Technical Reports (CIS)

Document Type

Technical Report

Date of this Version



University of Pennsylvania Department of Computer and Information Science Technical Report No. MS-CIS-10-22.


We study the problem of providing workflow data provenance without revealing the functionality of any module. We develop a model that formalizes the notion of privacy of modules embedded in a workflow structure as a natural extension of privacy of standalone modules. Our model shows that by hiding a small amount of carefully chosen data, one can ensure privacy of all modules over an unbounded number of executions. The problem of identifying the smallest possible amount of such data is NP-hard, and in the full generality of our model it is in fact even hard to get a good approximation. However, we are able to design good approximation algorithms for optimizing the amount of hidden data when either the privacy model is slighted restricted or there is bounded sharing of data items among various modules.



Date Posted: 28 May 2010