Privacy-preserved security-conscious framework to enhance web service composition

Abstract

The emergence of loosely coupled and platform-independent Service-Oriented Computing (SOC) has encouraged the development of large computing infrastructures like the Internet, thus enabling organizations to share information and offer valueadded services tailored to a wide range of user needs. Web Service Composition (WSC) has a pivotal role in realizing the vision of implementing just about any complex business processes. Although service composition assures cost-effective means of integrating applications over the Internet, it remains a significant challenge from various perspectives. Security and privacy are among the barriers preventing a more extensive application of WSC. First, users possess limited prior knowledge of security concepts. Second, WSC is hindered by having to identify the security required to protect critical user information. Therefore, the security available to users is usually not in accordance with their requirements. Moreover, the correlation between user input and orchestration architecture model is neglected in WSC with respect to selecting a high performance composition execution process. The proposed framework provides not only the opportunity to securely select services for use in the composition process but also handles service users’ privacy requirements. All possible user input states are modelled with respect to the extracted user privacy preferences and security requirements. The proposed approach supports the mathematical modelling of centralized and decentralized orchestration regarding service provider privacy and security policies. The output is then utilized to compare and screen the candidate composition routes and to select the most secure composition route based on user requests. The D-optimal design is employed to select the best subset of all possible experiments and optimize the security conscious of privacy-preserving service composition. A Choreography Index Table (CIT) is constructed for selecting a suitable orchestration model for each user input and to recommend the selected model to the choreographed level. Results are promising that indicate the proposed framework can enhance the choreographed level of the Web service composition process in making adequate decisions to respond to user requests in terms of higher security and privacy. Moreover, the results reflect a significant value compared to conventional WSC, and WSC optimality was increased by an average of 50% using the proposed CIT.