One of the major goals of Web services is to make easier their composition to form more complex services, modeled as workflows. A key role in the Web services composition is the selection of a proper service for each activity in the workflow. In general, this requires the exchange of sensitive information of users, requiring the composition, as well as of involved service providers. So far this problem has been investigated in the setting of orchestrated service composition, under the assumption of the presence of a broker coordinating the composition. However, a promising alternative approach is the one of choreography, where each service involved in the service composition has to locally manage service selection and invocation. In this paper, we propose a framework to enforce user and provider requirements in the scenario of service choreography in a privacy-preserving way, that is, without the releasing of any private information of users and providers. To achieve this result we make use of different privacy-preserving protocols. As it will be shown in the paper, the proposed solution does not implies relevant overhead.
A Privacy-Preserving Framework for Constrained Choreographed Service Composition
CARMINATI, BARBARA;FERRARI, ELENA;
2015-01-01
Abstract
One of the major goals of Web services is to make easier their composition to form more complex services, modeled as workflows. A key role in the Web services composition is the selection of a proper service for each activity in the workflow. In general, this requires the exchange of sensitive information of users, requiring the composition, as well as of involved service providers. So far this problem has been investigated in the setting of orchestrated service composition, under the assumption of the presence of a broker coordinating the composition. However, a promising alternative approach is the one of choreography, where each service involved in the service composition has to locally manage service selection and invocation. In this paper, we propose a framework to enforce user and provider requirements in the scenario of service choreography in a privacy-preserving way, that is, without the releasing of any private information of users and providers. To achieve this result we make use of different privacy-preserving protocols. As it will be shown in the paper, the proposed solution does not implies relevant overhead.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
