Enhancing web services compositions with privacy capabilities

Web service composition has been extensively studied in recent years. Although a lot of new models and mechanisms have been proposed, many issues in service composition still remain unsolved. Among them, privacy is one of the major concerns. Indeed, inheriting characteristics of Web services environments such as high dynamism and untrustworthiness often generate conflicting privacy specifications with respect to the data exchanged within a composition. Even existing technologies for managing and applying data privacy policies are unsuccessful when dealing with this kind of applications as they involve autonomous entities and continuously exchange huge amount of heterogeneous information. This made urgent to have in place effective technologies for data privacy management in service compositions. These technologies should (1) deal with the flexibility, scalability, and heterogeneity in the overall infrastructure in which data are exchanged; and (2) integrate privacy concerns into the development process of these compositions. In this context, this paper tackles the problem of modeling, managing and preserving privacy in Web service composition processes. More specifically, we propose a first step towards providing a privacy preserving Web service composition approach that enables to (i) model and specify privacy policies, preferences, and requirements both at the client and at the provider sides, (ii) enforce the privacy model and build privacy aware compositions, (iii) verify the compliance between users privacy requirements and providers privacy policies, (iv) rank the composite Web services with respect to the privacy level they offer, and (v) provide privacy aware recovery actions to deal with incompatibilities.