[ckan-discuss] Mechanisms for ensuring provenance in CKAN

William Waites ww at styx.org
Fri Feb 18 11:43:30 GMT 2011


* [2011-02-18 11:35:20 +0100] Jonathan Gray <jonathan.gray at okfn.org> écrit:

] For example, is
] there any way we can 'certify' certain data packages/resources as
] official?

You create a curated group and the curators make sure that
official packages are in that group. You trust that the 
official organisation has sufficient control over their own
resources and namespace that whatever they serve from URLs
under their control will be what they intend to serve.

] Also what about, e.g. providing a mechanism for public
] bodies to 'certify' derived datasets contributed externally?

This can be very, very hard if you follow the whole PKI 
path. The reason is, say I make a derivative dataset and put
it on my ftp site. The government decides they like it and
want to endorse it. I get the endorsement in the government's
data registry and then I switch the file with something else.
So you need to be able to tell that the thing which was 
endorsed is the same thing that you have downloaded. There
is nothing preventing the use of CKAN to hold such signatures
but the web-of-trust needed to verify them is well beyond
the scope of CKAN I think.

A much cheaper way of doing it is for the government to
simply adopt derived datasets that they like and move them
into their own namespace. It's much less likely that a
dataset served out from government facilities has been
surrepticiously swapped with another - this is a dubious
assumption perhaps but at least it would be a lot more 
*embarassing* if it happened to the government so they
would be more motivated to keep things reasonably tight 
and secure. Of course they can do this now and don't need
anything special in CKAN.
 
This is "weak" provenance. There are lots of ways it could
fail either due to error or maliciousness. But odds are that
most of the time it will work.

Cheers,
-w
-- 
William Waites                <mailto:ww at styx.org>
http://river.styx.org/ww/        <sip:ww at styx.org>
F4B3 39BF E775 CF42 0BAB  3DF0 BE40 A6DF B06F FD45



More information about the ckan-discuss mailing list