Abstract
Service-Oriented Computing (SOC) is a major trend in designing and implementing distributed computer-based applications. Dynamic late biding makes SOC a very promising way to realize pervasive computing, which promotes the integration of computerized artifacts into the fabric of our daily lives. However, pervasive computing raises new challenges which SOC has not addressed yet. Pervasive application relies on highly dynamic and heterogeneous entities. They also necessitate an important data collection to compute the context of users and process sensitive data. Such data collection and processing raise well-known concerns about data disclosure and use. They are a brake to the development of widely accepted pervasive applications. SOC already permits to impose constraints on the bindings of services. We propose to add a new range of constraints to allow data privatization, i.e. the restriction of their disclosure. We extend the traditional design and binding phases of a Service-Oriented Architecture with the expression and the enforcement of privatization constraints. We express and enforce these constraints according to a two phases model-driven approach. Our work is validated on real-world services.
Chapter PDF
Similar content being viewed by others
References
Barker, S.: The next 700 access control models or a unifying meta-model? In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 187–196. ACM, New York (2009)
Basin, D., Doser, J., Lodderstedt, T.: Model Driven Security: from UML Models to Access Control Infrastructures. ACM Transactions on Software Engineering and Methodology 15, 39–91 (2006)
Carminati, B., Ferrari, E., Hung, P.: Security Conscious Web Service Composition. In: International Conference on Web Services (ICWS), pp. 489–496. IEEE Computer Society, Los Alamitos (2006)
Chollet, S., Lalanda, P.: Security specifcation at process level. In: SCC 2008: Proceedings of the 2008 IEEE International Conference on Services Computing, pp. 165–172. IEEE Computer Society, Washington, DC (2008)
Dami, S., Estublier, J., Amiour, M.: APEL: A Graphical Yet Executable Formalism for Process Modeling. Automated Software Engg. 5(1), 61–96 (1998)
Emerson, E.A.: Temporal and modal logic. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science, vol. B, pp. 995–1072. MIT Press (1990)
Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. In: Proceedings of the 15th National Computer Security Conference, pp. 554–563 (1992)
Garcia, D.Z.G., de Toledo, M.B.F.: Ontology-based security policies for supporting the management of web service business processes. In: ICSC, pp. 331–338 (2008)
Laroussinie, F., Schnoebelen, P.: Specification in ctl + past for verification in ctl. Inf. Comput. 156, 236–263 (2000)
Orriëns, B., Yang, J., Papazoglou, M.P.: Model Driven Service Composition. In: Orlowska, M.E., Weerawarana, S., Papazoglou, M.P., Yang, J. (eds.) ICSOC 2003. LNCS, vol. 2910, pp. 75–90. Springer, Heidelberg (2003)
Pnueli, A.: The temporal logic of programs. In: Proceedings of the 18th Annual Symposium on Foundations of Computer Science, pp. 46–57. IEEE Computer Society, Washington, DC (1977)
Rodríguez, A., Fernández-Medina, E., Piattini, M.: A BPMN Extension for the Modeling of Security Requirements in Business Processes. IEICE - Transactions on Information and Systems E90-D(4), 745–752 (2007)
Samarati, P., de Capitani di Vimercati, S.: Access Control: Policies, Models, and Mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)
Souza, A.R.R., Silva, B.L.B., Lins, F.A.A., Damasceno, J.C., Rosa, N.S., Maciel, P.R.M., Medeiros, R.W.A., Stephenson, B., Motahari-Nezhad, H.R., Li, J., Northfleet, C.: Incorporating Security Requirements into Service Composition: From Modelling to Execution. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 373–388. Springer, Heidelberg (2009)
Srivatsa, M., Iyengar, A., Mikalsen, T.A., Rouvellou, I., Yin, J.: An Access Control System for Web Service Compositions. In: International Conference on Web Services (ICWS), pp. 1–8. IEEE Computer Society, Los Alamitos (2007)
Vallecillo, A.: On the Combination of Domain Specific Modeling Languages. In: Kühne, T., Selic, B., Gervais, M.-P., Terrier, F. (eds.) ECMFA 2010. LNCS, vol. 6138, pp. 305–320. Springer, Heidelberg (2010)
Wolter, C., Schaad, A., Meinel, C.: Deriving XACML Policies from Business Process Models. In: Weske, M., Hacid, M.-S., Godart, C. (eds.) WISE Workshops 2007. LNCS, vol. 4832, pp. 142–153. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Faravelon, A., Chollet, S., Verdier, C., Front, A. (2012). Configuring Private Data Management as Access Restrictions: From Design to Enforcement. In: Liu, C., Ludwig, H., Toumani, F., Yu, Q. (eds) Service-Oriented Computing. ICSOC 2012. Lecture Notes in Computer Science, vol 7636. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34321-6_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-34321-6_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34320-9
Online ISBN: 978-3-642-34321-6
eBook Packages: Computer ScienceComputer Science (R0)