On securing privacy in composite web service transactions

Today´s numerous online transactions are implemented as composite web services in various domains including business, healthcare, government and education. One important aspect of secured online transactions is privacy protection. This paper addresses privacy issues in composite web service transactions by providing an intelligent semi-automated privacy-aware approach to efficiently building an appropriate composite web service that (1) satisfies service functional requirements with (near) minimum number of services and information leakage, and (2) complies, as much as possible, with a customer´s privacy preferences and trust (in service providers when available). Furthermore, we describe details of the proposed approach and illustrates its use that exploits generic knowledge about types and sensitivity levels of information, together with specific knowledge about customer privacy preferences and trusts on certain providers.