Skip to main content
SpringerLink
Log in

Privacy-Preserving Service Composition with Enhanced Flexibility and Efficiency

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12395))

Included in the following conference series:

  • 876 Accesses

Abstract

Service compositions are implemented through the interplay between actors of different organizations. Many composition systems use a middleware, which coordinates the service calls according to specified workflows. These middlewares pose a certain privacy issue, since they may read all the exchanged data. Furthermore, service compositions may require that only selected subsets of data that was initially supplied by the user are disclosed to the receiving actors. Traditional public key encryption only allows encryption for a particular party and lack of the ability to efficiently define more expressive access controls for a one-to-many communication. Besides privacy-preserving requirements, it may be necessary for participants in service compositions to be able to verify which actor has modified or added data during a process to ensure accountability of performed actions. This paper introduces a concept for efficient, privacy-preserving service composition using attribute-based encryption in combination with outsourced decryption as well as collaborative key management. Our concept enables end-to-end confidentiality and integrity in a one-to-many communication using fine-grained access controls, while minimizing the decryption effort for devices with low calculation capacity, which enables to use smartphones at the client side. The feasibility of the proposed solution is demonstrated by an implemented proof-of-concept including a performance evaluation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Algorithms of CP-ABE take as input the security parameter \(\kappa \) (unary representation), which represents an input size of the computational problem indicating the complexity of cryptographic algorithms.

  2. 2.

    https://jce.iaik.tugraz.at.

References

  1. Ma, Z., Manglery, J., Wagner, C., Bleier, T.: Enhance data privacy in service compositions through a privacy proxy. In: Sixth International Conference on Availability, Reliability and Security, pp. 615–620 (2011). https://doi.org/10.1109/ARES.2011.94

  2. Singaravelu, L., Pu, C.: Fine-grain, end-to-end security for web service compositions. In: IEEE International Conference on Services Computing (SCC 2007), pp. 212–219 (2007). https://doi.org/10.1109/SCC.2007.61

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy (SP 2007), pp. 321–334 (2007). https://doi.org/10.1109/SP.2007.11

  4. Lin, G., Hong, H., Sun, Z.: A collaborative key management protocol in ciphertext policy attribute-based encryption for cloud data sharing. IEEE Access 5, 9464–9475 (2017). https://doi.org/10.1109/ACCESS.2017.2707126

    Article  Google Scholar 

  5. Khabou, I., Rouached, M., Abid, M., Bouaziz, R., Enhancing web services compositions with privacy capabilities. In: Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services, iiWAS 2015, Brussels, Belgium, pp. 57:1–57:9 (2015). https://doi.org/10.1145/2837185.2837240

  6. Khabou, I., Rouached, M., Bouaziz, R., Abid, M.: Towards privacy-aware web services compositions. In: 2016 IEEE International Conference on Computer and Information Technology, CIT 2016, Nadi, Fiji, December 8–10, pp. 367–374 (2016). https://doi.org/10.1109/CIT.2016.26

  7. Carminati, B., Ferrari, E., Tran, N.H.: Secure web service composition with untrusted broker. In: IEEE International Conference on Web Services, pp. 137–144 (2014)

    Google Scholar 

  8. Organization for the Advancement of Structured Information Standards (OASIS): Extensible Access Control Markup Language (XACML), Identity, v.1.1. (2006)

    Google Scholar 

  9. Kaehmer, M., Gilliot, M., Mueller, G.: Automating Privacy Compliance with ExPDT. In: 2008 10th IEEE Conference on E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, ECommerce and E-Services, pp. 87–94 (2008). https://doi.org/10.1109/CECandEEE.2008.122

  10. Zuo, C., Shao, J., Wei, G., Xie, M., Ji, M.: CCAsecure ABE with outsourced decryption for fog computing. Future Gener. Comput. Syst. 78, 730–738 (2016). https://doi.org/10.1016/j.future.2016.10.028

    Article  Google Scholar 

  11. Wang, Z., Liu, W.: CP-ABE with outsourced decryption and directionally hidden policy. Secur. Commun. Netw. 9(14), 2387–2396 (2016)

    Article  Google Scholar 

  12. Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts, pp. 34–34 (2011)

    Google Scholar 

  13. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  14. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 89–98 (2006). https://doi.org/10.1145/1180405.1180418

  15. Rouselakis, Y., Waters, B.: New constructions and proof methods for large universe attribute-based encryption. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 463–474 (2013). https://doi.org/10.1145/2508859.2516672

  16. Ziegler, D., Sabongui, J., Palfinger, G.: Fine-grained access control in industrial Internet of Things. In: Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A. (eds.) SEC 2019. IAICT, vol. 562, pp. 91–104. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22312-0_7

    Chapter  Google Scholar 

  17. Oualha, N., Nguyen, K.T.: Lightweight attribute-based encryption for the Internet of Things. In: 2016 25th International Conference on Computer Communication and Networks (ICCCN), pp. 1–6 (2016). https://doi.org/10.1109/ICCCN.2016.7568538

  18. Hur., J.: Improving security and efficiency in attribute-based data sharing. IEEE Trans. Knowl. Data Eng. 25, 2271–2282 (2013). https://doi.org/10.1109/TKDE.2011.78

  19. Ambrosinet, M., et al.: On the feasibility of attribute-based encryption on Internet of Things Devices. IEEE Micro 36, 25–35 (2016). https://doi.org/10.1109/MM.2016.101

    Article  Google Scholar 

  20. National Institute of Standards & Technology: Recommendation for Key Management, Part 1: General (Rev 4). SP 800-57 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Applied Information Processing and Communications, Graz Technical University, 8010, Graz, Austria

    Kevin Theuermann, Felix Hoerandner, Andreas Abraham & Dominik Ziegler

Authors
  1. Kevin Theuermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Felix Hoerandner
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andreas Abraham
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dominik Ziegler
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kevin Theuermann .

Editor information

Editors and Affiliations

  1. School of Engineering, University of the Aegean, Karlovassi, Samos, Greece

    Stefanos Gritzalis

  2. SBA Research, Vienna, Wien, Austria

    Edgar R. Weippl

  3. Johannes Kepler University of Linz, Linz, Oberösterreich, Austria

    Gabriele Kotsis

  4. Vienna University of Technology, Vienna, Wien, Austria

    A Min Tjoa

  5. Johannes Kepler University of Linz, Linz, Oberösterreich, Austria

    Ismail Khalil

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Theuermann, K., Hoerandner, F., Abraham, A., Ziegler, D. (2020). Privacy-Preserving Service Composition with Enhanced Flexibility and Efficiency. In: Gritzalis, S., Weippl, E.R., Kotsis, G., Tjoa, A.M., Khalil, I. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2020. Lecture Notes in Computer Science(), vol 12395. Springer, Cham. https://doi.org/10.1007/978-3-030-58986-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-58986-8_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-58985-1

  • Online ISBN: 978-3-030-58986-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation