Zoltan Nemeth

Privacy enhancing service architectures

Following from privacy requirements, new architecture solutions for personalized services are expected to emerge. This paper proposes a conceptual framework for designing privacy enabling service architectures, with a special emphasis on the mobile domain. The treatment of the subject is based on the principle of separating identity and profile information. Basic building blocks such as Identity Broker, Profile Broker, Contract Broker and Authenticator are identified and then put together in different ways resulting in variations on the architecture theme.

Making legacy services highly available with OpenAIS: an experience report

We report our experiences on application development with the open source OpenAIS framework, which is an implementation of the standard Application Interface Specification (AIS) issued by the Service Availability Forum. Our focus is put on integrating existing (legacy) applications or services into the AIS framework (where the source code of these services is not available) in order to make such services highly available. This is achieved by using Proxy components, which are responsible for managing the High Availability (HA) lifecycle of legacy services (called proxied components). We estimate the availability of legacy services as provided by using redundant proxy and proxied components in the OpenAIS framework on a benchmark service architecture. Furthermore, as the AIS standard does not contain any recommendation on business-related communication, in the paper, we propose to use communication mediation to forward requests to service provider components and responses back to the service consumers.

Privacy enhancing profile disclosure

To offer personalized services on the web and on mobile devices, service providers want to have as much information about their users as possible. In the ideal case, the user controls how much of this information is revealed during a transaction. This is a tradeoff between privacy and personalization: if the disclosed profile is too complex, it may become a pseudonym for the user, making it possible to recognize the user at a later time and link different revealed profile parts into one comprehensive profile of the individual. This paper introduces a model for profiles and analyzes it with the methods of probability theory: how much information is revealed and what is the users probability of staying anonymous. The paper examines how likely it is that a provider can link different disclosed profiles and recommends algorithms to avoid a possible privacy compromise.