Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Providence:  A Framework for Private Data Propagation Control in Service-Oriented Systems Roman Khazankin Vienna Universit...
Problem statement SOA Private data <ul><li>How is the private information propagated throughout the system? </li></ul><ul>...
Related work <ul><li>Private information is guarded in a single source </li></ul><ul><li>Privacy issues are considered onl...
Content Inspection <ul><li>Well-developed algorithms and tools for detecting pre-loaded information in   network  transmis...
Content Inspection
Message exchange monitoring Sender Receiver <ul><li>Context </li></ul><ul><li>Time </li></ul><ul><li>Application </li></ul...
Private data disclosures Private information: Name:  John Johnson Address :  1040 Example st. 2/3 Loan:  250 000  $ Date: ...
Contexts <ul><li>A context can be a  subcontext  of another context. </li></ul><ul><li>If a disclosure occurs in context C...
Privacy policies and promises <ul><li>A privacy  promise  may be assigned to a  context </li></ul><ul><li>A privacy  polic...
Example Process 1 S1 S2 S3 Process 2 Context = {Process 1} Promise = { Only for system administration } Context = {Process...
Logging disclosure occurrences <ul><li>Disclosure occurrences log enables for more functionality: </li></ul><ul><li>Which ...
Architecture
Conclusion <ul><li>A framework which allows to control the private data propagation in SOA </li></ul><ul><li>Loose couplin...
<ul><li>Thank you for attention.   </li></ul><ul><li>Authors </li></ul><ul><li>Roman Khazankin, TU Vienna </li></ul><ul><l...
Upcoming SlideShare
Loading in …5
×

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

765 views

Published on

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Roman Khazankin (Vienna University of Technology): Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems

  1. 1. Providence: A Framework for Private Data Propagation Control in Service-Oriented Systems Roman Khazankin Vienna University of Technology
  2. 2. Problem statement SOA Private data <ul><li>How is the private information propagated throughout the system? </li></ul><ul><li>- For which purposes is it used? </li></ul>
  3. 3. Related work <ul><li>Private information is guarded in a single source </li></ul><ul><li>Privacy issues are considered only within particular process </li></ul><ul><li>Approach requires interference with business logic of services </li></ul><ul><li>No general case, practical solutions </li></ul>
  4. 4. Content Inspection <ul><li>Well-developed algorithms and tools for detecting pre-loaded information in network transmissions . </li></ul><ul><li>Successfully applied in DLP (Data Loss Prevention) solutions </li></ul>
  5. 5. Content Inspection
  6. 6. Message exchange monitoring Sender Receiver <ul><li>Context </li></ul><ul><li>Time </li></ul><ul><li>Application </li></ul><ul><li>Process </li></ul><ul><li>Credentials </li></ul><ul><li>… </li></ul>Content Inspection
  7. 7. Private data disclosures Private information: Name: John Johnson Address : 1040 Example st. 2/3 Loan: 250 000 $ Date: 01.01.2010 …… <entry when=“1/1/10”> <n>Johnson J.</n> <sum>250,000</sum> </entry> …… ( Name(“ John Johnson ”) OR Address(“ 1040 Example st. 2/3 ”) ) AND Amount( 250000 ) AND Date( 01.01.2010 ) Disclosure specification: Possible detectable form Primitives: (used by content inspection) Name(“ John Johnson ”) Address(“ 1040 Example st. 2/3 ”) Amount( 250000 ) Date( 01.01.2010 )
  8. 8. Contexts <ul><li>A context can be a subcontext of another context. </li></ul><ul><li>If a disclosure occurs in context C1 which is subcontext of context C2, then it also occurs in C2 </li></ul>Example. Context = {Process A, Receiver = Endpoint1} is subcontext of Context = {Process A}
  9. 9. Privacy policies and promises <ul><li>A privacy promise may be assigned to a context </li></ul><ul><li>A privacy policy may be assigned to a disclosure </li></ul><ul><li>Policies and promises are comparable (we can check if a promise satisfies a policy) </li></ul><ul><li>So if a disclosure occurs in a context, we can check the promise against the policy </li></ul>
  10. 10. Example Process 1 S1 S2 S3 Process 2 Context = {Process 1} Promise = { Only for system administration } Context = {Process 2} Promise = { System administration, Marketing } D1 Disclosure D1 Policy = {System administration, research and development} D1 D1
  11. 11. Logging disclosure occurrences <ul><li>Disclosure occurrences log enables for more functionality: </li></ul><ul><li>Which disclosures occur in specified context? </li></ul><ul><li>In which contexts disclosure of specified type occurs? </li></ul><ul><li>What promise is enough for specified context to keep compliant with current private data usage practices? </li></ul><ul><li>How is the private data of specified type actually used? </li></ul><ul><li>What if we want to set another policy for private data or context, what violations will it produce for the current environment? </li></ul>
  12. 12. Architecture
  13. 13. Conclusion <ul><li>A framework which allows to control the private data propagation in SOA </li></ul><ul><li>Loose coupling with the system (can be deployed, e.g. at ESB level) </li></ul><ul><li>Different specifications can be used for policies and contexts </li></ul>
  14. 14. <ul><li>Thank you for attention. </li></ul><ul><li>Authors </li></ul><ul><li>Roman Khazankin, TU Vienna </li></ul><ul><li>Schahram Dustdar, TU Vienna </li></ul>

×