-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
InvestigativeAction
s should be required to produce at least one ProvenanceRecord
#146
Comments
This new shape stemmed from discussion on CASE Issue 136. As a matter of preserving backwards compatibility, this patch introduces the shape requiring `ProvenanceRecord`s with a `sh:Warning`-level severity. In CASE 2.0.0, this requirement will be strengthened into a `sh:Violation`. A separate proposal will be filed with UCO to test the minimum qualified cardinality OWL structure. A draft of that syntax review system was used to test this patch. This patch adds a version floor for pySHACL to ensure an update in qualified value shape handling is included, which is necessary for the new property shape to function when using pySHACL. Disclaimer: References: * RDFLib/pySHACL#213 * #136 * #146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
A follow-on patch will regenerate Make-managed files. References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
A follow-on patch will regenerate Make-managed files. References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
A follow-on patch will regenerate Make-managed files. References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
A follow-on patch will regenerate Make-managed files. References: * casework/CASE#146 Signed-off-by: Alex Nelson <alexander.nelson@nist.gov>
While I agree with this proposal in intended spirit I do not feel it is viable due to Risk 1 and Risk 2 above. I do not believe either of these risks can be ignored in favor of the intent of this proposal. I believe that Risk 2 is real and could have a significant impact if ignored. We can say that an InvestigativeAction SHOULD have at least one ProvenanceRecord but we cannot say MUST. |
More on Risk 1: I'm more inclined to review and revise that minimum-count 1 SHACL rule on I'm glad you and think it is appropriate to represent investigative actions that have no non-provenance-record results. I think it's a little strange-feeling to have a provenance record with no members as the sole result of an investigative action, but it isn't necessarily wrong. For instance, it could be a further sanity check down stream in CASE analysis if that "empty" provenance record were used by a later investigative action and nothing in the (empty) provenance record was also an input to that same investigative action. (This is inching out of scope of this proposal, but my gut's saying that's a sanity check I would be grateful to have; it sounds like it would catch copy-paste errors stemming from copying the wrong thing.) I think Risk 1 is solely from If Org1 shares part of a graph with Org2, and includes some After discussion on this morning's call, it is likely that that spelling change for |
From discussion on this morning's call, we felt the risks (including the one realized just prior to the call on information sharing) left us uncertain the requirements are sufficiently captured. We will return to this after proposing at least one upstream matter on UCO to address Risk 1. |
The proposal has received some revisions (accompanied by string "2024-02-15"), and an extra step in its coordination checklist. |
Risk 1 has been addressed with the resolution of UCO Issue 599. |
Background
Discussion on CASE Issue 136 suggests that an
InvestigativeAction
should always result in the creation of at least oneProvenanceRecord
.Requirements
Requirement 1
CASE should enforce that an
InvestigativeAction
results in at least oneProvenanceRecord
.As an implementation note, this would be done with a qualified SHACL constraint.
Edited 2024-02-15: "Must" relaxed to "should".
Requirement 2
CASE should describe in a mechanically discoverable way that an
InvestigativeAction
is expected to always result in at least oneProvenanceRecord
.As an implementation note, this would be done with a qualified minimum cardinality in an OWL Restriction.
Risk / Benefit analysis
Benefits
ProvenanceRecord
always be generated induces a chain of custody tie in forensic processing for resultant objects ofInvestigativeAction
s.Risks
ProvenanceRecord
always have one memberUcoObject
. Thus, this proposal would induce a significant requirement onInvestigativeAction
s: They must always result in something aside from theProvenanceRecord
.ProvenanceRecord
is too stringent. It is somewhat a separate concern that there might exist a class ofInvestigativeAction
s that truly have no results. Perhaps: "This action found all files within this directory. There were none."ProvenanceRecord
s may now be empty.Action
s might be desired to be defined in a manner that attempt to restrict the results to a specific class, e.g., IP addresses. If such an action-class were introduced, it could never be anInvestigativeAction
, because anInvestigativeAction
would be required to include aProvenanceRecord
among its results. Hence, this proposal would end up inducing an upstream design constraint on UCO:action:result
can never be constrained withowl:allValuesFrom
, because UCO doesn't "know" aboutcase-investigation:ProvenanceRecord
.ProvenanceRecord
among the results. This is an inconclusive point from the discussion on CASE Issue 136, and could be affected depending on whether the committee decides a subaction'sProvenanceRecord
should also be recorded in the parent action's results.InvestigativeAction
. CASE and UCO previously abandoned OWL in UCO 0.7.0 / CASE 0.5.0. This proposal starts a disciplined reintroduction of OWL constructs, testing with the UCO-OWL syntax review mechanisms.InvestigativeAction
for, say, its timing and tool-use relevance, but doesn't share the identifier for the generatedProvenanceRecord
, the shared data should by itself still be conformant to UCO, and should not impose UCO validation errors when folded into the receiving organization's knowledge base.Competencies demonstrated
Competencies are omitted from this proposal, as the effects are new restrictions on data, and hence do not enable new expressive abilities.
Solution suggestion
For CASE 1.x.0, add the following to
investigation.ttl
:For CASE 2.0.0, remove the
sh:message
andsh:severity
triples from the addedsh:PropertyShape
.Coordination
InvestigativeAction
s that have no non-ProvenanceRecord
results confirmed supportable.develop
for the next releasedevelop
state with backwards-compatible implementation merged intodevelop-2.0.0
develop-2.0.0
(or N/A)develop
branch updated to track UCO's updateddevelop
branchdevelop-2.0.0
branch updated to track UCO's updateddevelop-2.0.0
branchThe text was updated successfully, but these errors were encountered: