Date Added: May 2011
Information leaks are a constant worry for companies and government organizations. After a leak occurs it is very important for the data owner to not only determines the extent of the leak, but who originally leaked the information. The authors propose a technique to extend data provenance to aid in determining potential sources of information leaks. While data provenance is commonly defined as the ancestry of a file, the ancestry recorded depends on the provenance collector. Instead of only recording where a file came from, they propose to also track when and where a file leaves the system.