Privacy in Data Service Composition

Mahmoud Barhamgi*, Charith Perera, Chia-Mu Yu, Djamal Benslimane, David Camacho, Christine Bonnet

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

5 Scopus citations

Abstract

In modern information systems different information features, about the same individual, are often collected and managed by autonomous data collection services that may have different privacy policies. Answering many end-users' legitimate queries requires the integration of data from multiple such services. However, data integration is often hindered by the lack of a trusted entity, often called a mediator, with which the services can share their data and delegate the enforcement of their privacy policies. In this article, we propose a flexible privacy-preserving data integration approach for answering data integration queries without the need for a trusted mediator. In our approach, services are allowed to enforce their privacy policies locally. The mediator is considered to be untrusted, and only has access to encrypted information to allow it to link data subjects across the different services. Services, by virtue of a new privacy requirement, dubbed kk-Protection, limiting privacy leaks, cannot infer information about the data held by each other. End-users, in turn, have access to privacy-sanitized data only. We evaluated our approach using an example and a real dataset from the healthcare application domain. The results are promising from both the privacy preservation and the performance perspectives.

Original languageEnglish
Article number8946749
Pages (from-to)639-652
Number of pages14
JournalIEEE Transactions on Services Computing
Volume13
Issue number4
DOIs
StatePublished - Jul 2020

Keywords

  • Web privacy
  • privacy-preserving web data integration
  • service composition
  • web services

Fingerprint

Dive into the research topics of 'Privacy in Data Service Composition'. Together they form a unique fingerprint.

Cite this