Privacy Issues in the Web Services Architecture

A Web service is a software system that supports interoperable application-to-application interactions over a network. Web services are based on a set of XML standards such as Universal Description, Discovery and Integration (UDDI), Web Services Description Language (WSDL), and Simple Object Access Protocol (SOAP). Recently, there have been increasing demands and discussions about Web services privacy technologies in the industry and research community. To enable privacy protection for Web service consumers across multiple domains and services, the World Wide Web Consortium (W3C) published a document called “Web Services Architecture (WSA) Requirements” that defines some fundamental privacy requirements for Web services. However, no comprehensive solutions to the various privacy issues have been so far defined. For these reasons, this chapter will focus on privacy technologies by first discussing the main privacy issues in WSA and related protocols. Then, this chapter illustrates the standardization efforts going on in the context of privacy for Web services and proposes different technical approaches to tackle the privacy issues.

Exercising the Right of Privacy

This chapter discusses privacy from the perspective of the consumer of e-services. It proposes a technique for risk management assessment designed to help consumers evaluate a situation to identify and understand potential privacy concerns. The technique centers around a series of questions based on common principles of privacy protection. The chapter discusses how a consumer can understand exposure risks and how information can be controlled and monitored to mitigate the risks. It also proposes a method for assessing the consumer’s value of personal information, and a mechanism for automated negotiation is presented to facilitate fair, private information exchange. The authors believe that these or similar techniques are essential to give consumers of e-services meaningful control over the personal information they release. This forward-looking chapter provides a foundation for developing methods to empower users with control over their private information.

Protecting Privacy Using XML, XACML, and SAML

This chapter describes how two new XML-based technologies, XACML (eXtensible Access Control Markup Language) and SAML (Security Assertion Markup Language) can be used to help protect privacy in e-services. The chapter is primarily a tutorial, briefly introducing XML, and then detailing the privacy features of XACML and SAML including XACML’s ability to ensure the expressed purpose of an action matches a purpose allowed for the resource on which the action is to be performed and SAML’s support for pseudonymity and communicating consent. Concepts are illustrated with detailed examples. The author hopes that readers will be both informed and intrigued by the possibilities for privacy applications made possible by XML, XACML, and SAML.

Pseudonym Technology for E-Services

Pseudonym technology is attracting more and more attention and, together with privacy violations, is becoming a major issue in various e-services. Current e-service systems make personal data collection very easy and efficient through integration, interconnection, and data mining technologies since they use the user’s real identity. Pseudonym technology with unlinkability, anonymity, and accountability can give the user the ability to control the collection, retention, and distribution of his or her personal information. This chapter explores the challenges, issues, and solutions associated with pseudonym technology for privacy protection in e-services. To have a better understanding of how the pseudonym technology provides privacy protection in e-services, we describe a general pseudonym system architecture, discuss its relationships with other privacy technologies, and summarize its requirements. Based on the requirements, we review, analyze, and compare a number of existing pseudonym technologies. We then give an example of a pseudonym practice — e-wallet for e-services and discuss current issues.

Privacy Protection Through Security

This chapter discusses how implementing network and computer security can protect privacy of Internet users. It argues that personal identifiable information is valuable to both clients and businesses alike, and therefore, both are responsible for securing privacy. They must understand the vulnerabilities, threats, and risks that they face, what information requires protection, and from whom. Businesses must also comprehend the business issues involved in securing data. Finally, security measures should be a strong mix of technological, physical, procedural, and logical measures where each measure is implemented in overlapping layers. Proposed solutions must be flexible, meet the objectives and businesses goals, and be revised on a regular basis. The author hopes that by understanding the proposed security solutions, readers will be able to implement steps to protect their privacy or client’s privacy.

Privacy Enforcement in E-Services Environments

This chapter presents technological measures for privacy enforcement (techniques that can be used to ensure that an organization’s privacy promises will be kept). It gives an introduction to the current state of technological privacy enforcement measures for e-services environments, proposes a comprehensive privacy enforcement architecture, and discusses some remaining issues and challenges related to privacy enforcement solutions. The goal of the proposed architecture, aside from integrating many of the current isolated technologies, is to ensure consistency between advertised privacy promises and actual privacy practices at the e-service provider Web site so that users can have greater confidence that their personal data will be safeguarded.

E-Services Privacy

This chapter introduces several aspects related to e-privacy such as needs, approaches, challenges, and models. It argues that e-privacy protection, although being of interest to many parties such as industry, government, and individuals, is very difficult to achieve since these stakeholders often have conflicting needs and requirements and may even have conflicting understanding of e-privacy. So finding one model or one approach to e-privacy protection that may satisfy these stakeholders is a challenging task. Furthermore, the author hopes that this chapter will present an acceptable definition for e-privacy and use this definition to discuss various aspects of e-privacy protection such as principles of developing e-privacy policies, individuals and organizations needs of various privacy issues, challenges of adopting and coping with e-privacy policies, tools and models to support e-privacy protection in both public and private networks, related legislations that protect or constraint e-privacy, and spamming and Internet censorship in the context of e-privacy. The author hopes that understanding these aspects will assist researchers in developing policies and systems that will bring the conflict in e-privacy protection needs of individuals, industry, and government into better alignment.

The Impact of Information Technology in Healthcare Privacy

The increased use of the Internet and latest information technologies such as wireless computing is revolutionizing the healthcare industry by improving services and reducing costs. The advances in technology help to empower individuals to understand and take charge of their healthcare needs. Patients can participate in healthcare processes, such as diagnosis and treatment, through secure electronic communication services. Patients can search healthcare information over the Internet and interact with physicians. The same advances in technology have also heightened privacy awareness. Privacy concerns include healthcare Web sites that do not practice the privacy policies they preach, computer break-ins, insider and hacker attacks, temporary and careless employees, virus attacks, human errors, system design faults, and social engineering. This chapter looks at medical privacy issues and how they are handled in the U.S. and New Zealand. A sample of 20 New Zealand health Web sites was investigated.

Modeling Method for Assessing Privacy Technologies

In this chapter we propose a modeling framework for assessing privacy technologies. The main contribution of the framework is that it allows us to model aspects of privacy and related system concerns (such as security and scalability) in a more comprehensive manner than the dataflow diagrams traditionally used for privacy analysis. The feature interaction perspective taken in the chapter allows us to reason about conflicts between a service user’s model of how the service works and its actual implementation. In our modeling framework such conflicts can be modeled in terms of goal conflicts and service deployment. Goal conflicts allow us to reflect conflicting points of view on system concerns (primarily privacy and security) among the different stakeholders, which are part of the system and its context. Deployment refers to the assignment of functionality to system components, which allows us to reason about dataflows between components, as well as potential conflicts of interest. As a demonstration of the framework, we illustrate how it can be applied to the analysis of single sign-on solutions such as .Net Passport.

Legislative Based for Personal Privacy Policy Specification

The growth of the Internet has been accompanied by a proliferation of e-services, especially in the area of e-commerce (e.g., Amazon.com, eBay.com). However, consumers of these e-services are becoming more and more sensitive to the fact that they are giving up private information every time they use them. At the same time, legislative bodies in many jurisdictions have enacted legislation to protect the privacy of individuals when they need to interact with organizations. As a result, e-services can only be successful if there is adequate protection for user privacy. The use of personal privacy policies to express an individual’s privacy preferences appears best-suited to manage privacy for e-commerce. We first motivate the reader with our e-service privacy policy model that explains how personal privacy policies can be used for e-services. We then derive the minimum content of a personal privacy policy by examining some key privacy legislation selected from Canada, the European Union, and the United States.