Abstract
Web service technology is an Internet-based distributed computing paradigm to address interoperability in heterogeneous distributed systems. In this paper, we present a privacy framework for Web services which allows user agents to automatically negotiate with Web services on the amount of personal information to be disclosed on behalf of the user. In developing this framework the following key privacy considerations are taken into account: revealing only the minimal pertinent information about the user, not to overwhelm the users while declaring their privacy preferences and requiring only limited user interaction.
In the framework proposed, the Web services declare their input parameters as Mandatory or Optional and allow users to declare how much of their personal information can be made available to the services. The users specify their privacy preferences in different permission levels on the basis of a domain specific service ontology based on DAML-S. The major components of the system are a globally accessible context server which stores user preferences and a service registry where the services advertised and the service semantics are available.
This work is supported by the European Commission through IST-1-002104-STP Satine project and in part by the Scientific and Technical Research Council of Turkey, Project No: EEEAG 102E035.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Amazon.com Web services, http://www.amazon.com/gp/browse.html/002-8640824-9000064?node=3435361
AOL Screen Name, http://my.screenname.aol.com
Bargh, M.S., van Eijk, Ebben, P., Salden, A.H.: Agent-based Privacy Enforcement of Mobile sevices. In: Proc. of SSGRR Conference, Italy (January 2003)
Carey, M., Blevins, M., Takacsi-Nagy, P.: Integration, Web Services Style. IEEE Data Engineering Bulletin 25(4) (December 2002)
Cranor, L., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0 (APPEL 1.0), W3C Working Draft (April 15, 2002), http://www.w3.org/TR/P3P-preferences
Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C Recommendation (April 16, 2002), http://www.w3.org/TR/P3P
Ankolekar, A., Burstein, M., Hobbs, J., Lassila, O., Martin, D., McIlraith, S., Narayanan, S., Paolucci, M., Payne, T., Sycara, K., Zeng, H.: DAML Services Coalition, DAML-S: Semantic Markup for Web Services. In: Proceedings of the International Semantic Web Working Symposium (SWWS) (July 2001)
Dogac, A., Laleci, G., Kabak, Y., Cingil, I.: Exploiting Web Service Semantics: Taxonomies vs. Ontologies. IEEE Data Engineering Bulletin 25(4) (December 2002), http://www.research.microsoft.com/research/db/debull/issues-list.htm
Dogac, A., Cingil, I., Laleci, G.B., Kabak, Y.: Improving the Functionality of UDDI Registries through Web Service Semantics. In: Buchmann, A., Casati, F., Fiege, L., Hsu, M.-C., Shan, M.-C. (eds.) TES 2002. LNCS, vol. 2444, Springer, Heidelberg (2002)
Dogac, A., Kabak, Y., Laleci, G.: Enriching ebXML Registries with OWL Ontologies for Efficient Service Discovery. In: 14th Intl. Workshop on Research Issues on Data Engineering, Boston, USA (March 2004)
Dogac, A., Kabak, Y., Laleci, G., Sinir, S., Yildiz, A., Kirbas, S., Gurcan, Y.: Semantically Enriched Web Services for Travel Industry. ACM Sigmod Record 33(3) (September 2004)
ebXML, http://www.ebxml.org/
e-person: Personal Information Infrastructure, http://www.hpl.hp.com/semweb/-e-person.htm
Google Web Service API, http://www.google.com/apis/
Harmonise Project, IST-2000-29329, Tourism Harmonisation Network, http://www.harmonise.org/
Karjoth, G., Schunter, M.: A Privacy Model for Enterprises. In: 15th IEEE Computer Security Foundations Workshop, June 24-26 (2002)
Kim, A., Hoffman, L.J., Martin, C.D.: Building Privacy into the Semantic Web: An Ontology Needed Now. In: Proc. of Semantic Web Workshop, Hawaii, USA (2002)
Lee, R.: Personal Data Protection in the Semantic Web, ME Thesis, MIT, USA (2002), http://www.w3.org/2002/01/pedal/thesis.html
Microsoft Passport, http://www.microsoft.com/myservices/passport
The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Draft (January 4, 2005), http://www.w3.org/TR/2005/WD-P3P11-20050104/
IST-1-002104-STP Satine Project, http://www.srdc.metu.edu.tr/webpage/projects/satine
Open Travel Alliance (OTA), http://www.opentravel.org/
Simple Object Access Protocol (SOAP), http://www.w3.org/TR/SOAP/
Universal Description, Discovery and Integration (UDDI), http://www.uddi.org
Thompson, H.S., Beech, D., Maloney, M., Mendelsohn, N.: XML Schema Part 1: Structures, W3C Recommendation (May 2, 2001), http://www.w3.org/TR/xmlschema-1
Biron, P., Malhotra, A.: XML Schema Part 2: Datatypes, W3C Recommendation (May 2, 2001), http://www.w3.org/TR/xmlschema-2
Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E.: Extensible Markup Language (XML) 1.0 (Second Edition), W3C Recommendation (October 6, 2002), http://www.w3.org/TR/REC-xml
Bray, T., Hollander, D., Layman, A.: Namespaces in XML, W3C Recommendation (January 14, 1999), http://www.w3.org/TR/REC-xml-names
Wroe, C., Stevens, R., Goble, C., Roberts, A., Greenwood, M.: A Suite of DAML+OIL Ontologies to Describe Bioinformatics Web Services and Data. Intl. Journal of Cooperative Information Systems (to appear)
Web Services Architecture Requirements (2004), http://www.w3.org/TR//NOTE-wsa-reqs-20040211/
Web Service Description Language (WSDL), http://www.w3.org/TR/wsdl
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tumer, A., Dogac, A., Toroslu, I.H. (2005). A Semantic-Based User Privacy Protection Framework for Web Services. In: Mobasher, B., Anand, S.S. (eds) Intelligent Techniques for Web Personalization. ITWP 2003. Lecture Notes in Computer Science(), vol 3169. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11577935_16
Download citation
DOI: https://doi.org/10.1007/11577935_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29846-5
Online ISBN: 978-3-540-31655-8
eBook Packages: Computer ScienceComputer Science (R0)