Semantic Privacy Policies for Service Description and Discovery in Service-Oriented Architecture

Privacy can be defined as the right of an individual to have information about them accessed and used in conformity with what they consider acceptable. Privacy preservation in Service-Oriented Architecture (SOA) is an open problem. A solution for this problem must include features that support privacy preservation in each area of SOA. This thesis focuses on the areas of service description and discovery. The problems in these areas are that currently it is not possible to describe how a service provider deals with information received from a service consumer as well as discover a service that satisfies the privacy preferences of a consumer. Research has been carried out in these areas, but there is currently no framework which offers a solution that supports a rich description of privacy policies and their integration in the process of service discovery. Thus, the main goal of this thesis is to propose a privacy preservation framework for the areas of service description and discovery in SOA. The framework enhances service description and discovery with the specification and intersection of privacy policies using a base and domain-specific privacy ontologies. Moreover, the framework enhances these areas with an extension to basic SOA that includes roles responsible for implementing a privacy registry as well as mediating the interactions between service consumers and providers and the privacy preservation component. The framework is evaluated through a health care scenario as privacy preservation is an important issue in this domain

Privacy Protection Framework for Service-Oriented Architecture

Service-Oriented Architecture (SOA) is a computer systems design concept which aims to achieve reusability and integration in a distributed environment through the use of autonomous, loosely coupled, interoperable abstractions known as services. In order to interoperate, communication between services is very important due to their autonomous nature. This communication provides services with their functional strengths, but also creates the opportunity for the loss of privacy. In this thesis, a Privacy Protection Framework for Service-Oriented Architecture (PPFSOA) is proposed. In this framework, a Privacy Service (PS) is used in combination with privacy policies to create privacy contracts that outline what can and cannot be done with a consumer’s personally identifiable information (PII). The privacy policy consists of one-to-many privacy rules, with each rule created from a set of six privacy elements: collector, what, purpose, retention, recipient and trust. These elements were carefully selected from a set of Fair Information Practices (FIP) which has been used as the basis for privacy legislation around the world. The PS plays the role of negotiator, comparing privacy policies to create privacy contracts and resolving any conflicts that arise during this process. The PS acts as an intermediary between the service consumer and service provider, to establish an unbiased contract before the two parties begin sending PII. An examination of what current approaches to protecting privacy in an SOA environment is also presented. Finally, a proof of concept is shown which demonstrates the behaviour of a functioning PS in multiple scenario

Protecting Personal Private Information in Collaborative Environments

The ability to collaborate has always been vitally important to businesses and enterprises. With the availability of current networking and computing power, the creation of Collaborative Working Environments (CWEs) has allowed for this process to occur anytime over any geographical distance. Sharing information between individuals through collaborative environments creates new challenges in privacy protection for organizations and the members of organizations. This thesis confronts the problems when attempting to protect the personal private information of collaborating individuals. In this thesis, a privacy-by-policy approach is taken to addressing the issue of protecting private information within collaborative environments. A privacy-by-policy approach to privacy protection provides collaborating individuals with notice and choice surrounding their private information, in order to provide an individual with a level of control over how their information is to be used. To this end, a collaborative privacy architecture for providing privacy within a collaborative environment is presented. This architecture uses ontologies to express the static concept and relation definitions required for privacy and collaboration. The collaborative privacy architecture also contains a Collaborative Privacy Manager (CPM) service which handles changes in dynamic collaborative environments. The goals of this thesis are to provide privacy mechanisms for the non-client centric situation of collaborative working environments. This thesis also strives to provide privacy through technically enforceable and customizable privacy policies. To this end, individual collaborators are provided with access, modification rights, and transparency through the use of ontologies built into the architecture. Finally, individual collaborators are provided these privacy protections in a way that is easy to use and understand and use. A collaborative scenario as a test case is described to present how this architecture would benefit individuals and organizations when they are engaged in collaborative work. In this case study a university and hospital are engaged in collaborative research which involves the use of private information belonging to collaborators and patients from the hospital. This case study also highlights how different organizations can be under different sets of legislative guidelines and how these guidelines can be incorporated into the privacy architecture. Through this collaboration scenario an implementation of the collaborative privacy architecture is provided, along with results from semantic and privacy rule executions, and measurements of how actions carried out by the architecture perform under various conditions