Journal Home Online First Current Issue Archive For Authors Journal Information 中文版

Frontiers of Information Technology & Electronic Engineering >> 2018, Volume 19, Issue 5 doi: 10.1631/FITEE.1700359

Preserving privacy information flowsecurity in composite service evolution

. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 211106, China.. College of Computer Engineering, Nanjing Institute of Technology, Nanjing 211167, China.. College of Technology, Nanjing Audit University, Nanjing 210029, China.. Software Engineering Research Unit, University of Oulu, Oulu 90029, Finland.

Available online: 2018-07-20

Next Previous

Abstract

After a composite service is deployed, user privacy requirements and trust levels of component services are subject to variation. When the changes occur, it is critical to preserve privacy information flow security. We propose an approach to preserve privacy information flow security in composite service evolution. First, a privacy data item dependency analysis method based on a Petri net model is presented. Then the set of privacy data items collected by each component service is derived through a privacy data item dependency graph, and the security scope of each component service is calculated. Finally, the evolution operations that preserve privacy information flow security are defined. By applying these evolution operations, the re-verification process is avoided and the evolution efficiency is improved. To illustrate the effectiveness of our approach, a case study is presented. The experimental results indicate that our approach has high evolution efficiency and can greatly reduce the cost of evolution compared with re-verifying the entire composite service.

Related Research