Advertisement

Run-Time Monitoring for Privacy-Agreement Compliance

  • S. Benbernou
  • H. Meziane
  • M. S. Hacid
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4749)

Abstract

This paper addresses the problem of monitoring the compliance of privacy agreement that spells out a consumer’s privacy rights and how consumer private information must be handled by the service provider. A state machine based model is proposed to describe the Private Data Use Flow (PDUF) toward monitoring which can be used by privacy analyst to observe the flow and capture privacy vulnerabilities that may lead to non-compliance. The model is built on top of (i) properties and timed-related privacy requirements to be monitored that are specified using LTL (Linear Temporal logic) (ii) a set of identified privacy misuses.

Keywords

State Machine IEEE Computer Society Private Data Linear Temporal Logic Temporal Unit 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Barbon, F., Traverso, P., Pistore, M., Trainotti, M.: Run-time monitoring of instances and classes of web service compositions. In: ICWS 2006. Proceedings of the IEEE International Conference on Web Services, pp. 63–71. IEEE Computer Society Press, Chicago (2006)Google Scholar
  2. 2.
    Baresi, L., Ghezzi, C., Guinea, S.: Smart monitors for composed services. In: ICSOC 2004. Proceedings of the 2nd international conference on Service oriented computing (2004)Google Scholar
  3. 3.
    Baresi, L., Guinea, S.: Towards dynamic monitoring of ws-bpel processes. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 269–282. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Benbernou, S., Meziane, H., Li, Y.H., Hacid, M.: A privacy agreement model for web services. In: SCC 2007. IEEE International Conference on Service Computing, IEEE Computer Society Press, Salt Lake City, USA (2007)Google Scholar
  5. 5.
    Guermouche, N., Benbernou, S., Coquery, C.E, Hacid, M.: Privacy-aware web service protocol replaceability. In: ICWS 2007. IEEE International Conference on Web Services, IEEE Computer Society Press, Salt Lake City, USA (2007)Google Scholar
  6. 6.
    Yee, G., Korba, L.: Privacy policy compliance for web services. In: ICWS 2004. Proc. of the IEEE International Conference on Web Services, IEEE Computer Society Press, San Diego, USA (2004)Google Scholar
  7. 7.
    Kazhamiakin, R., Pandya, P., Pistore, M.: Representation, verification, and computation of timed properties in web. In: ICWS 2006. Proceedings of the IEEE International Conference on Web Services, IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  8. 8.
    Lazovik, A., Aiello, M., Papazoglou, M.: Associating assertions with business processes and monitoring their execution. In: ICSOC 2004. Proceedings of the 2nd international conference on Service oriented computing (2004)Google Scholar
  9. 9.
    Mahbub, K., Spanoudakis, G.: Run-time monitoring of requirements for systems composed of web-services: Initial implementation and evaluation experience. In: ICWS. 2005 IEEE International Conference on Web Services, IEEE Computer Society Press, Orlando, Florida, USA (2005)Google Scholar
  10. 10.
    Manna, Z., Pnueli, A.: The Temporal Logic of Reactive and Concurrent Systems:Specification. Springer, Heidelberg (1992)Google Scholar
  11. 11.
    Mont, M.C., Pearson, S., Thyne, R.: A systematic approach to privacy enforcement and policy compliance checking in enterprises. In: Fischer-Hübner, S., Furnell, S., Lambrinoudakis, C. (eds.) TrustBus 2006. LNCS, vol. 4083, pp. 91–102. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Spanoudakis, G., Mahbub, K.: Non intrusive monitoring of service based systems. International Journal of Cooperative Information Systems (2006)Google Scholar
  13. 13.
    Yee, G.: Visualization for privacy compliance. In: VizSEC 2006. Proceedings of the 3rd international workshop on Visualization for computer security, Fairfax, USA (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • S. Benbernou
    • 1
  • H. Meziane
    • 1
  • M. S. Hacid
    • 1
  1. 1.LIRIS, University Claude Bernard Lyon1France

Personalised recommendations