Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
A Chinese Wall Approach to Privacy Policies for the Web
COMPSAC '02 Proceedings of the 26th International Computer Software and Applications Conference on Prolonging Software Life: Development and Redevelopment
Privacy-enhancing technologies: approaches and development
Computer Standards & Interfaces
From Physical Marketing to Web Marketing: The Web-Marketing Mix
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 7 - Volume 7
Role-Based Access Control
Privacy Policy Compliance for Web Services
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Providing Privacy for Web Services by Anonymous Group Identification
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Towards Standardized Web Services Privacy Technologies
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Access Control for Semantic Web Services
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Privacy risk models for designing privacy-sensitive ubiquitous computing systems
DIS '04 Proceedings of the 5th conference on Designing interactive systems: processes, practices, methods, and techniques
Services Computing: Grid Applications for Today
IT Professional
Averting Security Missteps in Outsourcing
IEEE Security and Privacy
Exploring Privacy Issues in Web Services Discovery Agencies
IEEE Security and Privacy
Ontology guided XML security engine
Journal of Intelligent Information Systems - Special issue: Database and applications security
Structure of service level agreements (SLA) in IT outsourcing: The construct and its measurement
Information Systems Frontiers
International Journal of Organizational and Collective Intelligence
Engineering e-Collaboration Services with a Multi-Agent System Approach
International Journal of Systems and Service-Oriented Engineering
International Journal of Systems and Service-Oriented Engineering
The Journal of Strategic Information Systems
Hi-index | 0.00 |
With the recent adoption of service outsourcing, there have been increasing general demands and concerns for privacy control, in addition to basic requirement of integration. The traditional practice of a bulk transmission of the customers' information to an external service provider is no longer adequate, especially in the finance and healthcare sectors. From our consultancy experience, application-to-application privacy protection technologies at the middleware layer alone are also inadequate to solve this problem, particularly when human service providers are heavily involved in the outsourced process. Therefore, we propose a layered architecture and a development methodology for enforcing end-to-end privacy control policies of enterprises over the export of personal information. We illustrate how Web services, augmented with updated privacy facilities such as Service Level Agreement (SLA), Platform for Privacy Preferences Project (P3P), and the P3P Preference Exchange Language (APPEL), can provide a suitable interoperation platform for service outsourcing. We further develop a conceptual model and an interaction protocol to send only the required part of a customer's record at a time. We illustrate our approach for end-to-end privacy control in service outsourcing with a tele-marketing case study and show how the software of the outsourced call center can be integrated effectively with the Web services of a bank to protect privacy.