关键词: 服务组合, 隐私保护, 信息流控制, Petri网

Abstract: To ensure that the service composition meets user's functional requirements under the premise of protecting user's privacy information is a key issue of service composition privacy protection. Existing Web service access control models can't effectively control the spread of information and the indirect pollution of the data in the system, which leads to the indirect leakage of privacy information. Information flow analysis is a method to ensure the end-to-end security of information transmission. Therefore, this paper proposes an information flow control model to protect the privacy data of service composition. Firstly, this paper uses privacy policies to specify the privacy privilege, uses privacy data item dependency graph to describe the relationship between privacy data items, and puts forward the information flow control model of service composition to formally specify the service's privacy strategy. Nextly, this paper models the behaviors of Web service composition by extending the Petri net to support privacy semantics. Furthermore, this paper presents a service composition privacy requirement verification algorithm to verify the privacy data leakage, so as to verify whether the behaviors of service composition meet service's privacy strategy. Finally, a case study illustrates the availability of the approach on a concrete workflow in BPEL notation.

Key words: service composition, privacy protection, information flow control, Petri net