research-article

Privacy regulation aware service selection for multi-provision cloud service composition

Authors:

Zhiqiu HuangAuthors Info & Claims

Volume 126, Issue C

Pages 263 - 278

https://doi.org/10.1016/j.future.2021.08.010

Published: 01 January 2022 Publication History

Abstract

The proliferation of cloud computing is driving the rapid growth of multi-provision cloud service composition (MPCSC), in which each cloud service provider (CSP) can offer multiple services simultaneously. Due to the openness and virtualization of cloud environments, cloud service providers (CSPs) may collect and distribute users’ privacy information without permission or authorization. More seriously, some CSPs have the ability to infer additional privacy information by combining multiple pieces of such data. Therefore, privacy is one of the main concerns of users seeking to take advantage of cloud services (CSs). This paper aims at addressing this problem by constructing a privacy regulation aware cloud service composition under considering the multi-service provision characteristics of CSPs. Firstly, it models user privacy requirements to formulate the problem of privacy regulation aware service selection for MPCSC (PSSM). Then, it proposes a pre-processed Kuhn–Munkres (KM) algorithm-based approach to solving the PSSM problem. Finally, it demonstrates that the proposed approach is effective and efficient for solving the PSSM problem by conducting a series of simulation experiments.

Highlights

•

Model user privacy requirements for multi-provision cloud service composition (MPCSC).

•

Formulate the problem of privacy regulation aware service selection for MPCSC (PSSM).

•

Propose a pre-processed KM algorithm approach to solve the PSSM problem.

•

Verify the effectiveness and efficiency of the proposed approach by simulation experiments.

References

[1]

Armbrust, Michael, Fox, Armando, Matei, Above the clouds: A berkeley view of cloud computing, Comm. ACM 53 (6) (2010) 50–58.

[2]

Jansen W., Grance T., Guidelines on security and privacy in public cloud computing, Nat’L Inst. Stand. Technol. 34 (3) (2011) 149-151.

[3]

Bohli J., Gruschka N., Jensen M., Iacono L.L., Marnau N., Security and privacy-enhancing multicloud architectures, IEEE Trans. Dependable Secur. Comput. 10 (4) (2013) 212–224.

[4]

Ghorbel A., Ghorbel M., Jmaiel M., Privacy in cloud computing environments: a survey and research challenges, J. Supercomput. 73 (6) (2017) 2763–2800.

[5]

Shafiq B., Ghayyur S., Masood A., Pervaiz Z., Almutairi A., Khan M.F., Ghafoor A., Composability verification of multi-service workflows in a policy-driven cloud computing environment, IEEE Trans. Dependable Secur. Comput. 14 (5) (2017) 478–493.

[6]

Bahri L., Carminati B., Ferrari E., Privacy in web service transactions: A tale of more than a decade of work, IEEE Trans. Serv. Comput. 11 (2) (2018) 448–465.

[7]

Islam S., Ouedraogo M., Kalloniatis C., Mouratidis H., Gritzalis S., Assurance of security and privacy requirements for cloud deployment models, IEEE Trans. Cloud Comput. 6 (2) (2018) 387–400.

[8]

Ke C., Huang Z., Tang M., Supporting negotiation mechanism privacy authority method in cloud computing, Knowl. Based Syst. 51 (2013) 48–59.

[9]

Shey H., Wang R., Garbani J.P., Daley E., Iqbal R., The state of enterprise software: 2009, Forrester research, 2009.

[10]

Union E., General data protection regulation, Off. J. Eur. Union (2018).

[11]

Russo B., Valle L., Bonzagni G., Locatello D., Pancaldi M., Tosi D., Cloud computing and the new EU general data protection regulation, IEEE Cloud Comput. 5 (6) (2018) 58–68.

[12]

Truong N.B., Sun K., Lee G.M., Guo Y., GDPR-Compliant personal data management: A blockchain-based solution, IEEE Trans. Inf. Forensics Secur. 15 (2020) 1746–1761.

Digital Library

[13]

Zaeem R.N., Barber K.S., The effect of the GDPR on privacy policies: Recent progress and future promise, ACM Trans. Manag. Inf. Syst. 12 (1) (2021) 2:1–2:20.

[14]

Union E., The GDPR: New opportunities, new obligations, Justice Consum. (2018).

[15]

He Q., Yan J., Jin H., Yang Y., Quality-aware service selection for service-based systems based on iterative multi-attribute combinatorial auction, IEEE Trans. Software Eng. 40 (2) (2014) 192–215.

[16]

Ma H., Zhu H., Li K., Tang W., Collaborative optimization of service composition for data-intensive applications in a hybrid cloud, IEEE Trans. Parallel Distributed Syst. 30 (5) (2019) 1022–1035.

[17]

Lin D., Squicciarini A.C., Dondapati V.N., Sundareswaran S., A cloud brokerage architecture for efficient cloud service selection, IEEE Trans. Serv. Comput. 12 (1) (2019) 144–157.

[18]

. EQUINIX, http://www.equinix.com/industries/cloud-providers/.

[19]

Luna J., Taha A., Trapero R., Suri N., Quantitative reasoning about cloud security using service level agreements, IEEE Trans. Cloud Comput. 5 (3) (2017) 457–471.

[20]

Haystax J., Cyber security breaches survey 2018: Statistical release, 2019, http://www.equinix.com/industries/cloud-providers/.

[21]

Tbahriti S., Ghedira C., Medjahed B., Mrissa M., Privacy-enhanced web service composition, IEEE Trans. Serv. Comput. 7 (2) (2014) 210–222.

[22]

Amini M., Osanloo F., Purpose-based privacy preserving access control for secure service provision and composition, IEEE Trans. Serv. Comput. 12 (4) (2019) 604–620.

[23]

Ranchal R., Bhargava B.K., Angin P., Othmane L.B., EPICS: A framework for enforcing security policies in composite web services, IEEE Trans. Serv. Comput. 12 (3) (2019) 415–428.

[24]

H. Martin, M. Roman, H. Jens, M. Erik, H.Z. Jan, v. Johannes, W. Klaus, Complying with Data Handling Requirements in Cloud Storage Systems, IEEE Trans. Cloud Comput., https://doi.org/10.1109/TCC.2020.3000336, https://ieeexplore.ieee.org/document/9109695, To be published.

[25]

Kuhn H.W., The hungarian method for the assignment problem, Naval Res. Logistic Quart. 2 (1955) 83–97. https://doi.org/10.1016/j.knosys.2013.07.001.

[26]

Munkres J., Algorithms for the assignment and transportation problems, SIAM. J. 10 (1962).

[27]

A. Deshpande, A. Machanavajjhala, Privacy Challenges in the Post-GDPR World: A Data Management Perspective, https://goo.gl/m9Q2fZ.

[28]

Ma H., Zhu H., Hu Z., Tang W., Dong P., Multi-valued collaborative QoS prediction for cloud service via time series analysis, Future Gener. Comput. Syst. 68 (2017) 275–288.

[29]

C. Ke, F. Xiao, Z. Huang, Y. Meng, Y. Cao, Ontology-Based Privacy Data Chain Disclosure Discovery Method for Big Data, IEEE Trans. Services Comput, https://doi.org/10.1109/TSC.2019.2921583, https://ieeexplore.ieee.org/document/8734006, To be published.

[30]

Zhu H., Zhou M., Alkins R., Group role assignment via a kuhn-munkres algorithm-based solution, IEEE Trans. Syst. Man Cybern. Part A 42 (3) (2012) 739–750.

[31]

Zhu H., Alkins R., Improvement to rated role assignment algorithms, in: Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, San Antonio, TX, USA, 11-14 October 2009, IEEE, 2009, pp. 4716–4721.

[32]

IBM H., IBM ILOG CPLEX Optimization studio, 2019, https://www.ibm.com/products/ilog-cplex-optimization-studio.

[33]

Zhu H., Avoiding conflicts by group role assignment, IEEE Trans. Syst. Man Cybern. Syst. 46 (4) (2016) 535–547.

[34]

Moghaddam M., Davis J.G., Viglas T., A combinatorial auction model for composite service selection based on preferences and constraints, in: 2013 IEEE International Conference on Services Computing, Santa Clara, CA, USA, June 28 - July 3, 2013, IEEE Computer Society, 2013, pp. 81–88.

[35]

Wu Q., Ishikawa F., Zhu Q., Shin D., Qos-aware multigranularity service composition: Modeling and optimization, IEEE Trans. Syst. Man Cybern. Syst. 46 (11) (2016) 1565–1577.

[36]

Deng S., Wu H., Hu D., Zhao J.L., Service selection for composition with QoS correlations, IEEE Trans. Serv. Comput. 9 (2) (2016) 291–303.

Digital Library

[37]

Zhang Y., Cui G., Deng S., He Q., Alliance-aware service composition based on quotient space, in: IEEE International Conference on Web Services, ICWS 2016, San Francisco, CA, USA, June 27 - July 2, 2016, IEEE Computer Society, 2016, pp. 340–347.

[38]

Wang Y., He Q., Ye D., Yang Y., Service selection based on correlated QoS requirements, in: 2017 IEEE International Conference on Services Computing, SCC 2017, Honolulu, HI, USA, June 25-30, 2017, IEEE Computer Society, 2017, pp. 241–248.

[39]

Moghaddam M., Davis J.G., Simultaneous service selection for multiple composite service requests: A combinatorial auction approach, Decis. Support Syst. 120 (2019) 81–94.

[40]

Li F., Zhang L., Liu Y., Laili Y., Qos-aware service composition in cloud manufacturing: A gale-Shapley algorithm-based approach, IEEE Trans. Syst. Man Cybern. Syst. 50 (7) (2020) 2386–2397.

[41]

Costante E., Paci F., Zannone N., Privacy-aware web service composition and ranking, in: 2013 IEEE 20th International Conference on Web Services, Santa Clara, CA, USA, June 28 - July 3, 2013, IEEE Computer Society, 2013, pp. 131–138.

[42]

Belabed A., Aïmeur E., Chikh M.A., Fethallah H., A privacy-preserving approach for composite web service selection, Trans. Data Priv. 10 (2) (2017) 83–115.

[43]

Tang M., Xie J., Zeng S., A privacy risk aware service selection approach for service composition, in: Edge Computing - EDGE 2018 - Second International Conference, Held As Part of the Services Conference Federation, SCF 2018, Seattle, WA, USA, June 25-30, 2018, Proceedings, in: Lecture Notes in Computer Science, 10973, Springer, 2018, pp. 111–123.

[44]

Barhamgi M., Perera C., Yu C., Benslimane D., Camacho D., Bonnet C., Privacy in data service composition, IEEE Trans. Serv. Comput. 13 (4) (2020) 639–652.

[45]

Dou W., Zhang X., Liu J., Chen J., HireSome-II: Towards privacy-aware cross-cloud service composition for big data applications, IEEE Trans. Parallel Distributed Syst. 26 (2) (2015) 455–466.

[46]

Wen Y., Liu J., Dou W., Xu X., Cao B., Chen J., Scheduling workflows with privacy protection constraints for big data applications on cloud, Future Gener. Comput. Syst. 108 (2020) 1084–1091.

[47]

Liu L., Zhu H., Huang Z., Xie D., Minimal privacy authorization in web services collaboration, Comput. Stand. Interfaces 33 (3) (2011) 332–343.

[48]

Meng Y., Huang Z., Zhou Y., Ke C., Privacy-aware cloud service selection approach based on P-spec policy models and privacy sensitivities, Future Gener. Comput. Syst. 86 (2018) 1–11.

[49]

Davari M., Bertino E., Access control model extensions to support data privacy protection based on GDPR, in: 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA, December 9-12, 2019, IEEE, 2019, pp. 4017–4024.

[50]

M. Barati, O. Rana, Tracking GDPR Compliance in Cloud-based Service Delivery, IEEE Trans. Services Comput., https://doi.org/10.1109/TSC.2020.2999559, https://ieeexplore.ieee.org/document/9106853, To be published.

[51]

Torre D., Abualhaija S., Sabetzadeh M., Briand L.C., Baetens K., Goes P., Forastier S., An AI-assisted approach for checking the completeness of privacy policies against GDPR, in: 28th IEEE International Requirements Engineering Conference, RE 2020, Zurich, Switzerland, August 31 - September 4, 2020, IEEE, 2020, pp. 136–146.

[52]

Zaman R., Cuzzocrea A., Hassani M., An innovative online process mining framework for supporting incremental GDPR compliance of business processes, in: 2019 IEEE International Conference on Big Data (Big Data), Los Angeles, CA, USA, December 9-12, 2019, IEEE, 2019, pp. 2982–2991.

[53]

Zhou A.C., Xiao Y., Gong Y., He B., Zhai J., Mao R., Privacy regulation aware process mapping in geo-distributed cloud data centers, IEEE Trans. Parallel Distributed Syst. 30 (8) (2019) 1872–1888.

Cited By

Li JZhu S(2023)Service composition considering energy consumption of users and transferring files in a multicloud environmentJournal of Cloud Computing: Advances, Systems and Applications10.1186/s13677-023-00423-912:1Online publication date: 22-Mar-2023
https://dl.acm.org/doi/10.1186/s13677-023-00423-9
Al Muhander BWiese JRana OPerera C(2023)Interactive Privacy Management: Toward Enhancing Privacy Awareness and Control in the Internet of ThingsACM Transactions on Internet of Things10.1145/36000964:3(1-34)Online publication date: 21-Sep-2023
https://dl.acm.org/doi/10.1145/3600096
Soveizi NTurkmen FKarastoyanova D(2023)Security and privacy concerns in cloud-based scientific and business workflowsFuture Generation Computer Systems10.1016/j.future.2023.05.015148:C(184-200)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.future.2023.05.015
Show More Cited By

Index Terms

Privacy regulation aware service selection for multi-provision cloud service composition

Index terms have been assigned to the content through auto-classification.

Recommendations

A Privacy Risk Aware Service Selection Approach for Service Composition
Edge Computing – EDGE 2018
Abstract
Service composition has been widely used to fulfill a complex task when a single service cannot meet its functional requirement. In dynamic service composition, selecting appropriate services from all service candidates is a critical issue. Most ...
Cloud Architecture for Dynamic Service Composition

Service composition provides value-adding services through composing basic Web services, which may be provided by various organizations. Cloud computing presents an efficient managerial, on-demand, and scalable way to integrate computational resources ...
Fuzzy rule based web service composition in cloud
DATA '18: Proceedings of the First International Conference on Data Science, E-learning and Information Systems

Cloud Computing has drawn much attention in industry due its efficient cost schema along with more prospects such as elasticity and scalability nature of Cloud Computing. One of the main service model of Cloud is Software as Service, where many Web ...

Comments

Information & Contributors

Information

Published In

cover image Future Generation Computer Systems

Future Generation Computer Systems Volume 126, Issue C

Jan 2022

340 pages

ISSN:0167-739X

Issue’s Table of Contents

Elsevier B.V.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 January 2022

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Li JZhu S(2023)Service composition considering energy consumption of users and transferring files in a multicloud environmentJournal of Cloud Computing: Advances, Systems and Applications10.1186/s13677-023-00423-912:1Online publication date: 22-Mar-2023
https://dl.acm.org/doi/10.1186/s13677-023-00423-9
Al Muhander BWiese JRana OPerera C(2023)Interactive Privacy Management: Toward Enhancing Privacy Awareness and Control in the Internet of ThingsACM Transactions on Internet of Things10.1145/36000964:3(1-34)Online publication date: 21-Sep-2023
https://dl.acm.org/doi/10.1145/3600096
Soveizi NTurkmen FKarastoyanova D(2023)Security and privacy concerns in cloud-based scientific and business workflowsFuture Generation Computer Systems10.1016/j.future.2023.05.015148:C(184-200)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.future.2023.05.015
Edward Gerald BGeetha PRamaraj E(2023)A fruitfly-based optimal resource sharing and load balancing for the better cloud servicesSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-023-07873-y27:10(6507-6520)Online publication date: 1-May-2023
https://dl.acm.org/doi/10.1007/s00500-023-07873-y
Liu LZhu HChen SHuang Z(2022)Privacy-Aware Task Assignment for IoT Audit Applications on Collaborative Edge DevicesSecurity and Communication Networks10.1155/2022/13360942022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/1336094
Thakur NSingh ASangal A(2022)Cloud services selectionComputer Science Review10.1016/j.cosrev.2022.10051446:COnline publication date: 1-Nov-2022
https://dl.acm.org/doi/10.1016/j.cosrev.2022.100514

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents