Provenance

Provenance definition in Computer Security terms:

Acronym(s): None

Definition(s): The records describing the possession of, and changes to, components, component processes, information, systems, organization, and organizational processes. Provenance enables all changes to the baselines of components, component processes, information, systems, organizations, and organizational processes, to be reported to specific actors, functions, locales, or activities.
Source(s): NIST SP 800-53 Rev. 4

For ICT SCRM, the records describing the possession of, and changes to, components, component processes, information, systems, organization, and organizational processes. Provenance enables changes to the baselines of components, component processes, information, systems, organizations, and organizational processes, to be reported to appropriate actors, functions, locales, or activities.
Source(s): NIST SP 800-161

Synonym(s): None

 

reference: CSRC Glossary