论文信息 - Towards Automated Processing of the Right of Access in Inter-organizational Web Service Compositions

Towards Automated Processing of the Right of Access in Inter-organizational Web Service Compositions

Enforcing the right of access to personal data usually is a long-running process between a data subject and an organization that processes personal data. As of today, this task is commonly realized using a manual process based on postal communication or personal attendance and ends up conflicting with trade secret protection. In this paper, we present an automated architecture to enable exercising the right of access in the domain of inter-organizational business processes based on Web Services technology. Deriving its requirements from the legal, economical, and technical obligations, we show the architecture's overall approach solving the conflict between trade secret and exercising the right of access.

Hermann de Meer | Henrich C. Pöhls | Ralph Herkenhöner | Meiko Jensen

[1] Bernd Freisleben,et al. The Web Service Browser: Automatic Client Generation and Efficient Data Transfer for Web Services , 2009, 2009 IEEE International Conference on Web Services.

[2] Gene Tsudik,et al. Sanitizable Signatures , 2005, ESORICS.

[3] Francis G. McCabe,et al. Reference Model for Service Oriented Architecture 1.0 , 2006 .

[4] Henrich Christopher Pöhls,et al. Verifiable and Revocable Expression of Consent to Processing of Aggregated Personal Data , 2008, ICICS.

[5] Frank Leymann,et al. Web Services Platform Architecture: SOAP, WSDL, WS-Policy, WS-Addressing, WS-BPEL, WS-Reliable Messaging, and More , 2005 .

[6] Philip Robinson,et al. Security architecture for virtual organizations of business web services , 2009, J. Syst. Archit..

[7] Zhikui Chen. A Scenario for Identity Management in Daidalos , 2007, Fifth Annual Conference on Communication Networks and Services Research (CNSR '07).

[8] Martin Rost,et al. Exploring the Feasibility of a Spatial User Interface Paradigm for Privacy-Enhancing Technoloqy , 2006 .

[9] Hideki Imai,et al. Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10] Yaron Goland,et al. Web Services Business Process Execution Language , 2009, Encyclopedia of Database Systems.