Propagation of data protection requirements in multi-stakeholder web services systems

Authors:
Tan Phan;Jun Han;Garth Heward;Steve Versteeg
Affiliations:
Faculty of ICT, Swinburne University of Technology, Melbourne, Australia;Faculty of ICT, Swinburne University of Technology, Melbourne, Australia;Faculty of ICT, Swinburne University of Technology, Melbourne, Australia;CA Labs, Melbourne, Australia
Venue:
WISE'10 Proceedings of the 11th international conference on Web information systems engineering
Year:
2010

Citing 3
Cited 0

An Adaptive Tradeoff Model for Service Performance and Security in Service-Based Systems

ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
The SCIFC Model for Information Flow Control in Web Service Composition

ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
Information flow control to secure dynamic web service composition

SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Protecting data in multi-stakeholder Web Services systems is a challenge. Using current Web Services security standards, data might be transmitted under-protected or blindly over-protected when the receivers of the data are not known directly to the sender. This paper presents an approach to aiding collaborative partner services to properly protect each other's data. Each partner derives an adequate protection mechanism for each message it sends based on those of the relevant messages it receives. Our approach improves the message handling mechanisms of Web Services engines to allow for dynamic data protection requirements derivation. A prototype is used to validate the approach and to show the performance gain.