Secure and Privacy-Preserving Execution Model for Data Services

Data services have almost become a standard way for data publishing and sharing on top of the Web. In this paper, we present a secure and privacy-preserving execution model for data services. Our model controls the information returned during service execution based on the identity of the data consumer and the purpose of the invocation. We implemented and evaluated the proposed model in the healthcare application domain. The obtained results are promising.

[1]  Asuman Dogac Interoperability in eHealth Systems , 2012 .

[2]  Athman Bouguettaya,et al.  RATEWeb: Reputation Assessment for Trust Establishment among Web services , 2009, The VLDB Journal.

[3]  Schahram Dustdar,et al.  Quality-aware service-oriented data integration: requirements, state of the art and open challenges , 2012, SGMD.

[4]  Salima Benbernou,et al.  A view-based Monitoring for Privacy-aware Web services , 2010, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[5]  Naveen N. Kulkarni,et al.  Information as a Service in a Data Analytics Scenario - A Case Study , 2008, 2008 IEEE International Conference on Web Services.

[6]  Michael J. Carey,et al.  Data services , 2012, Commun. ACM.

[7]  Asuman Dogac Interoperability in eHealth Systems (Invited Tutorial) , 2012, Proc. VLDB Endow..

[8]  Divyakant Agrawal,et al.  Secure and Privacy-Preserving Data Services in the Cloud: A Data Centric View , 2012, Proc. VLDB Endow..

[9]  Nora Cuppens-Boulahia,et al.  Contextual Privacy Management in Extended Role Based Access Control Model , 2009, DPM/SETOP.

[10]  Hye-Young Paik,et al.  Conceptual Modeling of Privacy-Aware Web Service Protocols , 2007, CAiSE.

[11]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[12]  David J. DeWitt,et al.  Limiting Disclosure in Hippocratic Databases , 2004, VLDB.

[13]  Schahram Dustdar,et al.  DEMODS: A Description Model for Data-as-a-Service , 2012, 2012 IEEE 26th International Conference on Advanced Information Networking and Applications.

[14]  Thomas C. Rindfleisch,et al.  Privacy, information technology, and health care , 1997, CACM.

[15]  Michael J. Carey Declarative Data Services: This Is Your Data on SOA , 2007, IEEE International Conference on Service-Oriented Computing and Applications (SOCA '07).

[16]  Venkata Subba Reddy,et al.  Data Management Challenges In Cloud Computing Infrastructures , 2014 .

[17]  R. C. Jain,et al.  A Privacy Preserving Repository For Data Integration Across Data Sharing Services , 2013 .

[18]  S. M. Shah,et al.  Information technology and health care. , 1998, JPMA. The Journal of the Pakistan Medical Association.

[19]  Hhs Office for Civil Rights Standards for privacy of individually identifiable health information. Final rule. , 2002, Federal register.

[20]  Joaquin Garcia-Alfaro,et al.  Data Privacy Management and Autonomous Spontaneous Security, 4th International Workshop, DPM 2009 and Second International Workshop, SETOP 2009, St. Malo, France, September 24-25, 2009, Revised Selected Papers , 2010, DPM/SETOP.

[21]  Günther Pernul,et al.  A Semantic Security Architecture for Web Services The Access-eGov Solution , 2010, 2010 International Conference on Availability, Reliability and Security.

[22]  Michael J. Carey,et al.  Data Service Modeling in the AquaLogic Data Services Platform , 2008, 2008 IEEE Congress on Services - Part I.

[23]  Ernesto Damiani,et al.  Web Service Security , 2011, Encyclopedia of Cryptography and Security.