Toward Provenance-Based Security for Configuration Languages


Paul Anderson and James Cheney, University of Edinburgh


Large system installations are increasingly configured using high-level, mostly-declarative languages. Often, different users contribute data that is compiled centrally and distributed to individual systems. Although the systems themselves have been developed with reliability and availability in mind, the configuration compilation process can lead to unforeseen vulnerabilities because of the lack of access control on the different components combined to build the final configuration. Even if simple change-based access controls are applied to validate changes to the final version, changes can be lost or incorrectly attributed. Based on the growing literature on provenance for database queries and other models of computation, we identify a potential application area for provenance to securing configuration languages.


Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {179541,
title = {Toward Provenance-Based Security for Configuration Languages},
booktitle = {4th {USENIX} Workshop on the Theory and Practice of Provenance (TaPP 12)},
year = {2012},
address = {Boston, MA},
url = {},
publisher = {{USENIX} Association},
month = jun,

Presentation Video

Presentation Audio