A Semantic-Based User Privacy Protection Framework for Web Services

  • Arif Tumer
  • Asuman Dogac
  • I. Hakki Toroslu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3169)


Web service technology is an Internet-based distributed computing paradigm to address interoperability in heterogeneous distributed systems. In this paper, we present a privacy framework for Web services which allows user agents to automatically negotiate with Web services on the amount of personal information to be disclosed on behalf of the user. In developing this framework the following key privacy considerations are taken into account: revealing only the minimal pertinent information about the user, not to overwhelm the users while declaring their privacy preferences and requiring only limited user interaction.

In the framework proposed, the Web services declare their input parameters as Mandatory or Optional and allow users to declare how much of their personal information can be made available to the services. The users specify their privacy preferences in different permission levels on the basis of a domain specific service ontology based on DAML-S. The major components of the system are a globally accessible context server which stores user preferences and a service registry where the services advertised and the service semantics are available.


User Agent Simple Object Access Protocol Data Request Privacy Preference Service Ontology 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
  3. 3.
    Bargh, M.S., van Eijk, Ebben, P., Salden, A.H.: Agent-based Privacy Enforcement of Mobile sevices. In: Proc. of SSGRR Conference, Italy (January 2003)Google Scholar
  4. 4.
    Carey, M., Blevins, M., Takacsi-Nagy, P.: Integration, Web Services Style. IEEE Data Engineering Bulletin 25(4) (December 2002)Google Scholar
  5. 5.
    Cranor, L., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0 (APPEL 1.0), W3C Working Draft (April 15, 2002),
  6. 6.
    Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C Recommendation (April 16, 2002),
  7. 7.
    Ankolekar, A., Burstein, M., Hobbs, J., Lassila, O., Martin, D., McIlraith, S., Narayanan, S., Paolucci, M., Payne, T., Sycara, K., Zeng, H.: DAML Services Coalition, DAML-S: Semantic Markup for Web Services. In: Proceedings of the International Semantic Web Working Symposium (SWWS) (July 2001)Google Scholar
  8. 8.
    Dogac, A., Laleci, G., Kabak, Y., Cingil, I.: Exploiting Web Service Semantics: Taxonomies vs. Ontologies. IEEE Data Engineering Bulletin 25(4) (December 2002),
  9. 9.
    Dogac, A., Cingil, I., Laleci, G.B., Kabak, Y.: Improving the Functionality of UDDI Registries through Web Service Semantics. In: Buchmann, A., Casati, F., Fiege, L., Hsu, M.-C., Shan, M.-C. (eds.) TES 2002. LNCS, vol. 2444, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Dogac, A., Kabak, Y., Laleci, G.: Enriching ebXML Registries with OWL Ontologies for Efficient Service Discovery. In: 14th Intl. Workshop on Research Issues on Data Engineering, Boston, USA (March 2004)Google Scholar
  11. 11.
    Dogac, A., Kabak, Y., Laleci, G., Sinir, S., Yildiz, A., Kirbas, S., Gurcan, Y.: Semantically Enriched Web Services for Travel Industry. ACM Sigmod Record 33(3) (September 2004)Google Scholar
  12. 12.
  13. 13.
    e-person: Personal Information Infrastructure,
  14. 14.
    Google Web Service API,
  15. 15.
    Harmonise Project, IST-2000-29329, Tourism Harmonisation Network,
  16. 16.
    Karjoth, G., Schunter, M.: A Privacy Model for Enterprises. In: 15th IEEE Computer Security Foundations Workshop, June 24-26 (2002)Google Scholar
  17. 17.
    Kim, A., Hoffman, L.J., Martin, C.D.: Building Privacy into the Semantic Web: An Ontology Needed Now. In: Proc. of Semantic Web Workshop, Hawaii, USA (2002)Google Scholar
  18. 18.
    Lee, R.: Personal Data Protection in the Semantic Web, ME Thesis, MIT, USA (2002),
  19. 19.
  20. 20.
    The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Draft (January 4, 2005),
  21. 21.
    IST-1-002104-STP Satine Project,
  22. 22.
    Open Travel Alliance (OTA),
  23. 23.
    Simple Object Access Protocol (SOAP),
  24. 24.
    Universal Description, Discovery and Integration (UDDI),
  25. 25.
    Thompson, H.S., Beech, D., Maloney, M., Mendelsohn, N.: XML Schema Part 1: Structures, W3C Recommendation (May 2, 2001),
  26. 26.
    Biron, P., Malhotra, A.: XML Schema Part 2: Datatypes, W3C Recommendation (May 2, 2001),
  27. 27.
    Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E.: Extensible Markup Language (XML) 1.0 (Second Edition), W3C Recommendation (October 6, 2002),
  28. 28.
    Bray, T., Hollander, D., Layman, A.: Namespaces in XML, W3C Recommendation (January 14, 1999),
  29. 29.
    Wroe, C., Stevens, R., Goble, C., Roberts, A., Greenwood, M.: A Suite of DAML+OIL Ontologies to Describe Bioinformatics Web Services and Data. Intl. Journal of Cooperative Information Systems (to appear)Google Scholar
  30. 30.
    Web Services Architecture Requirements (2004),
  31. 31.
    Web Service Description Language (WSDL),

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Arif Tumer
    • 2
  • Asuman Dogac
    • 1
  • I. Hakki Toroslu
    • 1
  1. 1.Software Research and Development Center & Dept. of Computer Eng.Middle East Technical University (METU)AnkaraTürkiye
  2. 2.Intro SolutionsAnkaraTürkiye

Personalised recommendations