CLC number: TP309
On-line Access: 2024-08-27
Received: 2023-10-17
Revision Accepted: 2024-05-08
Crosschecked: 2018-05-10
Cited: 0
Clicked: 6175
Huan-feng Peng, Zhi-qiu Huang, Lin-yuan Liu, Yong Li, Da-juan Fan, Yu-qing Wang. Preserving privacy information flow security in composite service evolution[J]. Frontiers of Information Technology & Electronic Engineering, 2018, 19(5): 626-638.
@article{title="Preserving privacy information flow security in composite service evolution",
author="Huan-feng Peng, Zhi-qiu Huang, Lin-yuan Liu, Yong Li, Da-juan Fan, Yu-qing Wang",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="19",
number="5",
pages="626-638",
year="2018",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1700359"
}
%0 Journal Article
%T Preserving privacy information flow security in composite service evolution
%A Huan-feng Peng
%A Zhi-qiu Huang
%A Lin-yuan Liu
%A Yong Li
%A Da-juan Fan
%A Yu-qing Wang
%J Frontiers of Information Technology & Electronic Engineering
%V 19
%N 5
%P 626-638
%@ 2095-9184
%D 2018
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1700359
TY - JOUR
T1 - Preserving privacy information flow security in composite service evolution
A1 - Huan-feng Peng
A1 - Zhi-qiu Huang
A1 - Lin-yuan Liu
A1 - Yong Li
A1 - Da-juan Fan
A1 - Yu-qing Wang
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 19
IS - 5
SP - 626
EP - 638
%@ 2095-9184
Y1 - 2018
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1700359
Abstract: After a composite service is deployed, user privacy requirements and trust levels of component services are supject to variation. When the changes occur, it is critical to preserve privacy information flow security. We propose an approach to preserve privacy information flow security in composite service evolution. First, a privacy data item dependency analysis method based on a petri net model is presented. Then the set of privacy data items collected by each component service is derived through a privacy data item dependency graph, and the security scope of each component service is calculated. Finally, the evolution operations that preserve privacy information flow security are defined. By applying these evolution operations, the re-verification process is avoided and the evolution efficiency is improved. To illustrate the effectiveness of our approach, a case study is presented. The experimental results indicate that our approach has high evolution efficiency and can greatly reduce the cost of evolution compared with re-verifying the entire composite service.
[1]Accorsi R, Lehmann A, Lohmann N, 2015. Information leak detection in business process models: theory, application, and tool support. Inform Syst, 47:244-257.
[2]Alam KA, Ahmad R, Akhunzada A, et al., 2015. Impact analysis and change propagation in service-oriented enterprises: a systematic review. Inform Syst, 54:43-73.
[3]Andrikopoulos V, Benbernou S, Papazoglou MP, 2012. On the evolution of services. IEEE Trans Softw Eng, 38(3):609-628.
[4]Bacon J, Eyers D, Pasquier TFJM, et al., 2014. Information flow control for secure cloud computing. IEEE Trans Netw Serv Manag, 11(1):76-89.
[5]Bell DE, LaPadula LJ, 1973. Secure computer systems: mathematical foundations. Technical Report, No. 2547. MITRE Corporation, Massachusetts, USA.
[6]Bishop M, 2002. Computer Security: Art and Science. Addison Wesley, New Jersey, USA.
[7]Denning DE, 1976. A lattice model of secure information flow. Commun ACM, 19(5):236-243.
[8]Fokaefs M, Mikhaiel R, Tsantalis N, et al., 2011. An empirical study on web service evolution. 9th IEEE Int Conf on Web Services, p.49-56.
[9]Knorr K, 2001. Multilevel security and information flow in Petri net workflows. 9th Int Conf on Telecommunication Systems, p.613-615.
[10]Liu C, Duan H, Zeng Q, et al., 2016. Towards comprehensive support for privacy preservation cross-organization business process mining. IEEE Trans Serv Comput, in press.
[11]Liu G, Reisig W, Jiang C, et al., 2016. A branching-process-based method to check soundness of workflow systems. IEEE Access, 4:4104-4118.
[12]Liu L, Zhu H, Huang Z, 2011. Analysis of the minimal privacy disclosure for web services collaborations with role mechanisms. Expert Syst Appl, 38(4):4540-4549.
[13]Lohmann N, Massuthe P, Stahl C, et al., 2006. Analyzing interacting BPEL processes. 4th Int Conf on Business Process Management, p.17-32.
[14]Peng HF, Huang ZQ, Liu LY, et al., 2017. Static analysis method of secure privacy information flow for service composition. J Softw, in press.
[15]Qi SS, Li BX, Liu CC, et al., 2012. A trust impact analysis model for composite service evolution. 19th IEEE Asia-Pacific Software Engineering Conf, p.73-78.
[16]She W, Yen IL, Thuraisingham B, et al., 2011. Rule-based run-time information flow control in service cloud. 9th IEEE Int Conf on Web Services, p.524-531.
[17]Song W, Ma XX, Cheung SC, et al., 2010. Preserving data flow correctness in process adaptation. 7th IEEE Int Conf on Services Computing, p.9-16.
[18]Tan W, Fan YS, Zhou MC, 2009. A Petri net-based method for compatibility analysis and composition of web services in business process execution language. IEEE Trans Autom Sci, 6(1):94-106.
[19]van der Aalst WMP, 1997. Verification of workflow nets. 18th Int Conf on Application and Theory of Petri Nets, p.407-426.
[20]Wang SY, Capretz MAM, 2009. A dependency impact analysis model for web services evolution. 7th IEEE Int Conf on Web Services, p.359-365.
[21]Wang SY, Capretz MAM, 2011. Dependency and entropy based impact analysis for service-oriented system evolution. 10th IEEE/WIC/ACM Int Conf on Web Intelligence and Intelligent Agent Technology, p.412-417.
[22]Wang Y, Wang Y, 2013. A survey of change management in service-based environments. Serv Orient Comput Appl, 7(4):259-273.
[23]Wang Y, Yang J, Zhao WL, et al., 2012. Change impact analysis in service-based business processes. Serv Orient Comput Appl, 6(2):131-149.
[24]Xi N, Sun C, Ma JF, et al., 2015. Secure service composition with information flow control in service clouds. Fut Gener Comput Syst, 49:142-148.
[25]Yu WY, Yan CG, Ding ZJ, et al., 2014. Modeling and validating e-commerce business process based on Petri nets. IEEE Trans Syst Man Cybern Syst, 44(3):327-341.
[26]Yu WY, Yan CG, Ding ZJ, et al., 2016. Modeling and verification of online shopping business processes by considering malicious behavior patterns. IEEE Trans Autom Sci Eng, 13(2):647-662.
[27]Zeng J, Sun HL, Liu XD, et al., 2010. PRV: an approach to process model refactoring in evolving process-aware information systems. 7th IEEE Int Conf on Services Computing, p.441-448.
[28]Zeng W, Koutny M, Watson P, et al., 2016. Formal verification of secure information flow in cloud computing. J Inform Secur Appl, 27:103-116.
Open peer comments: Debate/Discuss/Question/Opinion
<1>