Skip to main content
SpringerLink
Log in

A Novel Trust-Based Privacy Preserving Access Control Framework in Web Services Paradigm

  • Conference paper
  • First Online:
Intelligent Computing, Communication and Devices

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 308))

Abstract

Web users are increasingly becoming conscious about the personally identifiable information (PII) being collected and used by Web service providers. Users of these services are usually asked by the service providers to reveal their PII in order to access the services provided by them. While collecting this PII, the service providers must ensure their customers that the PII provided by them must be handled according to the privacy policies and laws. Currently, the enforcement of privacy policies and laws is done manually. This process is error prone and can leak information to the third parties which the information provider has never imagined. The automation of privacy policy enforcement is a must for Web service providers to deal with the privacy handling issue. This paper is an effort towards how to automate the privacy policy enforcement along with traditional authorization policies followed in legacy access control systems. As trust plays an important role in human life and we constantly update and upgrade our trust relationships with other people based on our outlooks in response to the changing situations, the dynamic nature of heterogeneous Web services collaboration is handled through a trust-based access control mechanism.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Barker, K., Askari, M., Banerjee, M., Ghazinour, K., Mackas, B., Majedi, M., Pun, S., Williams, A.: BNCOD, pp. 42–54 (2009)

    Google Scholar 

  2. Lampson, B.W.: Dynamic protection structures. In: Proceedings of American Federation of Information Processing Societies conference, Las Vegas, pp. 27–38. Nevada, USA (1969)

    Google Scholar 

  3. D.T.C.S.E.C. (TCSEC), DoD 5200.28-STD Foundations, MITRE Technical Report 2547 (1973)

    Google Scholar 

  4. Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations. The MITRE Corp, vol. 1–111, Bedford, Mass (1973)

    Google Scholar 

  5. Louwerse, K.: The electronic patient record; the management of access—case study: Leiden University Hospital. Int. J. Med. Inf. 49(1), 39–44 (1998)

    Article  Google Scholar 

  6. World Wide Web consortium (W3C), platform for privacy preferences (P3P). Available at: www.w3.org/P3P

  7. APPEL, A P3P preference exchange language 1.0 (APPEL1.0) (Working Draft), World Wide Web consortium (W3C), April 2002. Available at: http://www.w3.org/TR/P3P-preferences/

  8. IBM, the enterprise privacy authorization language (EPAL),EPAL 1.1 specification, 2004. Available at: http://www.zurich.ibm.com/security/enterprise-privacy/epal/

  9. Casassa Mont, M., Thyne, R., Chan, K., Bramhall, P.: Available at: http://www.hpl.hp.com/techreports/2005/HPL-005-110.pdf (2005)

  10. Byun, J. W., Bertino, E., Li, N.: Purpose based access control of complex data forprivacy In: Proceedings of SACMAT’05, pp. 102–110. ACM Press, New York (2005)

    Google Scholar 

  11. Byun, J.W., Bertino, E., Li, N.: Purpose based access control for privacy protection in relational database systems. Technical Report 2004-52, Purdue University (2004)

    Google Scholar 

  12. Byun, J.W., Bertino, E.: Micro-views, or on how to protect privacy while enhancing data usability: concepts and challenges. SIGMOD Rec. 35(1), 9–13 (2006)

    Article  Google Scholar 

  13. Li, M., Wang, H., Ross, D.: Trust-based access control for privacy protection in collaborative environment. In: The 2009 IEEE International Conference on e-Business Engineering, pp. 425—430. Macau, China (2009)

    Google Scholar 

  14. Li, M., Wang, H.: Protecting information sharing in distributed collaborative environment. In: 10th Asia-Pacific Web Conference Workshop, pp. 192–200. Shenyang, China (2008)

    Google Scholar 

  15. Bhatia, R., Singh, M.: Trust based privacy preserving access control in web services paradigm. In: the Second IEEE International Conference on Advanced Computing, Networking and Security, ADCONS, pp. 243—246 (2013)

    Google Scholar 

  16. Wang, Y., Vassileva, J.: Trust and reputation model in collaborative networks. In: Proceedings of 3rd IEEE International Conference Collaborative Computing, pp. 150–157 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Punjabi University Regional Centre, Mohali, India

    Rekha Bhatia

  2. Punjabi University, Patiala, India

    Manpreet Singh

Authors
  1. Rekha Bhatia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manpreet Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rekha Bhatia .

Editor information

Editors and Affiliations

  1. University of Canberra, Faculty of Education, Science, Technology and Mathematics, Canberra, Australia, and University of South Australia, Adelaide, South Australia, Australia

    Lakhmi C. Jain

  2. Department of Computer Science and Engin, SOA University, Bhubaneswar, Odisha, India

    Srikanta Patnaik

  3. Department of Premier and Cabinet, Office of the Chief Information Officer, Adelaide, South Australia, Australia

    Nikhil Ichalkaranje

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer India

About this paper

Cite this paper

Bhatia, R., Singh, M. (2015). A Novel Trust-Based Privacy Preserving Access Control Framework in Web Services Paradigm. In: Jain, L., Patnaik, S., Ichalkaranje, N. (eds) Intelligent Computing, Communication and Devices. Advances in Intelligent Systems and Computing, vol 308. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2012-1_46

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-2012-1_46

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-2011-4

  • Online ISBN: 978-81-322-2012-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation