Service-based computing meets privacy

My research focuses on devising approaches to minimize the risk of privacy breaches for service consumers and service providers. In this talk, I will first discuss the main privacy concerns that service consumers and service providers have with respect to service selection and invocation. Then, I will introduce two approaches that alleviate service consumers and service providers privacy concerns by limiting the disclosure of personal and sensitive information. The first approach that I will introduce helps service consumers to select and compose services that minimize the risk of unauthorized disclosure of their personal information.The approach ranks admissible composite services (i.e., composite services whose privacy policy satisfy user preferences) with respect to the risk of misuse of personal data. Then, I will present an approach that allows service providers to limit during service invocation the knowledge that service consumers have of the access control policies they are subject to, while providing service consumers some guarantee that they will complete the interaction with the service.  I will conclude the talk by discussing new risks posed to services consumers’ privacy by the use of big data analytics and outlining a possible solution.