Abstract
Internet users are becoming increasingly concerned about their personal information being collected and used by Web service providers. Since the privacy policies are mainly developed and maintained separately from the business process that collects and manipulates data, it is hard to perform analysis and management of the processes in terms of privacy policies. We propose a formal technique with which Web service providers describe the use and storage of requesters’ personal data. The description is integrated with a Web service protocol using an extended state machine model. Having such a conceptual model will enable model-driven development and management of Web service protocols with respect to their privacy aspects such as collection, disclosure, and obligation.
Keywords
References
Curbera, F., Duftler, M., Khalaf, R., Nagy, W., Mukhi, N., Weerawarana, S.: Unraveling the Web Services Web: An Introduction to SOAP, WSDL, and UDDI. IEEE Internet Computing 6(2), 86–93 (2002)
Benatallah, B., Casati, F., Toumani, F., Hamadi, R.: Conceptual Modeling of Web Service Conversations. In: Proc. of the 15th Int. Conf. on Advanced Information Systems Engineering, CAiSE 2003, LNCS, vol. 2681, pp. 449–467. Springer, Heidelberg (2003)
Benatallah, B., Casati, F., Ponge, J., Toumani, F.: On Temporal Abstractions of Web Service Protocols. In: CAiSE’05 Short Paper Proceedings, Porto, Portugal (2005)
Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation (2002)
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL 1.1) Specification. IBM Research Report (2003) http://www.zurich.ibm.com/security/enterprise-privacy/epal
Amazon.com: Amazon.com Privacy Notice. (2006) http://www.amazon.com/gp/help/customer/display.html?nodeId=468496
Cranor, L.F.: Web Privacy with P3P. O’Reilly (2002)
Clark, J., DeRose, S.: XML Path Language (XPath) Version 1.0. (1999) http://www.w3.org/TR/xpath
Benatallah, B., Casati, F., Toumani, F.: Representing, Analysing and Managing Web Service Protocols. Data and Knowledge Engineering 58(3), 327–357 (2006)
Benatallah, B., Casati, F., Toumani, F., Ponge, J., Motahari Nezhad, H.: Service Mosaic: A Model-Driven Framework for Web Services Life-Cycle Management. IEEE Internet Computing 10(4), 55–63 (2006)
Levy, S., Gutwin, C.: Improving Understanding of Website Privacy Policies with Fine-Grained Policy Anchors. In: Proc. of the 14th Int. World Wide Web Conference, Chiba, Japan, pp. 480–488. ACM, New York (2005)
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic Databases. In: Proc. of the 28th Int. Conf. on Very Large Data Bases, pp. 143–154. Morgan Kaufmann, Washington (2002)
Rezgui, A., Ouzzani, M., Bouguettaya, A., Medjahed, B.: Preserving Privacy in Web Services. In: Proc. of the 4th Int. Workshop on Web Information and Data Management, Virginia, USA, pp. 56–62. ACM, New York (2002)
Berghe, C.V., Schunter, M.: Privacy Injector - Automated Privacy Enforcement Through Aspects. In: Proc. of 6th Workshop on Privacy Enhancing Technologies, pp. 99–117 (2006)
Basin, D., Doser, J., Lodderstedt, T.: Model driven security: From UML to access control infrastructures. ACM Trans. Soft. Eng. Methodol. 15(1), 39–91 (2006)
Curbera, F., Goland, Y., Klein, J., Leymann, F., Roller, D., Thatte, S., Weerawarana, S.: Business Process Execution Language for Web Services (BPEL4WS) (2002) http://dev2dev.bea.com/techtrack/BPEL4WS.jsp
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Hamadi, R., Paik, HY., Benatallah, B. (2007). Conceptual Modeling of Privacy-Aware Web Service Protocols. In: Krogstie, J., Opdahl, A., Sindre, G. (eds) Advanced Information Systems Engineering. CAiSE 2007. Lecture Notes in Computer Science, vol 4495. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72988-4_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-72988-4_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72987-7
Online ISBN: 978-3-540-72988-4
eBook Packages: Computer ScienceComputer Science (R0)