Salah Eddine Tbahriti

Privacy-Enhanced Web Service Composition

Data as a Service (DaaS) builds on service-oriented technologies to enable fast access to data resources on the Web. However, this paradigm raises several new privacy concerns that traditional privacy models do not handle. In addition, DaaS composition may reveal privacy-sensitive information. In this paper, we propose a formal privacy model in order to extend DaaS descriptions with privacy capabilities. The privacy model allows a service to define a privacy policy and a set of privacy requirements. We also propose a privacy-preserving DaaS composition approach allowing to verify the compatibility between privacy requirements and policies in DaaS composition. We propose a negotiation mechanism that makes it possible to dynamically reconcile the privacy capabilities of services when incompatibilities arise in a composition. We validate the applicability of our proposal through a prototype implementation and a set of experiments.

Exchanging Data Agreements in the DaaS Model

Rich types of data offered by data as a service(DaaS) in the cloud are typically associated with different and complex data concerns that DaaS service providers, data providers and data consumers must carefully examine and agree with before passing and utilizing data. Unlike service agreements, data agreements, reflecting conditions established on the basis of data concerns, between relevant stakeholders have got little attention. However, as data concerns are complex and contextual, given the trend of mixing data sources by automated techniques, such as data mash up, data agreements must be associated with data discovery, retrieval and utilization. Unfortunately, exchanging data agreements so far has not been automated and incorporated into service and data discovery and composition. In this paper, we analyze possible steps and propose interactions among data consumers, DaaS service providers and data providers in exchanging data agreements. Based on that, we present a novel service for composing, managing, analyzing data agreements for DaaS in cloud environments and data marketplaces.

Privacy Model and Annotation for DaaS

Data as a Service (DaaS) builds on service-oriented technologies to enable fast access to data resources on the Web. However, this paradigm raises several new concerns that traditional privacy models for Web services do not handle. First, the distinction between the roles of service providers and data providers is unclear, leaving the latter helpless for specifying and verifying the enforcement of their data privacy requirements. Second, traditional models for privacy policies focus only on the service interface without taking into account privacy policies related to data resources. Third, unstructured data resources, as well as user permissions and obligations related to data that are utilized in DaaS are not taken into account. In this paper, we study data privacy as one of these concerns, which relates to the management of private information. The main contribution of this paper consists in: 1)~devising a model for making explicit privacy constraints of DaaS, and 2)~on the basis of the proposed privacy model, developing techniques that allow handling the privacy concern when querying DaaS. We validate the applicability of our proposal with some experiments.

Privacy-aware DaaS services composition

Data as a Service (DaaS) builds on service-oriented technologies to enable fast access to data resources on the Web. However, this paradigm raises several new privacy concerns that traditional privacy models do not handle since they only focus on the service interface without taking into account privacy constraints related to the data exchanged with a DaaS during its invocation. In addition, DaaSs compositions may reveal also privacy-sensitive information. In this paper we propose a privacy formal model in order to extend DaaS descriptions with privacy capabilities. The privacy model allows a service to define a privacy policy and a set of privacy requirements. We propose also a privacy-preserving DaaS composition approach allowing to verify the compatibility between privacy requirements and policies in DaaS composition. We validate the applicability of our proposal with some experiments.

How to Enhance Privacy Within DaaS Service Composition

The composition of data-as-a-service (DaaS) services is a powerful solution for building value-added applications on top of existing ones. However, privacy concerns are still among the key challenges that keep hampering DaaS composition. Indeed, services may follow different, conflicting privacy specifications with respect to the data they use and provide. In this paper, we propose an approach for the privacy-aware composition of DaaS services. Our approach allows us to specify privacy requirements and policies and verify the compatibility of services involved in a composition. We propose an adaptation protocol that makes it possible to reconcile the privacy specifications of services when incompatibilities arise in a composition. We validate the applicability of our proposal through a set of experiments.