Abstract
The last decade has witnessed an incremental growth in the number of web service providers as well as web service users who carry out financial transactions online. While this enhanced usage of web to provide financial services has boosted e-business productivity, it has raised significant concerns regarding client’s sensitive personal information privacy. In this paper, we have proposed a framework that addresses client’s privacy concerns in the context of web services environment. Our approach involves service producers storing their privacy policies in the form of an ontology class and service users storing their privacy preferences in the form of a rule specified in semantic web rule language. Our framework provides automated reasoning techniques for matching the service provider’s privacy policies for compliance with the client’s privacy preferences. In the event of a policy match, our framework supports automatic generation of the list of service providers who agree to provide service. We demonstrate our approach with the implementation of an example web services scenario.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ardagna, C. A., Cremonini, M., De Capitani Di Vimercati, S., & Samarati, P. (2008). A privacy-aware access control system. Journal of Computer Security, 16, 369–397.
Casassa Mont, M., Thyne, R., Chan, K., & Bramhall, P. (2005). http://www.hpl.hp.com/techreports/2005/HPL-005-110.pdf.
Oberholzer, H., & Olivier, M. S. (2005). Privacy contracts as an extension of privacy policies. In International Conference on Data Engineering Workshops (ICDEW’05), 0:1192, 2005.
Byun, J. W., Bertino, E., & Li, N. (2004). Purpose based access control for privacy protection in relational database systems. Technical Report 2004-52, Purdue University, 2004.
The World Wide Web Consortium (W3C): OWL Web Ontology Language Overview, February 2004, W3C Recommendation.
Tonti, G., Bradshaw, J., Jeffers, R., Montanari, R., Suri, N., & Uszok, A. (2003). Semantic web languages for policy representation and reasoning: A comparison of kaos, rei, and ponder. In The SemanticWeb—ISWC 2003, LNCS (Vol. 2870, pp. 419–437). Springer Berlin/Heidelberg.
Mitra, P., Pan, C. C., Liu, P., & Atluri, V. (2006). Privacy-preserving semantic interoperation and access control of heterogeneous databases. In ASIACCS ‘06: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security (pp. 66–77). ACM.
Pan, C. C., Mitra, P., & Liu, P. (2006). Semantic access control for information interoperation. In SACMAT ‘06: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (pp. 237–246). ACM, New York, NY, USA.
Sun, Y., Pan, P., Leung, H. F., & Shi, B. (2007). Ontology based hybrid access control for automatic interoperation. In B. Xiao, L. Yang, J. Ma, C. Muller-Schloer, & Y. Hua, Autonomic and Trusted Computing, LNCS (Vol. 4610, pp. 323–332). Springer Berlin/Heidelberg.
Garcia, D., Toledo, M. B. F., Capretz, M., & Allison, D. (2009). Towards a base ontology for privacy protection in service-oriented architecture. In 2009 IEEE International Conference on Service-Oriented Computing and Applications (SOCA) (pp. 1–8).
Ge, Qiang, et al. (2014). The application of SWRL based ontology inference for privacy protection. Journal of Software, 9(5), 1217–1222.
Kayes, A. S. M., Han, J., & Colman, A. (2014, January). PO-SAAC: A purpose-oriented situation-aware access control framework for software services. In Advanced Information Systems Engineering (pp. 58–74). Springer International Publishing.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this paper
Cite this paper
Bhatia, R., Singh, M. (2016). An Implementation Model for Privacy Aware Access Control in Web Services Environment. In: Satapathy, S., Joshi, A., Modi, N., Pathak, N. (eds) Proceedings of International Conference on ICT for Sustainable Development. Advances in Intelligent Systems and Computing, vol 408. Springer, Singapore. https://doi.org/10.1007/978-981-10-0129-1_50
Download citation
DOI: https://doi.org/10.1007/978-981-10-0129-1_50
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-0127-7
Online ISBN: 978-981-10-0129-1
eBook Packages: EngineeringEngineering (R0)