Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 8th European software engineering conference held jointly with 9th ACM SIGSOFT international symposium on Foundations of software engineering
Interface Theories for Component-Based Design
EMSOFT '01 Proceedings of the First International Workshop on Embedded Software
Translating Privacy Practices into Privacy Promises—How to Promise What You Can Keep
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Challenges to Reusable Services
SCC '05 Proceedings of the 2005 IEEE International Conference on Services Computing - Volume 02
LTSA-WS: a tool for model-based verification of web service compositions and choreography
Proceedings of the 28th international conference on Software engineering
A Framework for Building Privacy-Conscious Composite Web Services
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Privacy and Utility in Business Processes
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A privacy controller approach for privacy protection in web services
Proceedings of the 2007 ACM workshop on Secure web services
A formal modeling platform for composing web services
Expert Systems with Applications: An International Journal
Towards the development of privacy-aware systems
Information and Software Technology
Formal consistency verification between BPEL process and privacy policy
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
IEEE Transactions on Software Engineering
Composing semantic Web services under constraints
Expert Systems with Applications: An International Journal
Role-based consistency verification for privacy-aware Web services
CTS '09 Proceedings of the 2009 International Symposium on Collaborative Technologies and Systems
Modeling Cost-Aware Web Services Composition Using PTCCS
ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
Conceptual modeling of privacy-aware web service protocols
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Choreography conformance analysis: asynchronous communications and information alignment
WS-FM'06 Proceedings of the Third international conference on Web Services and Formal Methods
Choreography and orchestration conformance for system design
COORDINATION'06 Proceedings of the 8th international conference on Coordination Models and Languages
Role-based collaboration and its kernel mechanisms
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Roles in Information Systems: A Survey
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Supporting Software Development With Roles
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Toward a Service-Oriented Development Through a Case Study
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
| Hi-index | 12.05 |
Web services collaborations are challenging as research and practical tasks. They are highly automatic, dynamic, heterogeneous, and lack protection against corruption of processes. High risks are imposed on the services (including the consumers and providers) in collaboration. Hence, avoiding illegal collection of private data disclosed in services collaboration is becoming increasingly important. This paper studies how to realize the minimal privacy disclosure while achieving the functional objectives through role mechanisms. Initially, it proposes a revised role-based framework for privacy-aware services collaborations, which considers the impact on the reputation degree of the historic experiences of services in playing roles. Next, it models the privacy behaviors of services by extending the interface automata to support privacy semantics. Furthermore, it quantitatively analyzes the minimal privacy authorization; and presents the minimal privacy delegation algorithm, which allows us to automatically derive optimal privacy policies for an cross-organizational services collaborations system. Finally, it verifies the correctness and efficiency of this role-based approach through a case study.