• Save
Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems
Upcoming SlideShare
Loading in...5
×
 

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

on

  • 520 views

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

Statistics

Views

Total Views
520
Views on SlideShare
520
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • How is this information spread across the system? How is it used eventually? What can we guarantee?
  • Very basic depiction of content inspection tool. This abstraction is referred as inspection engine further.
  • To make the framework generally applicable to any SOA, we propose to use content inspection on exchanged messages. If any private information is detected in the message then it is of our interest in which context this disclosure occurs.
  • Private information example Corresponding primitives How to aggregate them in a disclosure A fragment of the message which “contains” the disclosure.
  • Actually, a policy is checked against all promises of supercontexts.

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems Presentation Transcript

  • Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems Roman Khazankin Vienna University of Technology
  • Problem statement SOA Private data
    • How is the private information propagated throughout the system?
    • - For which purposes is it used?
  • Related work
    • Private information is guarded in a single source
    • Privacy issues are considered only within particular process
    • Approach requires interference with business logic of services
    • No general case, practical solutions
  • Content Inspection
    • Well-developed algorithms and tools for detecting pre-loaded information in network transmissions .
    • Successfully applied in DLP (Data Loss Prevention) solutions
  • Content Inspection
  • Message exchange monitoring Sender Receiver
    • Context
    • Time
    • Application
    • Process
    • Credentials
    Content Inspection
  • Private data disclosures Private information: Name: John Johnson Address : 1040 Example st. 2/3 Loan: 250 000 $ Date: 01.01.2010 …… <entry when=“1/1/10”> <n>Johnson J.</n> <sum>250,000</sum> </entry> …… ( Name(“ John Johnson ”) OR Address(“ 1040 Example st. 2/3 ”) ) AND Amount( 250000 ) AND Date( 01.01.2010 ) Disclosure specification: Possible detectable form Primitives: (used by content inspection) Name(“ John Johnson ”) Address(“ 1040 Example st. 2/3 ”) Amount( 250000 ) Date( 01.01.2010 )
  • Contexts
    • A context can be a subcontext of another context.
    • If a disclosure occurs in context C1 which is subcontext of context C2, then it also occurs in C2
    Example. Context = {Process A, Receiver = Endpoint1} is subcontext of Context = {Process A}
  • Privacy policies and promises
    • A privacy promise may be assigned to a context
    • A privacy policy may be assigned to a disclosure
    • Policies and promises are comparable (we can check if a promise satisfies a policy)
    • So if a disclosure occurs in a context, we can check the promise against the policy
  • Example Process 1 S1 S2 S3 Process 2 Context = {Process 1} Promise = { Only for system administration } Context = {Process 2} Promise = { System administration, Marketing } D1 Disclosure D1 Policy = {System administration, research and development} D1 D1
  • Logging disclosure occurrences
    • Disclosure occurrences log enables for more functionality:
    • Which disclosures occur in specified context?
    • In which contexts disclosure of specified type occurs?
    • What promise is enough for specified context to keep compliant with current private data usage practices?
    • How is the private data of specified type actually used?
    • What if we want to set another policy for private data or context, what violations will it produce for the current environment?
  • Architecture
  • Conclusion
    • A framework which allows to control the private data propagation in SOA
    • Loose coupling with the system (can be deployed, e.g. at ESB level)
    • Different specifications can be used for policies and contexts
    • Thank you for attention.
    • Authors
    • Roman Khazankin, TU Vienna
    • Schahram Dustdar, TU Vienna