Introduction Overview Background Motivation Our Solutions and Contributions Outline of the Book Next Steps References Section I: Supporting Technologies Introduction to Section I Security and Provenance Overview Scalability and Security of Provenance Access Control Languages and Provenance Graph Operations and Provenance Summary and Directions References Access Control and Semantic Web Overview Access Control Semantic Web Semantic Web and Security Summary and Directions References The Inference Problem Overview The Inference Problem Functions of an Inference Controller Inference Strategies Security Constraints Machine Learning and Inference Our Approach Historical Perspective A Note on the Privacy Problem Summary and Directions References Inference Engines Overview Concepts for Inference Engines Software Systems Summary and Directions References Inferencing Examples Overview Inference Function Classification of a Knowledge Base Inference Strategies and Examples Approaches to the Inference Problem Inferences in Provenance Summary and Directions References Cloud Computing Tools and Frameworks Overview Cloud Computing Tools Cloud Computing Framework RDF Integration Provenance Integration Secure Query Processing in a Cloud Environment The Web Application Layer The ZQL Parser Layer The XACML Policy Layer The Hive Layer HDFS Summary and Directions References Section I Conclusion Section II Secure Data Provenance Introduction to Section II Scalable and Efficient RBAC for Provenance Overview Motivation and Contributions Unified and Flexible Policies Supporting Inferences in RBAC Overview of Our Approach Extending RBAC to Support Provenance A Query-Retrieval Process Example of a Policy Query Example of a SWRL Rule Example of a Trace Output of the Trace Comment Experimental Evaluation Summary and Directions References A Language for Provenance Access Control Overview Challenges and Drawbacks Drawbacks of Current Access Control Mechanisms Policy Language Solution Based on Regular Expression Queries Data Representation Graph Data Model Provenance Vocabulary Path Queries Graph Analysis Analysis of Digraphs Composition of Digraphs Access Control Policy Architecture Modules in Access Control Policy Architecture Use Case: Medical Example Query Templates Additional Templates Access Control Example Prototype Summary and Directions References Transforming Provenance Using Redaction Overview Graph Grammar An Example Graph Transformation Step Valid Provenance Graph Discussion Redaction Policy Architecture Experiments Summary and Directions References Section II Conclusion Section III Inference Control Introduction to Section III Architecture for an Inference Controller Overview Design of an Inference Controller Modular Design Policy Processing Parsing Process High-Level Policy Translation DL Rule Assembler DL Policy Translation Access Control Policy Assembler Redaction Policy Assembler Explanation Service Layer Summary and Directions References Inference Controller Design Overview Design Philosophy Inference Controller Process Overview of a Query Process Summary and Directions References Provenance Data Representation for Inference Control Overview Data Models for the Inference Controller Separate Stores for Data and Provenance Summary and Directions References Queries with Regular Path Expressions Overview Background Regular Expressions SPARQL Queries Summary and Directions References Inference Control through Query Modification Overview Query Modification with Relational Data SPARQL Query Modification Query Modification for Enforcing Constraints Overview of Query Modification Graph Transformation of a SPARQL Query BGP Match Pattern/Apply Pattern Summary and Directions References Inference and Provenance Overview Invoking Inference Rules Approaches to the Inference Problem Inferences in Provenance Implicit Information in Provenance Use Cases of Provenance Use Case: Who Said That? Use Case: Cheating Dictator Processing Rules Summary and Directions References Implementing the Inference Controller Overview Implementation Architecture Provenance in a Health Care Domain Populating the Provenance Knowledge Base Generating and Populating the Knowledge Base Generating Workflows Policy Management Supporting Restrictions Explanation Service Layer Generators Selecting Background Information Background Generator Module Annotating the Workflow Generating Workflows Incomplete Information in the Databases Use Case: Medical Example Semantic Associations in the Workflow Implementing Constraints Query Modification for Enforcing Constraints Summary and Directions References Section III Conclusion Section IV Unifying Framework Introduction to Section IV Risk and Inference Control Overview Risk Model User''s System Internal Knowledge Base System Controller Adding Provenance Semantic Framework for Inferences Ontologies Rules Query Logs Summary and Directions References Novel Approaches to Handle the Inference Problem Overview Motivation for Novel Approaches Inductive Inference Learning by Examples Security Constraints and Inductive Inference Probabilistic Deduction Formulation of the Inference Problem Probabilistic Calculus Probabilistic Calculus and Database Security A Note on Algorithmic Information Theory Mathematical Programming Nonmonotonic Reasoning Inferencing in an MP Environment Mathematical Programming and Database Security Game Theory Noncooperative and Cooperative Games Query Processing as a Noncooperative Game Ehrenfeucht-Fraisse Game Adversarial Mining and Inference Summary and Directions References A Cloud-Based Policy Manager for Assured Information Sharing Overview Architecture Overview Modules in Our Architecture User Interface Layer Policy Engines Data Layer Features of Our Policy Engine Framework Develop and Scale Policies Justification of Resources Policy Specification and Enforcement Cloud-Ba.