Title :
Privacy policy compliance for Web services
Author :
Yee, George ; Korba, Larry
Author_Institution :
Inst. for Inf. Technol., National Res. Council Canada, Ottawa, Ont., Canada
Abstract :
The growth of the Internet has been accompanied by the growth of Web services (e.g. e-commerce, e-health). This proliferation of Web services and the increasing regulatory and legal requirements for personal privacy have fueled the need to protect the personal privacy of Web service users. We advocate a privacy policy negotiation approach to protecting personal privacy (Yee and Korba, 2003; ). We provided semiautomated approaches for deriving personal privacy policies (Yee and Korba, 2004). However, it is evident that approaches are also needed to ensure that providers of Web services comply with the privacy policies of service users. In this paper, we examine privacy legislation to derive requirements for privacy policy compliance systems. We then propose an architecture for a privacy policy compliance system that satisfies the requirements and discuss the strengths and weaknesses of our proposed architecture.
Keywords :
Internet; data privacy; legislation; security of data; Internet; Web service users; e-commerce; e-health; legal requirements; personal privacy policies; personal privacy protection; privacy legislation; privacy policy compliance; privacy policy negotiation; regulatory requirements; Councils; Information technology; Legislation; Privacy; Protection; Service oriented architecture; Simple object access protocol; Web and internet services; Web services; XML;
Conference_Titel :
Web Services, 2004. Proceedings. IEEE International Conference on
Print_ISBN :
0-7695-2167-3
DOI :
10.1109/ICWS.2004.1314735
