期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Web服务组合中的隐私需求规约与验证 被引量:5

Specification and verification of privacy requirements in Web service compositions
下载PDF
导出
摘要 确保用户的个人隐私数据不被非法收集和披露,是实现安全Web服务组合的一个关键问题,有必要在设计阶段验证服务组合是否满足隐私策略约束。首先使用隐私策略规约服务的隐私权限,然后利用带隐私语义的接口自动机对服务的接口行为进行建模。在此基础上,形式化地检验了服务组合行为是否满足隐私授权约束。基于上述验证过程所组合的Web服务,能有效地减轻对用户隐私数据的危害,增强了组合Web服务的安全性和可靠性。 To prevent the private data of users from being illegally collected and disclosed is a critical thing in realizing the secure Web services composition. Hence, it is very necessary in the designing stage to veri- fy whether the service compositions satisfy the constraints of privacy authorizations. Firstly, the privacy policies were used to specify the privacy privileges. Next, the interface behaviors of services were modelled by extending the interface automata to support privacy semantics. Furthermore, it was formally verified whether the behaviors of services composition satisfy the privacy policy constraints. The overall Web serv- ices based on the above processes can efficiently reduce the privacy risks to the users" personal data and thus strengthen the security and reliability of the overall Web services.
作者 刘林源 李清 祝义 周航 肖芳雄 黄志球
机构地区 南京航空航天大学信息科学与技术学院 解放军理工大学指挥自动化学院 南京审计学院信息科学学院
出处 《解放军理工大学学报(自然科学版)》 EI 北大核心 2012年第1期27-33,共7页 Journal of PLA University of Science and Technology(Natural Science Edition)
基金 国家863计划资助项目(2009AA010307)
关键词 WEB服务 隐私保护 接口自动机 Web services privacy protection interface automata
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献10

  • 1ZHANG Jia, CHANG C K, ZHANG Liang-jie, et al. Toward a service-oriented development through a ease study[J]. IEEE Transaction on Systems, Man, Cybernetics, Part A, 2007,37(6): 955-969.
  • 2XIAO Fang-xiong, HUANG Zhi-qiu, CAO Zi-ning, et al. Modeling cost-aware Web services composition u- sing PTCCS[C]//Proceeding of the International conference on Web service (ICWS 2009), Los Angeles: IEEE Press, 2009.
  • 3ZHU Hai-bin. Challenges to reusable services[C]// Proceeding of the IEEE International Conference on Services Computing ( SCC 2005 ), Orlando: IEEE Press, 2005.
  • 4GUARDA P, ZANNONE N. Towards the development of privacy-aware systems [J]. Information and Software Technology, 2009,51(2) :337-350.
  • 5SPIEKERMANN S, CRANOR L F. Engineering privacy[J]. IEEE Transaction on Software Engineering, 2009,35 (1) : 67-82.
  • 6KARJOTH G,SCHUNTER M, HERREWEGHEN E V. Translating privacy practices into privacy promises how to promise what you can keep[C]//Proceeding of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, Lake Como:IEEE Press, 2003.
  • 7GUERMOUCHE N,BENBERNOU S,COQUERY E, et al. Privacy-aware Web service protocol replaceability[C]//Proceeding of the International conference on Web services (ICWS 2007), Salt Lake City: IEEE Press, 2007.
  • 8LIU Lin-yuan, HUANG Zhi-qin, XIE Dong-qing. Minimal privacy authorization in Web services collaboration [J]. Computer Standards & Interfaces, 2011, 38(4): 4540-4549.
  • 9HAMADI R,PAIK H Y,BENATALLAH B. Concep- tual modeling of privacy-aware Web service protocols [C]//Proceeding of the 19th International conference on Advanced Information System Engineering (CAiSE 2007), Trondheim: Springer Press, 2007.
  • 10ALFARO L, HENZINGER T A. Interface automata [C]//Proceeding of the Joint 8^th European Software Engineering Conference and 9th ACM SIGSOFT International symposium on the Foundations of Software Engineering (ESEC/FSE 2001), Austria:ACM Press 2001.

同被引文献41

  • 1代钰,杨雷,张斌,高岩.支持组合服务选取的QoS模型及优化求解[J].计算机学报,2006,29(7):1167-1178. 被引量:91
  • 2杜小勇,李曼,王珊.本体学习研究综述[J].软件学报,2006,17(9):1837-1847. 被引量:242
  • 3王飞,邹仕洪,陈山枝,王文东.基于模糊数学的Web服务QoS建模[J].计算机应用研究,2007,24(4):214-216. 被引量:9
  • 4Cranor L, Langheinrich M, Marchiori M, et al. The platform for privacy preferences 1.0 (P3P1.0) speeification[S/OL]. W3C Candidate Recommendation, HTML Version. (2000-12) [2012-11]. http://www.w3.org/TR/P3P/.
  • 5Sandhu R S, Coyne E J. Role-based access control models[J]. IEEE Computer, 1996, 29(2): 38-47.
  • 6Zhang Chunjie. Research on privacy ontology inference based on rules[D]. Kunming: Yunnan University, 2011.
  • 7Huang Feng. A description logic-based approach for access control policy conflict detection[D]. Nanjing: Nanjing Uni- versity of Aeronautics and Astronautics, 2010.
  • 8Liu Linyuan, Li Qing, Zhu Yi, et al. Specification and veri- fication of privacy requirements in Web service composi- tions[J]. Journal of PLA University of Science and Technol- ogy: Natural Science Edition, 2012, 13(1): 27-33.
  • 9Horrocks I, Patel-Sclmeider P F, Boley H, et al. SWRL: a semantic Web rule language combining OWL and RuleML [S/OL]. W3C Note. (2004-05-12)[2012-11]. http://www.w3. org/Submission/SWRL.
  • 10Knublauch H, Fergerson R W, Noy N F, et al. The Protege OWL plugin: an open development environment for seman- tic Web applications[C]//LNCS 3298: Proceedings of the 3rd Intemational Semantic Web Conference (ISWC 2004), Hiroshima, Japan, 2004. Berlin, Heidelberg: Springer-Verlag, 2004: 229-243.

引证文献5

二级引证文献15

解放军理工大学学报(自然科学版)
2012年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部