Estimating the Privacy Protection Capability of a Web Service Provider

The growth of the Internet has been accompanied by the growth of Web services (e.g., e-commerce, e-health, etc.), leading to important provisions put in place to protect the privacy of Web service users. However, it is also important to be able to estimate the privacy protection capability of a Web service provider. Such estimates would benefit both users and providers. Users would benefit from being able to choose (assuming that such estimates were made public) the service that has the greatest ability to protect their privacy (this would in turn encourage Web service providers to pay more attention to privacy). Web service providers would benefit by being able to adjust their provisions for protecting privacy until certain target capability levels of privacy protection are reached. This article presents an approach for estimating the privacy protection capability of a Web service provider and illustrates the approach with an example.

[1]  Mick Bauer Practical Threat Analysis and Risk Management , 2002 .

[2]  Mark O'Neill,et al.  Web Services Security , 2003 .

[3]  Bruce Schneier,et al.  Toward a secure system engineering methodolgy , 1998, NSPW '98.

[4]  Xiannong Meng,et al.  MARS: Multiplicative Adaptive Refinement Web Search , 2005 .

[5]  George Yee,et al.  Bilateral e-services negotiation under uncertainty , 2003, 2003 Symposium on Applications and the Internet, 2003. Proceedings..

[6]  Martin S. Olivier,et al.  PrivGuard : a model to protect private information based on its usage , 2002, South Afr. Comput. J..

[7]  Daniel M. Brandon,et al.  Software Engineering for Modern Web Applications: Methodologies and Technologies , 2008 .

[8]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[9]  Liang-Jie Zhang,et al.  Web Services Research for Emerging Applications: Discoveries and Trends , 2010 .

[10]  Dean Kuo,et al.  A Framework and Protocols for Service Contract Agreements Based on International Contract Law , 2009, Int. J. Web Serv. Res..

[11]  W.J. Rippon Threat assessment of IP based voice systems , 2006, 1st IEEE Workshop on VoIP Management and Security, 2006..

[12]  George Yee,et al.  Semiautomatic Derivation and Use of Personal Privacy Policies in E-Business , 2005, Int. J. E Bus. Res..

[13]  Vijay S. Iyengar,et al.  Transforming data to satisfy privacy constraints , 2002, KDD.

[14]  Anthony Scime,et al.  Web Mining: Applications and Techniques , 2004 .

[15]  George Yee Measuring Privacy Protection in Web Services , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[16]  Ronggong Song,et al.  Pseudonym Technology for E-Services , 2006 .

[17]  Michael Decker A Location-Aware Access Control Model for Mobile Workflow Systems , 2009, Int. J. Inf. Technol. Web Eng..

[18]  Hussein Zedan,et al.  Multi-Agent Based Dynamic E-Learning Environment , 2009, Int. J. Inf. Technol. Web Eng..

[19]  Pankaj Kamthan A Framework for the Active Credibility Engineering of Web Applications , 2008, Int. J. Inf. Technol. Web Eng..

[20]  George Yee,et al.  Privacy policy compliance for Web services , 2004 .

[21]  Larry Korba,et al.  Applying digital rights management systems to privacy rights management , 2002, Comput. Secur..

[22]  Paul A. Karger Privacy and security threat analysis of the federal employee personal identity verification (PIV) program , 2006, SOUPS '06.

[23]  Ina Fourie Managing Web‐enabled Technologies in Organizations: A Global Perspective , 2001 .

[24]  Alfred Kobsa,et al.  Privacy through pseudonymity in user-adaptive systems , 2003, TOIT.

[25]  Ghalem Belalem,et al.  An Approach Based on Market Economy for Consistency Management in Data Grids with OptorSim Simulator , 2008, Int. J. Inf. Technol. Web Eng..

[26]  Y. Li,et al.  Result Refinement in Web Services Retrieval Based on Multiple Instances Learning , 2008, Int. J. Web Serv. Res..

[27]  Liang Jie-Zhang Innovations, Standards, and Practices of Web Services: Emerging Research Topics , 2011 .

[28]  C. Adams,et al.  Privacy Enforcement in E-Services Environments , 2006 .

[29]  David Sundaram,et al.  A Framework for a Scenario Driven Decision Support Systems Generator , 2008, Int. J. Inf. Technol. Web Eng..

[30]  Mehdi Khosrowpour,et al.  Web-enabled technologies assessment and management: critical issues , 2000 .