Full Text:   <411>

Summary:  <178>

CLC number: TP309

On-line Access: 2018-07-02

Received: 2017-06-06

Revision Accepted: 2017-12-03

Crosschecked: 2018-05-10

Cited: 0

Clicked: 1394

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Zhi-qiu Huang

http://orcid.org/0000-0001-6843-1892

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2018 Vol.19 No.5 P.626-638

http://doi.org/10.1631/FITEE.1700359


Preserving privacy information flow security in composite service evolution


Author(s):  Huan-feng Peng, Zhi-qiu Huang, Lin-yuan Liu, Yong Li, Da-juan Fan, Yu-qing Wang

Affiliation(s):  College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China; more

Corresponding email(s):   penghf@njit.edu.cn, zqhuang@nuaa.edu.cn

Key Words:  Composite service, Privacy information flow security, Service evolution, Petri net


Huan-feng Peng, Zhi-qiu Huang, Lin-yuan Liu, Yong Li, Da-juan Fan, Yu-qing Wang. Preserving privacy information flow security in composite service evolution[J]. Frontiers of Information Technology & Electronic Engineering, 2018, 19(5): 626-638.

@article{title="Preserving privacy information flow security in composite service evolution",
author="Huan-feng Peng, Zhi-qiu Huang, Lin-yuan Liu, Yong Li, Da-juan Fan, Yu-qing Wang",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="19",
number="5",
pages="626-638",
year="2018",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1700359"
}

%0 Journal Article
%T Preserving privacy information flow security in composite service evolution
%A Huan-feng Peng
%A Zhi-qiu Huang
%A Lin-yuan Liu
%A Yong Li
%A Da-juan Fan
%A Yu-qing Wang
%J Frontiers of Information Technology & Electronic Engineering
%V 19
%N 5
%P 626-638
%@ 2095-9184
%D 2018
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1700359

TY - JOUR
T1 - Preserving privacy information flow security in composite service evolution
A1 - Huan-feng Peng
A1 - Zhi-qiu Huang
A1 - Lin-yuan Liu
A1 - Yong Li
A1 - Da-juan Fan
A1 - Yu-qing Wang
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 19
IS - 5
SP - 626
EP - 638
%@ 2095-9184
Y1 - 2018
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1700359


Abstract: 
After a composite service is deployed, user privacy requirements and trust levels of component services are supject to variation. When the changes occur, it is critical to preserve privacy information flow security. We propose an approach to preserve privacy information flow security in composite service evolution. First, a privacy data item dependency analysis method based on a petri net model is presented. Then the set of privacy data items collected by each component service is derived through a privacy data item dependency graph, and the security scope of each component service is calculated. Finally, the evolution operations that preserve privacy information flow security are defined. By applying these evolution operations, the re-verification process is avoided and the evolution efficiency is improved. To illustrate the effectiveness of our approach, a case study is presented. The experimental results indicate that our approach has high evolution efficiency and can greatly reduce the cost of evolution compared with re-verifying the entire composite service.

保持隐私信息流安全性的服务组合演化方法

摘要:隐私信息流安全的服务组合部署后,用户隐私需求与成员服务的信誉度等级均可能发生变化,保持隐私信息流安全性是非常重要的演化需求。提出一种保持隐私信息流安全性的服务组合演化方法。分析基于Petri网的隐私数据项依赖关系,计算各成员服务的隐私数据使用集及安全范围,最后提出保持隐私信息流安全性的演化操作集。通过操作实施演化,避免演化后隐私信息流安全性的完整验证过程,提高演化效率。通过实例分析说明该方法的有效性,并对其性能进行实验分析。结果表明,与完整安全性验证过程相比,该方法有较高演化效率,能大大降低演化代价。

关键词:服务组合;隐私信息流安全;服务演化;Petri网

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Accorsi R, Lehmann A, Lohmann N, 2015. Information leak detection in business process models: theory, application, and tool support. Inform Syst, 47:244-257.

[2]Alam KA, Ahmad R, Akhunzada A, et al., 2015. Impact analysis and change propagation in service-oriented enterprises: a systematic review. Inform Syst, 54:43-73.

[3]Andrikopoulos V, Benbernou S, Papazoglou MP, 2012. On the evolution of services. IEEE Trans Softw Eng, 38(3):609-628.

[4]Bacon J, Eyers D, Pasquier TFJM, et al., 2014. Information flow control for secure cloud computing. IEEE Trans Netw Serv Manag, 11(1):76-89.

[5]Bell DE, LaPadula LJ, 1973. Secure computer systems: mathematical foundations. Technical Report, No. 2547. MITRE Corporation, Massachusetts, USA.

[6]Bishop M, 2002. Computer Security: Art and Science. Addison Wesley, New Jersey, USA.

[7]Denning DE, 1976. A lattice model of secure information flow. Commun ACM, 19(5):236-243.

[8]Fokaefs M, Mikhaiel R, Tsantalis N, et al., 2011. An empirical study on web service evolution. 9th IEEE Int Conf on Web Services, p.49-56.

[9]Knorr K, 2001. Multilevel security and information flow in Petri net workflows. 9th Int Conf on Telecommunication Systems, p.613-615.

[10]Liu C, Duan H, Zeng Q, et al., 2016. Towards comprehensive support for privacy preservation cross-organization business process mining. IEEE Trans Serv Comput, in press.

[11]Liu G, Reisig W, Jiang C, et al., 2016. A branching-process-based method to check soundness of workflow systems. IEEE Access, 4:4104-4118.

[12]Liu L, Zhu H, Huang Z, 2011. Analysis of the minimal privacy disclosure for web services collaborations with role mechanisms. Expert Syst Appl, 38(4):4540-4549.

[13]Lohmann N, Massuthe P, Stahl C, et al., 2006. Analyzing interacting BPEL processes. 4th Int Conf on Business Process Management, p.17-32.

[14]Peng HF, Huang ZQ, Liu LY, et al., 2017. Static analysis method of secure privacy information flow for service composition. J Softw, in press.

[15]Qi SS, Li BX, Liu CC, et al., 2012. A trust impact analysis model for composite service evolution. 19th IEEE Asia-Pacific Software Engineering Conf, p.73-78.

[16]She W, Yen IL, Thuraisingham B, et al., 2011. Rule-based run-time information flow control in service cloud. 9th IEEE Int Conf on Web Services, p.524-531.

[17]Song W, Ma XX, Cheung SC, et al., 2010. Preserving data flow correctness in process adaptation. 7th IEEE Int Conf on Services Computing, p.9-16.

[18]Tan W, Fan YS, Zhou MC, 2009. A Petri net-based method for compatibility analysis and composition of web services in business process execution language. IEEE Trans Autom Sci, 6(1):94-106.

[19]van der Aalst WMP, 1997. Verification of workflow nets. 18th Int Conf on Application and Theory of Petri Nets, p.407-426.

[20]Wang SY, Capretz MAM, 2009. A dependency impact analysis model for web services evolution. 7th IEEE Int Conf on Web Services, p.359-365.

[21]Wang SY, Capretz MAM, 2011. Dependency and entropy based impact analysis for service-oriented system evolution. 10th IEEE/WIC/ACM Int Conf on Web Intelligence and Intelligent Agent Technology, p.412-417.

[22]Wang Y, Wang Y, 2013. A survey of change management in service-based environments. Serv Orient Comput Appl, 7(4):259-273.

[23]Wang Y, Yang J, Zhao WL, et al., 2012. Change impact analysis in service-based business processes. Serv Orient Comput Appl, 6(2):131-149.

[24]Xi N, Sun C, Ma JF, et al., 2015. Secure service composition with information flow control in service clouds. Fut Gener Comput Syst, 49:142-148.

[25]Yu WY, Yan CG, Ding ZJ, et al., 2014. Modeling and validating e-commerce business process based on Petri nets. IEEE Trans Syst Man Cybern Syst, 44(3):327-341.

[26]Yu WY, Yan CG, Ding ZJ, et al., 2016. Modeling and verification of online shopping business processes by considering malicious behavior patterns. IEEE Trans Autom Sci Eng, 13(2):647-662.

[27]Zeng J, Sun HL, Liu XD, et al., 2010. PRV: an approach to process model refactoring in evolving process-aware information systems. 7th IEEE Int Conf on Services Computing, p.441-448.

[28]Zeng W, Koutny M, Watson P, et al., 2016. Formal verification of secure information flow in cloud computing. J Inform Secur Appl, 27:103-116.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - Journal of Zhejiang University-SCIENCE