This article describes how by using web service composition to model different business processes is a usual tendency in the industry. More specifically, web service composition enables to separate a certain process in different activities that must be executed following a certain order. Each activity has its own set of inputs and outputs and is executed by a certain web service hosted by a service provider which can be completely independent. Among all the applications in which web service composition may be applied, this article focuses on a cloud-based scenario in which a business wishes to outsource the execution of a certain complex service in exchange for some economical compensation. It is for this reason, among the different composition approaches that exist in the literature, this article focuses on the orchestrated one, in which a broker coordinates the composition. One of the main issues of orchestrated systems is the fact that the broker receives and learns all the input data needed to perform the requested complex service. This behavior may represent a serious privacy problem depending on the nature of the business process to be executed. In this article, a new privacy-preserving orchestrated Web service composition system based on a symmetric searchable encryption primitive is proposed. The main target of this new scheme is to protect the privacy of the business that wish to outsource their operations using a cloud-based solution in which the broker is honest but curious, this is, this entity tries to analyze data and message flows in order to learn all the possible sensitive information from the rest of participants in the system.
CORRECTNESS CONTROL OF PRIVACY-PRESERVING DECENTRALIZED CONSTRAINED WEB SERVICE COMPOSITIONS THROUGH AUDITING
