Privacy in Web Service Transactions: A Tale of More than a Decade of Work

The web service computing paradigm has introduced great benefits to the growth of e-markets, both under the customer to business and the business to business models. The value capabilities allowed by the conception of web services, such as interoperability, efficiency, just-in-time integration, etc., have made them the most common way of doing business online. With the maturation of the web services underlying functional properties and facilitating standards, and with the proliferation of the amounts of data they use and they generate, researchers and practitioners have been dedicating considerable efforts to the related emerging privacy concerns. The literature contains number of research works on these privacy concerns, each addressing them from a different focal point. We have explored the available literature on web services privacy during transactions, to present, in this paper, a thorough survey of the most relevant published proposals. We identified 20 works that address privacy related problems in web services consumption. We categorize them based on the approach they take and we compare them based on a proposed evaluation framework, derived from the adopted techniques and addressed requirements.

[1]  Salima Benbernou,et al.  A view-based monitoring for usage control in web services , 2014, Distributed and Parallel Databases.

[2]  Andrew C. Simpson,et al.  Privacy‐preserving targeted mobile advertising: requirements, design and a prototype implementation , 2016, Softw. Pract. Exp..

[3]  Elliott Mendelson,et al.  Introduction to Mathematical Logic , 1979 .

[4]  Quan Z. Sheng,et al.  ' s personal copy Web services composition : A decade ’ s overview , 2014 .

[5]  Ting He,et al.  Privacy-Aware Web Services Selection and Composition , 2014, 2014 International Conference on Service Sciences.

[6]  Anand Gupta,et al.  PRINDA: Architecture and Design of Non-Disclosure Agreements in Privacy Policy Framework , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[7]  N. Gaud,et al.  Architecture for Discovery of Context-Aware Web Services Based on Privacy Preferences , 2012, 2012 Fourth International Conference on Computational Intelligence and Communication Networks.

[8]  Jian Pei,et al.  A brief survey on anonymization techniques for privacy preserving publishing of social network data , 2008, SKDD.

[9]  Shin Nakajima,et al.  The SPIN Model Checker : Primer and Reference Manual , 2004 .

[10]  Paul Allen,et al.  Service Orientation: Winning Strategies and Best Practices , 2006 .

[11]  Sai Ji,et al.  Classification Algorithms for Privacy Preserving in Data Mining: A Survey , 2016, CSA/CUTE.

[12]  Stephen S. Yau,et al.  A Situation-aware Access Control based Privacy-Preserving Service Matchmaking Approach for Service-Oriented Architecture , 2007, IEEE International Conference on Web Services (ICWS 2007).

[13]  Kanagasabai Rajaraman,et al.  Semantic Web service discovery: state-of-the-art and research challenges , 2012, Personal and Ubiquitous Computing.

[14]  Brahim Medjahed,et al.  K-Anonymity Based Approach for Privacy-Preserving Web Service Selection , 2015, 2015 IEEE International Conference on Web Services.

[15]  Barbara Carminati,et al.  A Privacy-Preserving Approach for Web Service Selection and Provisioning , 2011, 2011 IEEE International Conference on Web Services.

[16]  Timothy W. Finin,et al.  Authorization and privacy for semantic Web services , 2004, IEEE Intelligent Systems.

[17]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[18]  Nicola Zannone,et al.  Privacy-Aware Web Service Composition and Ranking , 2013, 2013 IEEE 20th International Conference on Web Services.

[19]  John Mylopoulos,et al.  Security Requirements Engineering: The SI* Modeling Language and the Secure Tropos Methodology , 2010, Advances in Intelligent Information Systems.

[20]  Zhiqiu Huang,et al.  Verification of Behavior-aware Privacy Requirements in Web Services Composition , 2014, J. Softw..

[21]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[22]  Valentin Goranko,et al.  Logic in Computer Science: Modelling and Reasoning About Systems , 2007, J. Log. Lang. Inf..

[23]  Michael Mrissa,et al.  Privacy-Enhanced Web Service Composition , 2014, IEEE Transactions on Services Computing.

[24]  Debajyoti Mukhopadhyay,et al.  A Survey on Web Service Discovery Approaches , 2012, ArXiv.

[25]  Barbara Carminati,et al.  Secure Web Service Composition with Untrusted Broker , 2014, 2014 IEEE International Conference on Web Services.

[26]  Jie Gao,et al.  A survey of security and privacy in big data , 2016, 2016 16th International Symposium on Communications and Information Technologies (ISCIT).

[27]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[28]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[29]  I. V. Ramakrishnan,et al.  A Framework for Building Privacy-Conscious Composite Web Services , 2006, 2006 IEEE International Conference on Web Services (ICWS'06).

[30]  Salima Benbernou,et al.  A survey on service quality description , 2013, CSUR.

[31]  Nora Cuppens-Boulahia,et al.  PrivComp: a privacy-aware data service composition system , 2013, EDBT '13.

[32]  Mihhail Matskin,et al.  Social Trust-Aware Recommendation System: A T-Index Approach , 2009, 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology.

[33]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[34]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[35]  Christian Wagner,et al.  Enhance Data Privacy in Service Compositions through a Privacy Proxy , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[36]  Timothy W. Finin,et al.  A Policy Based Approach to Security for the Semantic Web , 2003, SEMWEB.

[37]  Mohamed Abid,et al.  Enhancing web services compositions with privacy capabilities , 2015, iiWAS.

[38]  Mihhail Matskin,et al.  Trust and Privacy Enabled Service Composition Using Social Experience , 2010, I3E.

[39]  Michael Mrissa,et al.  Respecting Privacy in Web Service Composition , 2013, 2013 IEEE 20th International Conference on Web Services.

[40]  Jinjun Chen,et al.  HireSome-II: Towards Privacy-Aware Cross-Cloud Service Composition for Big Data Applications , 2015, IEEE Transactions on Parallel and Distributed Systems.

[41]  Slim Trabelsi,et al.  Secure Web Service Discovery: Overcoming Challenges of Ubiquitous Computing , 2006, 2006 European Conference on Web Services (ECOWS'06).

[42]  Barbara Carminati,et al.  Exploring privacy issues in Web services discovery/agencies , 2005, IEEE Security & Privacy Magazine.

[43]  Georgia M. Kapitsaki,et al.  Reflecting User Privacy Preferences in Context-Aware Web Services , 2013, 2013 IEEE 20th International Conference on Web Services.

[44]  Barbara Carminati,et al.  A Privacy-Preserving Framework for Constrained Choreographed Service Composition , 2015, 2015 IEEE International Conference on Web Services.

[45]  Slim Trabelsi,et al.  Secure Service Publishing with Untrusted Registries - Securing Service Discovery , 2007, SECRYPT.

[46]  S. Landau Control use of data to protect privacy , 2015, Science.

[47]  Athman Bouguettaya,et al.  Preserving privacy in web services , 2002, WIDM '02.

[48]  Salima Benbernou,et al.  Modeling and Negotiating Service Quality , 2010, S-CUBE Book.

[49]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[50]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..