Semančík, RadovanRoßnagel, HeikoSchunck, Christian H.Mödersheim, Sebastian2021-05-202021-05-202021978-3-88579-706-7https://dl.gi.de/handle/20.500.12116/36496Data provenance information is an important part of personal data protection mechanisms. However, capabilities of existing identity management systems are severely limited when it comes to maintaining and processing data provenance information. This paper describes an effort to design and implement capability to process provenance information in midPoint, an open source identity management and governance system. The solution used value metadata for the purposes of storage and processing of provenance information. Resulting prototype was fully integrated into midPoint code base. The solution dealt with all layers of provenance information processing, from data acquisition to user interface. The prototype uncovered a relation between provenance information and other metadata types, as well as potential use of provenance-enriched metadata in conjunction with data protection mechanisms.enIdentity managementData provenanceData modelingMetadataPersonal data protectionComplexities of Identity Provenance MetadataText/Conference Paper1617-5468