u1</span>
+<a>precedes</a>
+<span class="name">g2</span>.
+
</div>
+<hr />
<p>When the usage is unknown, a similar constraint exists, except that the constraint refers to its
generation event, as
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (f) and expressed by constraint <a
+illustrated by Subfigure <a href="#ordering-entity-fig">ordering-entity-fig</a> (c) and expressed by constraint <a
href="#derivation-generation-generation-ordering">derivation-generation-generation-ordering</a>.</p>
-<div class='interpretation' id='derivation-generation-generation-ordering'>
-Given two entities denoted by <span class="name">e1</span> and <span class="name">e2</span>, <span class='conditional'>if</span> <span
-class="name">wasDerivedFrom(e2,e1, attrs)</span>
- holds, <span class='conditional'>then</span> the following ordering constraint holds:
-the <a title="entity generation event">generation event</a> of the entity denoted by <span class="name">e1</span> <a>precedes</a> the <a title="entity generation event">generation event</a>
-of
-the entity denoted by <span class="name">e2</span>.
+<div class='constraint'
+ id='derivation-generation-generation-ordering'>
+ <span class="conditional">IF</span>
+<span class="name">wasDerivedFrom(e2,e1,attrs)</span>
+ and
+<span class="name">wasGeneratedBy(gen1,e1,_,_)</span>
+ and
+<span class="name">wasGeneratedBy(gen2,e2,_,_)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen1</span>
+<a>precedes</a>
+<span class="name">gen2</span>.
</div>
<p>Note that event ordering is between generations of <span class="name">e1</span>
@@ -1309,314 +1372,203 @@
which implies ordering ordering between the usage of <span class="name">e1</span> and
generation of <span class="name">e2</span>. </p>
-<p>Communication between two activities <span class="name">a1</span> and <span class="name">a2</span> also implies ordering of <a
-title="event">events</a>, since some entity must have been generated by the former and used by the latter, which implies that the start event of <span class="name">a1</span>
-cannot follow the end event of <span class="name">a2</span>. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (g) and expressed by constraint <a href="#wasInformedBy-ordering">wasInformedBy-ordering</a>.</p>
-
-<div class='interpretation' id='wasInformedBy-ordering'>
-Given two activities denoted by <span class="name">a1</span> and <span class="name">a2</span>, <span class='conditional'>if</span> <span
-class="name">wasInformedBy(a2,a1)</span>
- holds, <span class='conditional'>then</span> the following ordering constraint holds:
-the <a title="activity start event">start event</a> of the activity denoted by <span class="name">a1</span> <a>precedes</a> the <a title="activity end event">end event</a> of
-the activity denoted by <span class="name">a2</span>.
+<hr />
+
+<p>The entity that triggered the start of an activity must exist before the activity starts.
+This is
+illustrated by Subfigure <a href="#ordering-entity-trigger-fig">ordering-entity-trigger-fig</a> (a) and expressed by constraint <a href="#wasStartedBy-ordering">wasStartedBy-ordering</a>.</p>
+
+
+<div class='constraint' id='wasStartedBy-ordering'>
+ <ol>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">wasStartedBy(start,a,e,-)</span>
+and
+<span class="name">wasGeneratedBy(gen,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">start</span>.
+ </li><li>
+ <span class="conditional">IF</span>
+<span class="name">wasStartedBy(start,a,e,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+ </li>
+ </ol>
</div>
-
-<p>Start of <span class="name">a2</span> by activity <span class="name">a1</span> also implies ordering of <a
-title="event">events</a>, since <span class="name">a1</span> must have been active before <span class="name">a2</span> started. This is
-illustrated by Subfigure <a href="#constraint-summary">constraint-summary</a> (h) and expressed by constraint <a href="#wasStartedBy-ordering">wasStartedBy-ordering</a>.</p>
-
-
-<div class='interpretation' id='wasStartedBy-ordering'>
-Given two activities denoted by <span class="name">a1</span> and <span class="name">a2</span>, <span class='conditional'>if</span> <span
-class="name">wasStartedBy(a2,a1)</span>
- holds, <span class='conditional'>then</span> the following ordering constraint holds: the
-<a title="activity start event">start</a> event of the activity denoted by <span class="name">a1</span> <a>precedes</a> the <a title="activity start event">start event</a> of
-the activity denoted by <span class="name">a2</span>.
+<hr />
+
+<p> Similarly, the entity that triggered the end of an activity must exist before the activity ends, as illustrated by Subfigure <a href="#ordering-entity-trigger-fig">ordering-entity-trigger-fig</a> (b).</p>
+
+
+<div class='constraint' id='wasEndedBy-ordering'>
+ <ol>
+ <li>
+ <span class="conditional">IF</span>
+<span class="name">wasEndedBy(end,a,e,-)</span>
+and
+<span class="name">wasGeneratedBy(gen,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">end</span>.
+ </li><li>
+ <span class="conditional">IF</span>
+<span class="name">wasEndedBy(end,a,e,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">end</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+ </li>
+ </ol>
</div>
-
-<p>Further constraints appear in Figure <a href="#constraint-summary2">constraint-summary2</a> and are discussed below.</p>
-
<div style="text-align: center;">
<figure>
-<img src="images/constraints2.png" alt="further constraints between events" />
-<figcaption id="constraint-summary2">Summary of <a title="event">instantaneous event</a> ordering constraints (continued)</figcaption>
+<figcaption id="ordering-entity-trigger-fig">Summary of <a title="instantaneous event">instantaneous event</a> ordering constraints for trigger entities</figcaption>
+<img src="../images/ordering-entity-trigger.png" alt="ordering constraints for trigger entities" />
</figure>
</div>
-<p>A trigger of an activity must exist when the activity starts.
-This is
-illustrated by Subfigure <a href="#constraint-summary2">constraint-summary2</a> (a) and expressed by constraint <a href="#wasStartedByAgent-ordering">wasStartedByAgent-ordering</a>.</p>
-
-
-<div class='interpretation' id='wasStartedByAgent-ordering'>
-Given an activity denoted by <span class="name">a</span> and an entity denoted by <span class="name">e</span>, <span class='conditional'>if</span> <span
-class="name">wasStartedBy(a,e)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="activity start event">start</a> event of the activity denoted by <span class="name">a</span> <a>follows</a> the <a title="entity generation event">generation event</a> for entity <span class="name">e</span>, and
-<a>precedes</a> the invalidation event of
-the same entity.
+</section>
+
+<section>
+<h3> Agent constraints</h3>
+
+<p>
+Like entities and activities, agents have lifetimes that follow a
+familiar pattern: an agent is generated, can participate in
+interactions such as starting, ending or association with an
+activity, attribution, or delegation, and finally the agent is invalidated.
+</p>
+<p>Further constraints associated with agents appear in Figure <a href="#ordering-agents">ordering-agents</a> and are discussed below.</p>
+
+<div style="text-align: center;">
+<figure>
+<figcaption id="ordering-agents">Summary of <a title="instantaneous event">instantaneous event</a> ordering constraints (continued)</figcaption>
+<img src="../images/ordering-agents.png" alt="ordering constraints for agents" />
+</figure>
</div>
-<p> A similar constraints exists for the trigger of activity end, illustrated by Subfigure <a href="#constraint-summary2">constraint-summary2</a> (b).</p>
-
-
-<div class='interpretation' id='wasEndedByAgent-ordering'>
-Given an activity denoted by <span class="name">a</span> and an entity denoted by <span class="name">e</span>, <span class='conditional'>if</span> <span
-class="name">wasEndedBy(a,e)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="activity end event">end</a> event of the activity denoted by <span class="name">a</span> <a>follows</a> the <a title="entity generation event">generation event</a> for entity <span class="name">e</span>, and
-<a>precedes</a> the invalidation event of
-the same entity.
-</div>
+<hr />
<p>An activity that was associated with an agent must have some overlap with the agent. The agent may be generated, or may only become associated with the activity, after the activity start: so, the agent is required to exist before the activity end. Likewise, the agent may be destructed, or may terminate its association with the activity, before the activity end: hence, the agent invalidation is required to happen after the activity start.
This is
-illustrated by Subfigure <a href="#constraint-summary2">constraint-summary2</a> (c) and expressed by constraint <a href="#wasAssociatedWith-ordering">wasAssociatedWith-ordering</a>.</p>
-
-
-<div class='interpretation' id='wasAssociatedWith-ordering'>
-Given an activity denoted by <span class="name">a</span> and an agent denoted by <span class="name">ag</span>, <span class='conditional'>if</span> <span
-class="name">wasAssociatedWith(a,ag)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="activity start event">start</a> event of the activity denoted by <span class="name">a</span>
-precedes the invalidation event of
-the agent denoted by <span class="name">ag</span>, and
- the <a title="entity generation event">generation event</a> for agent denoted by <span class="name">ag</span>
-<a>precedes</a> the activity <a title="activity end event">end</a> event.
+illustrated by Subfigure <a href="#ordering-agents">ordering-agents</a> (a) and expressed by constraint <a href="#wasAssociatedWith-ordering">wasAssociatedWith-ordering</a>.</p>
+
+
+<div class='constraint' id='wasAssociatedWith-ordering'>
+ <ol> <li>
+ <span class="conditional">IF</span>
+<span class="name">wasAssociatedWith(a,ag)</span>
+and
+<span class="name">wasStartedBy(start,a,-,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,ag,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">start</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+ </li><li>
+ <span class="conditional">IF</span>
+<span class="name">wasAssociatedWith(a,ag)</span>
+and
+<span class="name">wasGeneratedBy(gen,ag,-,-)</span>
+and
+<span class="name">wasEndedBy(end,a,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">end</span>.
+ </li>
+ </ol>
</div>
-
-<p>An entity that was attributed to an agent must have some overlap with the agent. The agent may be generated, or may only become attributed with the activity, after its generation: so, the agent is required to exist before the entity invalidation. Likewise, the agent may be destructed, or the entity may no longer be attributed to the agent, before the entity invalidation: hence, the agent invalidation is required to happen after the entity generation.
+<hr />
+
+<p>An entity that was attributed to an agent must have some overlap
+with the agent. The agent is required to exist before the entity
+invalidation. Likewise, the entity generation must precede the agent destruction.
This is
-illustrated by Subfigure <a href="#constraint-summary2">constraint-summary2</a> (d) and expressed by constraint <a href="#wasAttributedWith-ordering">wasAttributedWith-ordering</a>.</p>
+illustrated by Subfigure <a href="#ordering-agents">ordering-agents</a> (b) and expressed by constraint <a href="#wasAttributedTo-ordering">wasAttributedTo-ordering</a>.</p>
-<div class='interpretation' id='wasAttributedWith-ordering'>
-Given an entity denoted by <span class="name">e</span> and an agent denoted by <span class="name">ag</span>, <span class='conditional'>if</span> <span
-class="name">wasAttributedWith(e,ag)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="entity generation event">generation</a> event of the entity denoted by <span class="name">e</span>
-precedes the invalidation event of
-the agent denoted by <span class="name">ag</span>, and
- the <a title="entity generation event">generation event</a> for agent denoted by <span class="name">ag</span>
-<a>precedes</a> the entity <a title="entity invalidation event">invalidation</a> event.
+<div class='constraint' id='wasAttributedTo-ordering'>
+ <ol> <li>
+ <span class="conditional">IF</span>
+<span class="name">wasAttributedTo(e,ag)</span>
+and
+<span class="name">wasGeneratedBy(gen,e,-,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,ag,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+ </li><li>
+ <span class="conditional">IF</span>
+<span class="name">wasAttributedTo(e,ag)</span>
+and
+<span class="name">wasGeneratedBy(gen,ag,-,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,e,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+ </li>
+ </ol>
</div>
-<p>For responsibility, two agents need to have some overlap.</p>
-
-
-<div class='interpretation' id='actedOnBehalfOf-ordering'>
-Given two agents <span class="name">ag1</span> and <span class="name">ag2</span>, <span class='conditional'>if</span> <span
-class="name">actedOnBehalfOf(ag2,ag1)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="entity generation event">generation</a> event of the agent denoted by <span class="name">ag2</span>
-precedes the invalidation event of
-agent <span class="name">ag1</span>, and
- the <a title="entity generation event">generation event</a> for agent denoted by <span class="name">ag1</span>
-<a>precedes</a> <a title="entity invalidation event">invalidation</a> event for <span class="name">ag2</span>.
+<hr />
+
+<p>For responsibility, two agents need to have some overlap in their lifetime.</p>
+
+
+<div class='constraint' id='actedOnBehalfOf-ordering'>
+ <span class="conditional">IF</span>
+<span class="name">actedOnBehalfOf(ag2,ag1)</span>
+and
+<span class="name">wasGeneratedBy(gen,ag1,-,-)</span>
+and
+<span class="name">wasInvalidatedBy(inv,ag2,-,-)</span>
+<span class="conditional">THEN</span>
+<span class="name">gen</span>
+<a>precedes</a>
+<span class="name">inv</span>.
+
</div>
-<!--
-<p>Finally, two entities that are alternate of each other need to have some overlap.</p>
-
-<div class='interpretation' id='alternate-ordering'>
-Given two entities <span class="name">e1</span> and <span class="name">e2</span>, <span class='conditional'>if</span> <span
-class="name">alternate(e2,e1)</span>
- holds, <span class='conditional'>then</span> the following ordering constraints hold: the
-<a title="entity generation event">generation</a> event of the entity denoted by <span class="name">e2</span>
-precedes the invalidation event of
-entity <span class="name">e1</span>, and
- the <a title="entity generation event">generation event</a> for entity denoted by <span class="name">e1</span>
-<a>precedes</a> <a title="entity invalidation event">invalidation</a> event for <span class="name">ag2</span>.
-</div>
-
--->
-
</section>
-<section id="structural-constraints">
-<h3>PROV-DM Structural Constraints</h3>
-
-<p><a href="#definitional-constraints">Section 4</a> provides definitional constraints for data model concepts.
-<a href="#account-constraints">Section 5</a> introduces constraints on descriptions occurring in accounts.
-<a href="#interpretation">Section 6</a> defines an interpretation of this data model, in terms of event ordering
-constraints.
-This section introduces further constraints on the structure of PROV-DM descriptions. Descriptions that satisfy these constraints are said to be <dfn>structurally well-formed</dfn>. A
-benefit of structurally well-formed provenance descriptions is that further inferences can be made, because descriptions are more precise, and therefore, richer. </p>
-
-<p>According to the definition of a <a>generation</a>, an entity becomes available after this entity's generation event, and does not exist before this event. From this definition,
-we conclude that PROV-DM does not allow for an entity to have two generations occurring at two different instants.
-The rationale for this constraint is as follows.
- Two distinct <a title="entity generation event">generation events</a> (by a same activity or by two distinct activities), occurring one after the other, necessarily create two distinct
-entities; otherwise, the second <a title="entity generation event">generation event</a> would have resulted in an entity that existed before its creation, which contradicts the definition of
-<a>generation</a>.</p>
-
-<p>So, PROV-DM allows for two distinct <a>generations</a> <span class="name">g1</span> and <span class="name">g2</span> referencing a same entity provided they occur
-<em>simultaneously</em>.
-<!-- (This means that <span class="name">g1</span> <a>precedes</a> <span class="name">g2</span> and <span class="name">g2</span> <a>precedes</a> <span class="name">g1</span>.) -->
- In practice, for such a simultaneous generation to occur, the generation event has to be unique and caused by a <em>single world activity</em>, though provenance may contain
-several descriptions for the <em>same</em> world activity.
-</p>
-
-<div class="anexample">
-<p>
-In the following descriptions, a workflow execution <span class="name">a0</span> consists of two sub-workflow executions <span class="name">a1</span> and <span class="name">a2</span>.
-Sub-workflow execution <span class="name">a2</span> generates entity <span class="name">e</span>, so does <span class="name">a0</span>.</p>
-<pre class="codeexample">
-activity(a0, [prov:type="workflow execution"])
-activity(a1, [prov:type="workflow execution"])
-activity(a2, [prov:type="workflow execution"])
-wasInformedBy(a2,a1)
-
-wasGeneratedBy(e,a0)
-wasGeneratedBy(e,a2)
-</pre>
-<p>So, we have two different <a title="generation">generations</a> for entity <span class="name">e</span>. Such an example is permitted in PROV-DM if the two activities denoted by <span class="name">a0</span> and <span class="name">a2</span> are a single thing happening in the world
-but described from different perspectives.</p>
-</div>
-
-<p>While this example is permitted in PROV-DM, it does not make the inter-relation between activities explicit, and it mixes descriptions expressed from different perspectives together.
-While this may acceptable in some specific applications, it becomes challenging for inter-operability. Indeed, PROV-DM does not offer any relation describing the structure of activities.
- Such descriptions are said not be structurally well-formed.</p>
-
-<p>Structurally well-formed provenance can be obtained by partitioning the generations into different accounts. This makes it clear that these generations provide alternative
-descriptions of the same real-world generation event, rather than describing two distinct generation events for the same entity. When accounts are used, the example can be encoded as follows.</p>
-
-
-<div class="anexample">
-<p>
-The same example is now revisited, with the following descriptions that are structurally well-formed. Two accounts are introduced, and there is a single generation for entity <span
-class="name">e</span> per account.</p>
-
-<p>In a first account, entitled "summary", we find:</p>
-<pre class="codeexample">
-activity(a0,t1,t2,[prov:type="workflow execution"])
-wasGeneratedBy(e,a0,-)
-</pre>
-<p>In a second account, entitled "detail", we find:</p>
-<pre class="codeexample">
-activity(a1,t1,t3,[prov:type="workflow execution"])
-activity(a2,t3,t2,[prov:type="workflow execution"])
-wasInformedBy(a2,a1)
-wasGeneratedBy(e,a2,-)
-</pre>
-</div>
-
-
-
-<p>Structurally well-formed provenance satisfies some constraints, which force the structure of descriptions to be exposed by means of accounts. With these constraints satisfied, further
-inferences can be made about structurally well-formed descriptons.
-The uniqueness of generations in accounts is formulated as follows.
-</p>
-
-<div class='constraint' id='generation-uniqueness'>Given an entity denoted by <span class="name">e</span>, two activities denoted by <span class="name">a1</span> and <span
-class="name">a2</span>, two time instants <span class="name">t1</span> and <span
-class="name">t2</span>, and two sets of attribute-value pairs <span class="name">attrs1</span> and <span class="name">attrs2</span>,
-<span class='conditional'>if</span> <span class="name">wasGeneratedBy(id1, e, a1, t1, attrs1)</span> and <span class="name">wasGeneratedBy(id2, e, a2, t2, attrs2)</span> exist in the scope of a given
-account,
-<span class='conditional'>then</span> <span class="name">id1</span>=<span class="name">id2</span>, <span class="name">a1</span>=<span class="name">a2</span>, <span class="name">t1</span>=<span class="name">t2</span> and <span class="name">attrs1</span>=<span class="name">attrs2</span>.
-</div>
-
-
-
-
-
-
-<p>A further inference is permitted from derivations with an explicit activity and no usage: </p>
-<div class='inference' id='derivation-use'>
-<p>Given an activity <span class="name">a</span>, entities denoted by <span class="name">e1</span> and <span class="name">e2</span>, and sets of attribute-value
-pairs <span class="name">dAttrs</span>, <span class="name">gAttrs</span>,
-<span class='conditional'>if</span> <span class="name">wasDerivedFrom(e2,e1, a, dAttrs)</span> and <span class="name">wasGeneratedBy(e2,a,-,gAttrs)</span> hold, <span
-class='conditional'>then</span> <span class="name">used(a,e1,-,uAttrs)</span> also holds
-for some set of attribute-value pairs <span class="name">uAttrs</span>.
-</div>
-<p>This inference is justified by the fact that the entity denoted by <span class="name">e2</span> is generated by at most one activity in a given account
-(see <a href="#generation-uniqueness">generation-uniqueness</a>). Hence, this activity is also the one referred to by the usage of <span class="name">e1</span>.
-</p>
-
-
-<p>We note that the converse inference, does not hold.
-From <span class="name">wasDerivedFrom(e2,e1)</span> and <span class="name">used(a,e1,-)</span>, one cannot
-derive <span class="name">wasGeneratedBy(e2,a,-)</span> because identifier <span class="name">e1</span> may occur in usages performed by many activities, which may have not generated the entity denoted by <span class="name">e2</span>.</p>
-
-
-<p>
-An account is said to be structurally well-formed if
-it satisfies the constraint <a href="#generation-uniqueness">generation-uniqueness</a>. If an account is structurally well-formed, it supports the inference <a
-href="#derivation-use">derivation-use</a>.</p>
-
-<p> Taking the union of two accounts is another account,
-formed by the union of the descriptions they respectively contain. We note that the resulting union may or may not invalidate some constraints:
-<ul>
-<li> Two entity descriptions with a same identifier but different sets of attributes exist in each original account may invalidate <a href="#unique-description-in-account">unique-description-in-account</a> in the union, unless some form of description merging or renaming (as per <a href="#merge-with-rename">Example</a>) occurs.
-<li> Structurally well-formed
-accounts are not
-closed under union because the
-constraint <a href="#generation-uniqueness">generation-uniqueness</a> may no
-longer be satisfied in the resulting union. </li>
-</ul>
-<p>How to reconcile such accounts is beyond the scope of this specification.</p>
-
-<!--
-Indeed, let us reconsider example <a href="#account-example-1">account-example-1</a>, and let us define another account record as follows.</p>
-
-<div class="anexample">
-<pre class="codeexample">
-account(ex:acc2,
- http://example.org/asserter2,
- entity(e0, [ prov:type="File", ex:path="/shared/crime.txt", ex:creator="Alice" ])
- ...
- activity(a1,t1,,[prov:type="createFile"])
- ...
- wasGeneratedBy(e0,a1,[ex:fct="create"])
- ... )
-</pre>
-<p>with identifier <span class="name">ex:acc2</span>, containing assertions by asserter by <span class="name">http://example.org/asserter2</span> stating that the entity represented by
-entity record identified by <span class="name">e0</span> was generated by an activity represented by activity record identified by <span class="name">a1</span> instead of <span
-class="name">a0</span> in the previous account <span class="name">ex:acc0</span>. If accounts <span class="name">ex:acc0</span> and <span class="name">ex:acc2</span> are merged together,
-the resulting set of records violates <a href="#generation-uniqueness">generation-uniqueness</a> if the two activities <span class="name">a0</span> and <span class="name">a1</span> are
-distinct.</p>
-</div>
--->
-
-<!--
-<div class="note">
-Can the semantics characterize better what can be achieved with structurally well-formed accounts?
-</div>
-
-
-<div class="note" id="note-related-to-issue-105">
-Satya discussed the example of a sculpture, whose hand and leg are sculpted independently by two different sculptors. He suggested that the sculpture is generated by two distinct activities.
-This section explains that it is not the case. The example can be formulated as follows.
-
-<p><a href="examples/sculpture.pn">Sculpture example in PROV-N</a></p>
-
-<p><a href="examples/sculpture.png">Sculpture example image</a></p>
-
-<p>
-We see that ex:s_3 (the sculpture in its final state) was derived from ex:l_2 (containment) which was generated by ex:a2. However, ex:s_3 is not directly generated by ex:a2. We may want to
-consider an abbreviation for this: wasGeneratedBy*(ex:s_3,ex:a2).</p>
-</div>
-
--->
-
-</section>
-
+</section> <!--event-ordering-constraints-->
+
+</section> <!-- constraints -->
<section id="collection-constraints">
-<h3>PROV-DM Collection Constraints</h3>
-
+<h2>Collection Constraints</h2>
+<div class="note">
+ Work on collections and on these constraints is deferred until after
+ the next working draft, so this section may not be stable.
+ </div>
+
<p>Membership is a convenience notation, since it can be expressed in terms of an insertion into some collection. The membership definition is formalized by constraint <a href="#membership-as-insertion">membership-as-insertion</a>.</p>
-<div class='constraint' id='membership-as-insertion'>
+<div class='definition' id='membership-as-insertion'>
<span class="name">memberOf(c, {(k1, v1), ...})</span> holds
-<span class='conditional'>if and only if</span> there exists a collection <span class="name">c0</span>, such that
+<span class='conditional'>IF AND ONLY IF</span> there exists a collection <span class="name">c0</span>, such that
<span class="name">derivedByInsertionFrom(c, c0, {(k1, v1), ...})</span>.
</div>
@@ -1630,8 +1582,10 @@
<p>The following constraint ensures unique derivation.</p>
+<div class='note'> The following constraint is unclear.</div>
<div class='constraint' id='collection-unique-derivation'>
-A collection MUST NOT be derived through multiple insertions, removal, or membership relations.
+A collection MUST NOT be derived through multiple insertions, removal,
+ or membership relations.
</div>
<div class="anexample">
@@ -1679,9 +1633,6 @@
-<!--
-<section id="Collection-branching">
--->
<section id="collection-branching">
<h4>Collection branching</h4>
@@ -1720,25 +1671,6 @@
<p>The state of a collection is only known to the extent that a chain of derivations starting from an empty collection can be found. Since a set of descriptions regarding a collection's evolution may be incomplete, so is the reconstructed state obtained by querying those descriptions. In general, all descriptions reflect partial knowledge regarding a sequence of data transformation events. In the particular case of collection evolution, in which some of the state changes may have been missed, the more generic <a href="#Derivation-Relation">derivation</a> relation should be used to signal that some updates may have occurred, which cannot be expressed as insertions or removals. The following example illustrates this.</p>
-<!--
-<div class="anexample">
-<pre class="codeexample">
-entity(c, [prov:type="prov:Collection" %% xsd:QName]) // c is a collection, possibly not empty
-entity(c1, [prov:type="prov:Collection" %% xsd:QName])
-entity(c2, [prov:type="prov:Collection" %% xsd:QName])
-entity(e1)
-entity(e2)
-
-derivedByInsertionFrom(c1, c, {("k1", e1)})
-derivedByInsertionFrom(c2, c1, {("k2", e2)})
-</pre>
-From this set of descriptions, we conclude:
-<ul>
-<li> <span class="name">c1</span> includes <span class="name">("k1", e1)</span> but may contain additional unknown pairs
-<li> <span class="name">c2</span> includes <span class="name">("k1", e1), ("k2", e2)</span> (and possibly more pairs), where <span class="name">e2</span> is a collection with unknown state
-</pre>
- </div>
--->
<div class="anexample">
@@ -1766,201 +1698,567 @@
</section>
-</section> <!-- end of collections -->
-
-
-<!--
-<section id="resource-section">
-<h2>Resources, URIs, Entities, Identifiers, and Scope</h2>
-
-<p>This specification introduces the notion of an identifiable entity in the world. In PROV-DM, an entity record is a representation of such an identifiable entity. An entity record
-includes an identifier identifying this entity. Identifiers are qualified names, which can be mapped to IRIs. </p>
-
-<p>The term 'resource' is used in a general sense
- for whatever might be identified by a URI [[!RFC3986]]. On the Web, a URI denotes a resource, without any expectation that the resource is accessed. </p>
-
-<p>The purpose of this section is to clarify the relationship between resource and the notions of entity and entity record. </p>
-
-<p>In the context of PROV-DM, a resource is just a thing in the world. One may take multiple perspectives on such a thing and its situation in the world, fixing some its aspects.</p>
-
-<p> We refer to the <a href="#a-report-example">example</a> of section <a href="#conceptualization">2.1</a> for a resource (at some URL) and three different perspectives, referred to as
-entities. Three different entity records can be expressed for this report, which in the PROV-N sample below, are expressed within a same account.
-</p>
-
-<pre>
-container
-prefix app http://example.org/app/
-prefix cr http://example.org/crime/
-
- account(acc1,
- http://example.org/asserter1,
-
- entity(app:0, [ prov:type="Document", cr:path="http://example.org/crime.txt" ])
- entity(app:1, [ prov:type="Document", cr:path="http://example.org/crime.txt", cr:version="2.1", cr:content="...", cr:date="2011-10-07" ])
- entity(app:2, [ prov:type="Document", cr:author="John" ])
- ...)
-endContainer
-</pre>
-
-<p>Each entity record contains an identifier that is unique in
-account <span class="name">acc1</span>, and therefore locally
-identifies the entity record it is contained in. In this example,
-three identifiers were minted.</p>
-
-<p>Given that the report is a resource denoted by the URI <span class="name">http://example.org/crime.txt</span>, we could simply use this URI as the identifier of an entity. This would
-avoid us minting new URIs. Hence, the report URI would play a double role: as a URI it denotes a resource accessible at that URI, and as an identifier in a PROV-DM record, it helps identify
-a specific characterization of this report. A given identifier occurring in an entity record must be unique within the scope of an account. Hence, below, all entities records have been given
-the same identifier but appear in the scope of different accounts, so as to satisfy <a href="#identifiable-term-in-account">identifiable-term-in-account</a>.</p>
-
-<pre>
-container
-prefix app http://example.org/
-prefix cr http://example.org/crime/
-
- account(acc2,
- http://example.org/asserter1,
-
- entity(app:crime.txt, [ prov:type="Document", cr:path="http://example.org/crime.txt" ])
- ...)
-
- account(acc3,
- http://example.org/asserter1,
-
- entity(app:crime.txt, [ prov:type="Document", cr:path="http://example.org/crime.txt", cr:version="2.1", cr:content="...", cr:date="2011-10-07" ])
- ...)
-
- account(acc4,
- http://example.org/asserter1,
- entity(app:crime.txt, [ prov:type="Document", cr:author="John" ])
- ...)
-endContainer
-</pre>
-
-<p>In this case, the qualified name <span class="name">app:crime.txt</span> maps to URI <span class="name">http://example.org/crime.txt</span> still denotes the same resource; however, the
-perspectives we take about that resource are expressed by multiple entity records, happening to all contain the same identifier but in different accounts. </p>
-
-<p> Alternatively, if we need to assert the existence of two different perspectives on the report within the same account, then alternate identifiers MUST be used, one of them being allowed
-to be the resource URI.</p>
-
-<pre>
-container
- prefix app http://example.org/
- prefix app2 http://example.org/app/
- prefix cr http://example.org/crime/
-
- account(acc5,
- http://example.org/asserter1,
-
- entity(app:crime.txt, [ prov:type="Document", cr:path="http://example.org/crime.txt" ])
- entity(app2:1, [ prov:type="Document", cr:path="http://example.org/crime.txt", cr:version="2.1", cr:content="...", cr:date="2011-10-07" ])
-
- ...)
-endContainer
-
+<div class='note'>
+ Do the insertion/removal derivation steps imply wasDerivedFrom,
+ wasVersionOf, alternateOf?
+ </div>
+
+</section> <!-- collection-constraints -->
+
+<section id="account-constraints">
+<h2>Account Constraints</h2>
+
+<div class="note">
+Work on accounts has been deferred until after the next working draft,
+so this section is very unstable
+</div>
+
+<p>PROV-DM allows for multiple descriptions of entities (and in general any identifiable object) to be expressed. </p>
+
+<div class="anexample" id="example-two-entities-one-id">
+<p>Let us consider two descriptions of a same entity, which we have taken from two different contexts. A working draft published by the <span class="name">w3:Consortium</span>:</p>
+<pre class="codeexample">
+entity(tr:WD-prov-dm-20111215, [ prov:type="pr:RecsWD" %% xsd:QName ])
</pre>
-
-
-</section>
-
--->
-
-<!--
-<li>For use, generation, and derivation event, the first argument is the 'effect' (i.e. most recent item) and the second argument is the 'cause' (i.e. least recent item). This order is
-compatible with the temporal layout of the graphical notation.
--->
-
-<!--
-<section id="refining-provenance-descriptions">
-<h3>Refining Provenance Descriptions</h3>
-
-<div class='note'>Purely tentative</div>
-
-<p>In this section, we successively review refined provenance descriptions, and examine their meaning, in light of the constraints introduced in this specification. </p>
-
-
-<ol>
-<li>First, let us consider a small set of three descriptions, including an entity, an agent, and an attribution relation.
-<pre>
-entity(tr:prov-dm)
-agent(w3:Consortium)
-wasAttributedTo(tr:prov-dm,w3:Consortium)
+The second version of a document edited by some authors:
+<pre class="codeexample">
+entity(tr:WD-prov-dm-20111215, [ prov:type="document", ex:version="2" ])
</pre>
-<p>The entity denoted by <span class="name">tr:prov-dm</span> does not contain any attribute besides its identifier. Without any further detail, this entity is simply the resource denoted by <span class="name">tr:prov-dm</span>, whatever its state over time. This resource has multiple versions including <span class="name">tr:WD-prov-dm-20111215</span> and <span class="name">tr:WD-prov-dm-20111018</span>.
-Likewise, the second line simply is a description for a resource denoted by <span class="name">w3:Consortium</span>, nothing less, nothing more.</p>
-<p>The third description should be interpreted as: whatever changes entity <span class="name">tr:prov-dm</span> may have gone through, it is always attributed to the <span class="name">w3:Consortium</span> agent.</p>
-</li>
-
-
-<li>Second, the descriptions are bundled up as an account with name <span class="name">ex:acc1</span>:
-<pre>
-entity(tr:prov-dm)
-agent(ex:Simon)
-wasAttributedTo(tr:prov-dm,ex:Simon)
-</pre>
-and provenance details are available for <span class="name">ex:acc1</span>, namely the generation time for the provenance.
-<pre>
-entity(ex:acc1, [prov:type="AccountEntity"])
-wasGeneratedBy(ex:acc1,,2011-12-15T12:00:00)
-</pre>
-<div class='note'>
-What is the meaning here? Is it any different? Are stating anything about newer version of tr:prov-dm that occur after 2011-12-15T12:00:00?
+<p>Both descriptions are about the same entity identified by
+<span class="name">tr:WD-prov-dm-20111215</span>, but they contain different attributes, describing the situation or partial state of the these entities according to the context in which they occur.
+</p>
</div>
-<li> A generation event for <span class="name">tr:prov-dm</span> is provided.
-<pre>
-entity(tr:prov-dm)
-agent(ex:Simon)
-wasGeneratedBy(tr:prov-dm,,2011-12-15T12:00:00)
-wasAttributedTo(tr:prov-dm,ex:Simon)
-</pre>
-<div class='note'>
-What is the meaning here? that only the version that was created by this event is attributed to ex:Simon, but not previous ones. This means that it is not specfied whether he was an author in anterior versions.
+
+
+<p>Two different descriptions of a same entity cannot co-exist in a same account
+ as formalized in <a href="#unique-description-in-account">unique-description-in-account</a>.</p>
+
+<!-- Moved to uniqueness constraints section
+<div class='constraint' id='unique-description-in-account'>
+<p>Given an entity identifier <span class="name">e</span>, there is at most one description
+<span class="name">entity(e,attrs)</span> occurring in a given account, where <span class="name">attrs</span> is some set of attribute-values. Other descriptions of the same entity can exist in different accounts.</p>
+
+<p>This constraint similarly applies to all other types and relations,
+ with explicit identity.</p>
</div>
-
-</li>
-
-
-<li> A invalidation event for <span class="name">tr:prov-dm</span> is provided.
-<pre>
-entity(tr:prov-dm)
-agent(ex:Simon)
-wasGeneratedBy(tr:prov-dm,,2011-12-15T12:00:00)
-wasDestroyedBy(tr:prov-dm,,2012-02-02T12:00:00)
-wasAttributedTo(tr:prov-dm,ex:Simon)
+-->
+
+
+
+<p>In some cases, there may be a requirement for two different
+ descriptions of the same entity to be included in the same account. To satisfy the constraint <a href="#unique-description-in-account">unique-description-in-account</a>, we can adopt a different identifier for one of them, and relate the two descriptions with the <span class="name">alternateOf</span> relation. </p>
+
+<div class="anexample" id="merge-with-rename">
+<p>We now reconsider the same two descriptions of a same entity, but we change the identifier for one of them:</p>
+<pre class="codeexample">
+entity(tr:WD-prov-dm-20111215, [ prov:type="pr:RecsWD" %% xsd:QName ])
+entity(ex:alternate-20111215, [ prov:type="document", ex:version="2" ])
+alternateOf(tr:WD-prov-dm-20111215,ex:alternate-20111215)
</pre>
-<div class='note'>
-Speculative, since we have not defined the invalidation event (yet?.
-What is the meaning here? that only the versions that existed during this characterization interval were attributed to ex:Simon.
</div>
+
+
+<div class='note'>
+ Since we are not specifying ways to take the union of two accounts,
+ we may drop this discussion
+ </div>
+<p> Taking the union of two accounts is another account,
+formed by the union of the descriptions they respectively contain. We note that the resulting union may or may not invalidate some constraints:
+<ul>
+<li> Two entity descriptions with a same identifier but different sets of attributes exist in each original account may invalidate <a href="#unique-description-in-account">unique-description-in-account</a> in the union, unless some form of description merging or renaming (as per <a href="#merge-with-rename">Example</a>) occurs.
+<li> Structurally well-formed
+accounts are not
+closed under union because the
+constraint <a href="#generation-uniqueness">generation-uniqueness</a> may no
+longer be satisfied in the resulting union. </li>
+</ul>
+<p>How to reconcile such accounts is beyond the scope of this specification.</p>
+
+
+<div class="note">
+ Material transplanted from old structural well-formedness constraints section.
+
+ This example isn't very clear, since the sub-workflow-ness isn't
+ represented in the data. According to what was written above, we
+ should conclude that a0 and a2 are equal!
+ </div>
+<div class="anexample">
+<p>
+In the following descriptions, a workflow execution <span class="name">a0</span> consists of two sub-workflow executions <span class="name">a1</span> and <span class="name">a2</span>.
+Sub-workflow execution <span class="name">a2</span> generates entity <span class="name">e</span>, so does <span class="name">a0</span>.</p>
+<pre class="codeexample">
+activity(a0, [prov:type="workflow execution"])
+activity(a1, [prov:type="workflow execution"])
+activity(a2, [prov:type="workflow execution"])
+wasInformedBy(a2,a1)
+
+wasGeneratedBy(e,a0)
+wasGeneratedBy(e,a2)
+</pre>
+<p>So, we have two different <a title="generation">generations</a> for entity <span class="name">e</span>. Such an example is permitted in PROV-DM if the two activities denoted by <span class="name">a0</span> and <span class="name">a2</span> are a single thing happening in the world
+but described from different perspectives.</p>
+</div>
+
+<p>While this example is permitted in PROV-DM, it does not make the inter-relation between activities explicit, and it mixes descriptions expressed from different perspectives together.
+While this may acceptable in some specific applications, it becomes challenging for inter-operability. Indeed, PROV-DM does not offer any relation describing the structure of activities.
+ Such descriptions are said not to be structurally well-formed.</p>
+
+<p>Structurally well-formed provenance can be obtained by partitioning the generations into different accounts. This makes it clear that these generations provide alternative
+descriptions of the same real-world generation event, rather than describing two distinct generation events for the same entity. When accounts are used, the example can be encoded as follows.</p>
+
+
+<div class="anexample">
+<p>
+The same example is now revisited, with the following descriptions that are structurally well-formed. Two accounts are introduced, and there is a single generation for entity <span
+class="name">e</span> per account.</p>
+
+<p>In a first account, entitled "summary", we find:</p>
+<pre class="codeexample">
+activity(a0,t1,t2,[prov:type="workflow execution"])
+wasGeneratedBy(e,a0,-)
+</pre>
+<p>In a second account, entitled "detail", we find:</p>
+<pre class="codeexample">
+activity(a1,t1,t3,[prov:type="workflow execution"])
+activity(a2,t3,t2,[prov:type="workflow execution"])
+wasInformedBy(a2,a1)
+wasGeneratedBy(e,a2,-)
+</pre>
+</div>
+
+
+
+<p>Structurally well-formed provenance satisfies some constraints, which force the structure of descriptions to be exposed by means of accounts. With these constraints satisfied, further
+inferences can be made about structurally well-formed descriptions.
+The uniqueness of generations in accounts is formulated as follows.
+</p>
+
+
+
+
+</section> <!-- account-constraints-->
+
+
+
+
+
+
+<section id="compliance">
+<h2>Compliance with this document</h2>
+
+For the purpose of compliance, the normative sections of this document
+ are (TODO). To be compliant:
+ <ul><li>When processing provenance obtained from another source, an
+ application MAY apply the inferences and definitions in <a
+ href="#inferences" class='sectionRef'></a>.</li>
+ <li>An application SHOULD process <a>equivalent</a> PROV-DM instances in the same way, described in <a href="#equivalence" class="sectionRef"></a>
+ <li>When determining whether a PROV description is <a>valid</a>, an
+ application MUST check that all of the
+ constraints of <a href="#constraints" class="sectionRef"></a> are
+ satisfied on the <a>normal form</a> of the instance.</li>
+ <li> When producing provenance meant for other applications to
+ use, the application SHOULD produce <a>valid</a> provenance. </li>
+ </ul>
+ <div class="note">
+ Should we specify a way for PROV descriptions to say whether they
+ are meant to be validated or not? Seems outside the scope of this document.
+ </div>
+
+</section>
+
+
+ <section id='rationale' class="informative">
+<h2>Rationale for inferences and constraints</h2>
+
+<div class="note"> This section collects all of the explanatory
+ material that I was not certain how to interpret as an unambiguous
+ inference or constraint. Some of these observations may need to be folded
+ into the explanatory text in respective sections (for example for
+ events,
+ accounts or collections).
+
+ Editing is also needed to decrease redundancy.
+ </div>
+
+ <section id='section-attributes'>
+<h4>Entities and Attributes</h4>
+
+<p>When we talk about things in the world in natural language and even when we assign identifiers, we are often imprecise in ways that make it difficult to clearly and unambiguously report
+provenance: a resource with a URL may be understood as referring to a report available at that URL, the version of the report available there today, the report independent of where it is
+hosted over time, etc.
+However, to write precise descriptions of the provenance of things
+that change over time, we need ways of disambiguating which versions
+of things we are talking about.
+</p>
+
+<p>
+To describe the provenance of things that can change over
+time, PROV-DM uses the concept of <i>entities</i> with fixed
+attributes. From a provenance viewpoint, it is important to identify
+a partial state of something, i.e. something with some aspects that
+have been fixed, so that it becomes possible to express its provenance
+(i.e. what caused the thing with these specific aspects). An entity
+encompasses a part of a thing's history during which some of the
+attributes are fixed. An entity can thus be thought of as a part of a
+thing with some associated partial state.
+Attributes in PROV-DM are used to fix certain aspects of entities.</p>
+
+
+<p>
+An <dfn>entity</dfn> is a thing one wants to provide provenance for
+and whose situation in the world is described by some fixed
+attributes. An entity has a <dfn
+id="|dfn-characterization-interval">characterization interval</dfn>,
+or <dfn id="lifetime">lifetime</dfn>,
+defined as the period
+between its <a title="entity generation event">generation event</a>
+and its <a title="entity invalidation event">invalidation event</a>.
+An entity's attributes are established when the entity is
+created and describe the entity's situation and (partial) state
+during an entity's lifetime.</p>
+
+<p>
+A different entity (perhaps representing a different user or
+system perspective) may fix other aspects of the same thing, and its provenance
+may be different. Different entities that are aspects of the same
+thing are called <em>alternate</em>, and the PROV-DM relations of
+specialization and alternate can be used to link such entities.</p>
+
+
+
+
+
+
+<div class="anexample" id="a-report-example">
+Different users may take different perspectives on a resource with
+a URL. A provenance record might use one (or more) different
+ entities to talk about different perspectives, such as:
+<ul>
+<li>a report available at a URL: fixes the nature of the thing, i.e. a document, and its location; </li>
+<li>the version of the report available there today: fixes its version number, contents, and its date;</li>
+<li>the report independent of where it is hosted and of its content over time: fixes the nature of the thing as a conceptual artifact.</li></ul>
+The provenance of these three entities may differ, and may be along the following lines:
+<ul>
+<li>the provenance of a report available at a URL may include: the act of publishing it and making it available at a given location, possibly under some license and access control;</li>
+<li>the provenance of the version of the report available there today may include: the authorship of the specific content, and reference to imported content;</li>
+<li>the provenance of the report independent of where it is hosted over time may include: the motivation for writing the report, the overall methodology for producing it, and the broad team
+involved in it.</li>
+</ul>
+<p>We do not assume that any entity is a better or worse description of
+reality than any other. That is, we do not assume an absolute ground truth with
+respect to which we can judge correctness or completeness of
+descriptions. In fact, it is possible to describe the processing that occurred for the report to be commissioned, for
+individual versions to be created, for those versions to be published at the given URL, etc., each via a different entity with attribute-value pairs that fix some aspects of the report appropriately.</p>
+</div>
+
+
+<p>Besides entities, a variety of other PROV-DM objects have
+attributes, including activity, generation, usage, start, end,
+communication, attribution, association, responsibility, and
+derivation. Each object has an associated duration interval (which may
+be a single time point), and attribute-value pairs for a given object
+are expected to be descriptions that hold for the object's duration.
+</p>
+<p>
+However, the attributes of entities have special meaning because they
+are considered to be fixed aspects
+of underlying, changing things. This motivates constraints on
+<span class="name">alternateOf</span> and <span class="name">specializationOf</span> relating the attribute values of
+different entities.
+</p>
+<div class="note">
+ TODO:
+Constraints on alternateOf/specializationOf for this?
+ </div>
+
+ <div class="note">
+TODO: Further discussion of entities moved from the old "Definitional
+ constraints" section. Should merge with the surrounding
+ discussion to avoid repetition.
+ </div>
+<p>
+An <dfn>entity</dfn> is a thing one wants to provide provenance for
+and whose situation in the world is described by some attribute-value
+pairs. An entity's attribute-value pairs are established as part of
+the entity description and their values remain unchanged for the
+lifetime of the entity. An entity's attribute-value pairs are expected
+to describe the entity's situation and (partial) state during an
+entity's <a title="characterization interval">characterization interval</a>.</p>
+
+<p>If an entity's situation or state changes, this may result in its description being invalid, because one or more attribute-value pairs no longer hold. In that case, from the PROV viewpoint, there exists a new entity, which needs to be given a distinct identifier, and associated with the attribute-value pairs that reflect its new situation or state.</p>
+
+
+
+Further considerations:
+<ul>
+<li>In order to describe the provenance of something during an interval over which
+ relevant attributes of the thing are not fixed, it is required to
+ create multiple entities, each with its own identifier, <a
+ title="characterization interval">characterization interval</a>, and
+ fixed attributes, and express
+ dependencies between the various entities using events.
+ For example, if we want to describe the provenance of several
+ versions of a document, involving attributes such as authorship that
+ change over time, we need different entities for the versions linked
+ by appropriate generation, usage, revision, and invalidation events.
</li>
-</ol>
-
+<li>There is no assumption that the set of attributes is complete, nor
+that the attributes are independent or orthogonal of each other.</li>
+<li>There is no assumption that the attributes of an entity uniquely
+identify it. Two different entities that are aspects of different
+things can have the same attributes.</li>
+<li>A <a title="characterization interval">characterization interval</a> may collapse into a single instant.</li>
+</ul>
+
</section>
--->
-
-<!--
<section>
-<h3>Stuff to Keep, Maybe?</h3>
-
-
-
-
-<li id='attribute-occurrence-in-entity-record'>The attributes
-occurring in an entity record MUST be declared in the namespace
-referred to by their prefix according to
-<a href="#term-attribute">Section term-attribute</a>. Furthermore,
-for each attribute, a namespace MAY also declare the number of
-occurrences the entity may have in a list of attributes. An entity record is
-valid if the number of occurrences of any of its attributes is
-compatible with this attribute's declaration it its namespace. This
-property applies to all types of records, and is referred to
-as <a>attribute occurrence validity</a>.</li>
+<h3>Activities</h3>
+
+<div class="note">
+ TODO: Further discussion of activities moved from old "Definitional
+ constraints and inferences" section. Edit to avoid repeating information.
+</div>
+
+
+<p>An activity is delimited by its <a title="activity start event">start</a> and its <a title="activity end event">end</a> events; hence, it occurs over
+an interval delimited by two <a title="instantaneous event">instantaneous
+events</a>. However, an activity record need not mention start or end time information, because they may not be known.
+An activity's attribute-value pairs are expected to describe the activity's situation during its interval, i.e. an interval between two instantaneous events, namely its <a title="activity start event">start</a> event and its <a title="activity end event">end</a> event.
+</p>
+
+
+<p>Further considerations:</p>
+<ul>
+<li>An activity is not an entity.
+Indeed, an entity exists in full at
+any point in its lifetime, persists during this
+interval, and preserves the characteristics that makes it
+identifiable. In contrast, an activity is something that occurs, happens,
+unfolds, or develops through time, but is typically not identifiable by
+the characteristics it exhibits at any point during its duration.
+This distinction is similar to the distinction between
+'continuant' and 'occurrent' in logic [[Logic]].</li>
+</ul>
+
</section>
--->
+
+
+ <section id="representation-term-assertion-inference">
+<h3>Description, Assertion, and Inference</h3>
+
+<p>
+PROV-DM is a provenance data model designed to express <em>descriptions</em> of the world.
+</p>
+
+<div class="anexample">
+A file at some point during its lifecycle, which includes multiple edits by multiple people, can be described by its type, its location in the file system, a creator, and content.
+</div>
+
+
+<p>The data model is designed to capture activities that happened in the past, as opposed to activities
+that may or will happen.
+However, this distinction is not formally enforced.
+Therefore, PROV-DM descriptions are intended to be interpreted as what
+has happened, as opposed to what may or will happen.</p>
+
+
+
+<p>
+This specification does not prescribe the means by which descriptions can be arrived at; for example, descriptions can be composed on the basis of observations, reasoning, or any other means.
+</p>
+
+
+<p>
+Sometimes, inferences about the world can be made from descriptions
+conformant to the PROV-DM data model. This
+specification defines some such inferences, allowing new descriptions
+to be inferred from existing ones. Hence, descriptions of the world
+can result either from direct assertion or from inference
+by application of inference rules defined by this specification.
+</p>
+
+
+</section>
+
+
+
+
+
+ <section id='section-event-time'>
+<h4>Events and Time</h4>
+
+
+
+
+<p>Time is critical in the context of provenance, since it can help corroborate provenance claims. For instance, if an entity is claimed to be obtained by transforming another, then the
+latter must have existed before the former. If it is not the case, then there is something wrong with such a provenance claim. </p>
+
+<p> Although time is critical, we should also recognize that
+provenance can be used in many different contexts within individual
+systems and across the Web. Different systems may use different clocks
+which may not be precisely synchronized, so when provenance records
+are combined by different systems, we may not be able to align the
+times involved to a single global timeline. Hence, PROV-DM is
+designed to minimize assumptions about time. </p>
+
+
+
+<p>Hence, to talk about the constraints on valid PROV-DM data, we
+refer to <a title="instantaneous event">instantaneous events</a> that correspond to interactions
+between activities and entities.
+The term "event" is commonly used in process algebra with a similar meaning. For instance, in CSP [[CSP]], events represent communications or interactions; they are assumed to be atomic and
+instantaneous.</p>
+
+
+
+
+
+<section id="event-ordering">
+<h4>Event Ordering</h4>
+
+
+
+<div class="note">
+ The following paragraphs are unclear and need to be revised, to
+ address review concerns: if
+ we aren't saying anything about how events and time relate, and time
+ is the only concrete information about event ordering in PROV-DM,
+ then how can implementations check that event ordering constraints
+ are satisfied?
+ </div>
+<p> How the <a>precedes</a> partial order is implemented in practice is beyond the scope
+of this specification. This specification only assumes that
+each <a title="instantaneous event">instantaneous event</a> can be mapped to an instant in some form of
+timeline. The actual mapping is not in scope of this
+specification. Likewise, whether this timeline is formed of a single
+global timeline or whether it consists of multiple Lamport-style
+clocks is also beyond this specification. The <a>follows</a> and
+<a>precedes</a> orderings of events should be consistent with the
+ordering of their associated times
+over these timelines.
+</p>
+
+
+<p>This specification defines <i>event ordering constraints</i>
+between <a title="instantaneous event">instantaneous events</a> associated with
+provenance descriptions. PROV-DM data MUST satisfy such constraints. </p>
+
+<p>PROV-DM also allows for time observations to be inserted in
+specific descriptions, for each recognized <a
+ title="instantaneous event">instantaneous event</a> introduced in this
+specification. The presence of a time observation for a given <a
+ title="instantaneous event">instantaneous event</a> fixes the mapping of this <a
+ title="instantaneous event">instantaneous event</a> to the timeline. It can also
+help with the verification of associated ordering constraints (though,
+again, this verification is outside the scope of this specification).
+</p>
+
+
+
+</section>
+
+<section id="types-of-events">
+<h4>Types of Events</h4>
+<p>Five kinds of <a title="instantaneous event">instantaneous events</a> are used
+for the PROV-DM data model. The <strong>activity start</strong> and
+<strong>activity end</strong> events delimit the beginning and the end
+of activities, respectively. The <strong>entity usage</strong>,
+<strong>entity generation</strong>, and <strong>entity
+invalidation</strong> events apply to entities, and the generation and
+invalidation events delimit the <a title="characterization interval">characterization interval</a> of
+an entity. More specifically:
+
+</p>
+
+<p>An <dfn id="dfn-start-event">activity start event</dfn> is the <a title="instantaneous event">instantaneous event</a> that marks the instant an activity starts.</p>
+
+<p>An <dfn id="dfn-end-event">activity end event</dfn> is the <a title="instantaneous event">instantaneous event</a> that marks the instant an activity ends.</p>
+
+<p>An <dfn id="dfn-usage-event">entity usage event</dfn> is the <a
+title="instantaneous event">instantaneous event</a> that marks the first instant of
+an entity's consumption timespan by an activity. Before this instant
+the entity had not begun to be used by the activity.</p>
+
+<p>An <dfn id="dfn-generation-event">entity generation event</dfn> is the <a title="instantaneous event">instantaneous event</a> that marks the final instant of an entity's creation timespan, after which
+it is available for use. The entity did not exist before this event.</p>
+
+<p>An <dfn id="dfn-invalidation-event">entity invalidation event</dfn>
+is the <a title="instantaneous event">instantaneous event</a> that
+marks the initial instant of the destruction, invalidation, or
+cessation of an entity, after which the entity is no longer available
+for use. The entity no longer exists after this event.</p>
+
+</section>
+
+
+</section>
+
+
+ <section id="account-section">
+ <h3>Account</h3>
+
+<div class="note">
+ Some of this discussion may belong in the account constraint section
+ as motivation, or as formal constraints/inferences. In particular,
+ the MUST, MAY, SHOULD statements should be clarified and put into
+ the normative section.
+ </div>
+
+<p>It is common for multiple provenance records to co-exist. For
+instance, when emailing a file, there could be a provenance record
+kept by the mail client, and another by the mail server. Such
+provenance records may provide different explanations about something
+happening in the world, because they are created by different parties
+or observed by different witnesses. A given party could also create
+multiple provenance records about an execution, to capture different
+levels of details, targeted at different end-users: the programmer of
+an experiment may be interested in a detailed log of execution, while
+the scientists may focus more on the scientific-level description.
+Given that multiple provenance records can co-exist, it is important
+to have details about their origin, who they are attributed to, how
+they were generated, etc. In other words, an important requirement is
+to be able to express the provenance of provenance. </p>
+
+<div class="note">
+ See ISSUE-343. Also, what is an account's set of descriptions?
+ </div>
+<p>
+ <span class="glossary" id="glossary-account">
+An <dfn>account</dfn> is an entity that contains a bundle of provenance descriptions.
+</span> PROV-DM does not provide an actual mechanism for creating accounts, i.e. for bundling up provenance descriptions and naming them. Accounts MUST satisfy some properties:
+<ul>
+<li>An account is a bundle of provenance descriptions whose content MAY change over time.</li>
+<li>If an account's set of descriptions changes over time, it SHOULD increase monotonically with time. </li>
+<li>A given description of e.g. an entity in a given account, in terms of its identifier and attribute-value pairs, does not change over time. </li>
+</ul>
+
+<div class='note'>
+The last point is important. It indicates that within an account:
+<ul>
+<li>It is always possible to add new provenance descriptions, e.g. stating that a given entity was used by an activity, or derived from another. This is very much an open world assumption.
+<li>It is not permitted to add new attributes to a given entity (a form of closed world assumption from the attributes point of view), though it is always permitted to create a new description for an entity, which is a "copy" of the original description extended with novel attributes (cf Example <a href="#merge-with-rename">merge-with-rename</a>).
+</ul>
+</div>
+
+<p>
+There is no construct in PROV-DM to create such bundles of
+descriptions. Instead, it is assumed that some mechanism, outside
+PROV-DM can create them. However, from a provenance viewpoint, such
+accounts are things whose provenance we may want to describe. In order to be able to do so, we need to see accounts as entities, whose origin can be described using PROV-DM vocabulary. Thus, PROV-DM introduces the reserved type <span class="name">Account</span>.
+</p>
+
+ </section>
+</section>
+
+
+
+
+
<section class="appendix">
<h2>Acknowledgements</h2>
@@ -1968,5 +2266,51 @@
WG membership to be listed here.
</p>
</section>
-
+
+<section class="glossary">
+ <h2>Glossary</h2>
+ <ul>
+ <li> <dfn>anti-symmetric</dfn>: A relation R over X is <a>anti-symmetric</a> if
+ for any elements x, y of X, if x R y and y R x then x = y.</li>
+ <li> <dfn>reflexive</dfn>: A relation R over X is <a>reflexive</a> if
+ for any element x of X, we have x R x.</li>
+ <li> <dfn>symmetric</dfn>: A relation R over X is <a>symmetric</a> if
+ for any elements x, y of X, if x R y then y R x.</li>
+ <li> <dfn>transitive</dfn>: A relation R over X is <a>transitive</a> if
+ for any elements x, y, z of X, if x R y and y R z then x R z.</li>
+
+
+ </ul>
+ </section>
+
+
</body></html>
+
+<!-- LocalWords: px DM RL RDF AQ SEM SOTD Definitional wasInformedBy attrs ag
+ -->
+<!-- LocalWords: wasGeneratedBy wasStartedBy gAttr sAttr wasAttributedTo attr
+ -->
+<!-- LocalWords: wasAssociatedWith dAttrs gAttrs wasDerivedFrom uAttrs eAttrs
+ -->
+<!-- LocalWords: wasRevisionOf specializationOf wasQuotedFrom Traceability WD
+ -->
+<!-- LocalWords: tracedTo aAttr actedOnBehalfOf rAttr traceability TODO xsd
+ -->
+<!-- LocalWords: alternateOf wasEndedBy Lamport's timeline subfigure memberOf
+ -->
+<!-- LocalWords: wasStartedByAgent wasAttributedWith derivedByInsertionFrom
+ -->
+<!-- LocalWords: QName derivedByRemovalFrom EmptyCollection wasVersionOf dm
+ -->
+<!-- LocalWords: RecsWD formedness workflow ness operability CSP versa hyp YY
+ -->
+<!-- LocalWords: disambiguating lifecycle conformant minimalistic Lamport fo
+ -->
+<!-- LocalWords: reflexivity antisymmetry timelines timespan WG concl inv
+ -->
+<!-- LocalWords: continuant occurrent modalities toyota womanInRedDress
+ -->
+<!-- LocalWords: customerInChairAt manWithGlasses customerInChair
+ -->
+<!-- LocalWords: wasStartedByActivity antisymmetric wasInvalidatedBy
+ -->