【作者】 刘林源；

【导师】 黄志球；

【作者基本信息】 南京航空航天大学 ， 计算机应用技术， 2011， 博士

【摘要】 面向服务计算SOC(Service-Oriented Computing)是一种基于Internet的分布式计算模式,代表了软件开发的最新发展方向。SOC以Web服务作为基本组成单元,有效地解决了在分布、动态、异构环境下的分布式应用集成问题。Web服务组合是实现SOC的核心技术之一,它通过组合已有的Web服务形成新的增值服务,用以满足用户的需求。用户在享受组合服务功能的同时,需要释放一些个人隐私信息,用以支持组合服务的执行。由于面向服务环境的开放、自治和动态的本质,组合服务的提供者在获得这些隐私信息后,可能会未经授权的访问、使用和暴露它们,从而对用户造成了极大的隐私危害。面对这些危害,用户越来越担心其个人信息的隐私安全,他们一方面希望通过组合服务来完成业务功能,另一方面他们也希望所遭遇的隐私危害最小,因此如何在满足用户功能需求的前提下最大可能的减小隐私危害是实现安全Web服务组合的一个关键问题。当前国内外研究者对Web服务组合开展了广泛而深入的研究,但很少关注保护用户的个人隐私。针对当前研究工作的不足,本文围绕Web服务组合中的隐私分析与验证问题展开研究,主要成果如下:(1)研究了Web服务组合隐私分析与验证框架,该框架支持用户表达个性化的隐私策略、设置隐私数据的敏感度,并支持服务组合者在设计服务组合时,验证该组合是否满足用户的隐私策略约束,并且分析它的隐私暴露与授权问题,基于上述分析验证过程所组合的Web服务能减少对隐私数据的误用和危害,为提高组合服务的安全性和可靠性提供了基础。(2)研究了Web服务组合隐私访问控制问题,提出一种基于信任度的Web服务组合隐私访问控制模型,该模型利用信任度作为服务访问隐私权限的资格条件,给出了隐私策略执行系统,分析了该系统的功能组件以及执行流程,并且给出了相应的隐私授权决策算法,为细粒度的隐私授权的实施提供了重要保障。(3)研究了Web服务组合隐私建模与验证问题,提出一种扩展隐私语义的接口自动机模型,利用该模型对Web服务及其组合的隐私行为进行建模,给出了服务的BPEL流程活动到隐私接口自动机的转换方法;在此基础上将服务组合的自动机模型转换到它的相容状态空间可达图,然后提出了隐私授权验证算法,根据该算法检测可达图中是否存在隐私策略违背,从而验证服务组合是否满足用户的隐私策略约束,为提高组合服务的功能正确性和隐私安全性提供了重要保障。(4)研究了Web服务组合中的隐私暴露与授权问题,提出一种Web服务组合最小隐私暴露与最优隐私授权分析方法。首先给出了隐私暴露代价的计算方法,对满足隐私策略约束的相容状态空间可达图加注隐私暴露代价形成隐私代价可达图;然后提出了最小隐私代价可达路径算法,使用它对隐私代价可达图中的路径进行暴露代价计算,从而分析服务组合中的最小隐私暴露问题;最后提出了最优隐私策略设置算法,利用该算法在最小隐私代价可达图的基础上分析了服务组合中的最优隐私授权。最小隐私暴露和最优隐私授权问题的分析对减小服务组合的隐私危害具有重要的意义。(5)基于以上方法和理论,设计和实现了Web服务组合隐私分析验证原型工具,利用该工具对服务组合进行隐私分析和验证,并通过一个实例说明本文所提方法和理论的正确性和实用性。更多还原

【Abstract】 Service-Oriented Computing (SOC) is a kind of Internet-based distributed computing model, which proposes a promising paradigm of software development. SOC has efficiently solved the integration problem of distributed applications in a distributed, dynamic and heterogeneous environment by taking the Web service as basic components. Web services composition is one of the core technologies of realizing SOC. It satisfies the requirements of users to form new value-added services by composing existing services. The users have to release some personal private information to support the execution of the services composition to obtain the benefits of the services composition. Due to the characteristics of the service-oriented environment, i.e., open, autonomous, and dynamic, the provider of the services composition may access, use or disclose the private information without authorization after obtaining it, thus causing huge damages to the privacy of uses.Facing with this privacy hazard, users worry about the security of their personal information. On one hand, they hope to accomplish the business tasks through the services composition; on the other hand, they also hope that the damage to their privacy can be minimized. Hence, how to minimize the damage to the users’privacy on the premise of satisfying the functional requirement of users is a key issue in realizing secure Web services composition. Many researchers at home and abroad have conducted extensive and profound investigations to the Web service composition, but few of them pays enough attention to protection of personal privacy. In view of the current limitations of the study, this thesis conducts the research on the privacy protection problem of Web service compositions, the major contributions are as follows:(1) It investigates the privacy analysis and verification framework for Web services composition. Within this framework, users can express their personalized privacy policies, set the sensitive degree of the privacy data; and the service composer can check whether the design satisfies the privacy policy constraints of the users in the process of designing the services composition, and thus analyze the privacy disclosure and authorization of the Web services composition within this framework that can efficiently decrease the harm of privacy disclosure and provide basic conditions to improve the security and reliability of services composition.(2) It studies the problem of privacy access control of Web services composition. It proposes a trust-based Web services privacy access control model. This model utilizes a trust degree to limit the access of the services to the privacy and presents an enforcement system of privacy policies. Besides, it analyzes the function components of the system as well as the executive process and presents the corresponding algorithm for the privacy authorization decision which is very important to the implementation of fine-grained privacy authorization.(3) It explores the privacy modeling and verification problem of Web services composition. It proposes an interface automata model by extending privacy semantics, and utilizes this model to specify the privacy behaviors of the Web services and their compositions. It also presents a transformation method from BPEL process activities to privacy interface automata. On top of that, it transforms a privacy interface automata of a services composition to a state space reachability graph and presents a verification algorithm of the privacy authorization. This algorithm can verify whether there is violation in the reachability graph, and thus verify whether the services composition satisfies the privacy requirements of users. This algorithm provides an important foundation to improve the function correctness and privacy security of services.(4) It inspects the privacy disclosure and authorization problem in Web services composition and presents an analysis method of the minimal privacy disclosure and optimal privacy authorization. Firstly it put forward a method to compute the privacy disclosure cost. This method assigns the privacy disclosure cost to a state space reachability graph which satisfies the privacy policy constraints so as to from the minimal privacy cost reachability graph. Then it proposes an algorithm to obtain the reachability path of the minimal privacy cost. It can be utilized to compute the privacy cost of the reachability path, and thus analyze the minimal privacy disclosure of the services composition. At last it offers an algorithm of setting the optimal privacy policy, with which the optimal privacy authorization of the services composition can be analyzed based on the minimal privacy cost reachability graph. The analysis on the problems like the minimal privacy disclosure and optimal privacy authorization is of great significance in decreasing the privacy disclosure hazard of services composition.(5) Based on the above methods and theories, this thesis designs and implements a privacy analysis and verification tool for Web services composition. With this tool, the privacy analysis and verification to the services composition can be conducted. On top of that, this paper presents a case study of on-line shopping transactions to prove the correctness and efficiency of the methods and theories contributed by this thesis.更多还原