Abstract
This paper addresses the problem of monitoring the compliance of privacy agreement that spells out a consumer’s privacy rights and how consumer private information must be handled by the service provider. A state machine based model is proposed to describe the Private Data Use Flow (PDUF) toward monitoring which can be used by privacy analyst to observe the flow and capture privacy vulnerabilities that may lead to non-compliance. The model is built on top of (i) properties and timed-related privacy requirements to be monitored that are specified using LTL (Linear Temporal logic) (ii) a set of identified privacy misuses.
This work is partially supported by the French National Research Agency (ANR) - Program “Jeunes chercheurs:Servicemosaic” a part of the international project ServiceMosaic; http://servicemosaic.isima.fr/.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Barbon, F., Traverso, P., Pistore, M., Trainotti, M.: Run-time monitoring of instances and classes of web service compositions. In: ICWS 2006. Proceedings of the IEEE International Conference on Web Services, pp. 63–71. IEEE Computer Society Press, Chicago (2006)
Baresi, L., Ghezzi, C., Guinea, S.: Smart monitors for composed services. In: ICSOC 2004. Proceedings of the 2nd international conference on Service oriented computing (2004)
Baresi, L., Guinea, S.: Towards dynamic monitoring of ws-bpel processes. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 269–282. Springer, Heidelberg (2005)
Benbernou, S., Meziane, H., Li, Y.H., Hacid, M.: A privacy agreement model for web services. In: SCC 2007. IEEE International Conference on Service Computing, IEEE Computer Society Press, Salt Lake City, USA (2007)
Guermouche, N., Benbernou, S., Coquery, C.E, Hacid, M.: Privacy-aware web service protocol replaceability. In: ICWS 2007. IEEE International Conference on Web Services, IEEE Computer Society Press, Salt Lake City, USA (2007)
Yee, G., Korba, L.: Privacy policy compliance for web services. In: ICWS 2004. Proc. of the IEEE International Conference on Web Services, IEEE Computer Society Press, San Diego, USA (2004)
Kazhamiakin, R., Pandya, P., Pistore, M.: Representation, verification, and computation of timed properties in web. In: ICWS 2006. Proceedings of the IEEE International Conference on Web Services, IEEE Computer Society Press, Los Alamitos (2006)
Lazovik, A., Aiello, M., Papazoglou, M.: Associating assertions with business processes and monitoring their execution. In: ICSOC 2004. Proceedings of the 2nd international conference on Service oriented computing (2004)
Mahbub, K., Spanoudakis, G.: Run-time monitoring of requirements for systems composed of web-services: Initial implementation and evaluation experience. In: ICWS. 2005 IEEE International Conference on Web Services, IEEE Computer Society Press, Orlando, Florida, USA (2005)
Manna, Z., Pnueli, A.: The Temporal Logic of Reactive and Concurrent Systems:Specification. Springer, Heidelberg (1992)
Mont, M.C., Pearson, S., Thyne, R.: A systematic approach to privacy enforcement and policy compliance checking in enterprises. In: Fischer-Hübner, S., Furnell, S., Lambrinoudakis, C. (eds.) TrustBus 2006. LNCS, vol. 4083, pp. 91–102. Springer, Heidelberg (2006)
Spanoudakis, G., Mahbub, K.: Non intrusive monitoring of service based systems. International Journal of Cooperative Information Systems (2006)
Yee, G.: Visualization for privacy compliance. In: VizSEC 2006. Proceedings of the 3rd international workshop on Visualization for computer security, Fairfax, USA (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Benbernou, S., Meziane, H., Hacid, M.S. (2007). Run-Time Monitoring for Privacy-Agreement Compliance. In: Krämer, B.J., Lin, KJ., Narasimhan, P. (eds) Service-Oriented Computing – ICSOC 2007. ICSOC 2007. Lecture Notes in Computer Science, vol 4749. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74974-5_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-74974-5_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74973-8
Online ISBN: 978-3-540-74974-5
eBook Packages: Computer ScienceComputer Science (R0)