Extend Web Service Security Negotiation Framework in Privacy

Full Text (PDF, 830KB), PP.30-39

Views: 0 Downloads: 0


Amira Abdelatey 1,* Mohamed Elkawkagy 1 Ashraf Elsisi 1 Arabi Keshk 1

1. Faculty of Computers and Information/Computer Science, Menofia University, Egypt

* Corresponding author.

DOI: https://doi.org/10.5815/ijitcs.2017.08.04

Received: 2 Jan. 2017 / Revised: 22 Feb. 2017 / Accepted: 25 Mar. 2017 / Published: 8 Aug. 2017

Index Terms

Web service privacy, negotiation, SOA message security, web service negotiation, Web service non-functional properties, Quality of Service attributes


Nowadays web service privacy gets high attention especially in the fields of finance and medical. Privacy preserves access rights to personally identifiable information. Different models have been proposed for enforcing privacy in web service environment. Getting a privacy level for protecting data transferred between consumer and provider in a web service environment is still a problem. Negotiation helps participants to get a privacy level. This paper extends web service security negotiation framework in a multilateral web service environment for negotiating privacy. A repaired genetic negotiation framework used to conduct the privacy negotiation. In privacy negotiation, the negotiation communication structure uses a broker for negotiation; where each participant sends its attributes to the broker. Negotiation using this communication structure decreases the number of messages transferred so less execution time. The genetic-based Negotiation is compared to traditional time-based negotiation. Through experimental results, genetic based negotiation outperforms traditional time-based negotiation.

Cite This Paper

Amira Abdelatey, Mohamed Elkawkagy, Ashraf Elsisi, Arabi Keshk, "Extend Web Service Security Negotiation Framework in Privacy", International Journal of Information Technology and Computer Science(IJITCS), Vol.9, No.8, pp.30-39, 2017. DOI:10.5815/ijitcs.2017.08.04


[1]M. Alrifai, T. Risse, and W. Nejdl, "A hybrid approach for efficient Web service composition with end-to-end QoS constraints," ACM Transactions on the Web (TWEB), vol. 6, p. 7, 2012.

[2]Z. Zheng, Y. Zhang, and M. R. Lyu, "Investigating QoS of real-world web services," IEEE Transactions on Services Computing, vol. 7, pp. 32-39, 2014.

[3]A. Abdelatey, M. Elkawkagy, A. El-Sisi, and A. Keshk, "A Multilateral Agent-Based Service Level Agreement Negotiation Framework," in International Conference on Advanced Intelligent Systems and Informatics, 2016, pp. 576-586.

[4]A. Meligy and P. El-Kafrawy, "A Web Service Discovery based on QoS Negotiation Approach," International Journal of Computer Applications, vol. 111, 2015.

[5]M. Resinas, P. Fernández, and R. Corchuelo, "A bargaining-specific architecture for supporting automated service agreement negotiation systems," Science of Computer Programming, vol. 77, pp. 4-28, 2012.

[6]A. Abdelatey, M. Elkawkagy, A. El-Sisi, and A. Keshk, "RGSS-Negotiation: A Genetic-Based Approach for Web Service Security Negotiation," in The 11thIEEE International Conference on Computer Engineering and Systems (ICCES 2016) 2016, pp. 53-58.

[7]N. Ammar, Z. Malik, E. Bertino, and A. Rezgui, "Dynamic Privacy Policy Management in Services-Based Interactions," in International Conference on Database and Expert Systems Applications, 2014, pp. 248-262.

[8]P. C. Hung, D. K. Chiu, W. Fung, W. K. Cheung, R. Wong, S. P. Choi, et al., "Towards end-to-end privacy control in the outsourcing of marketing activities: A web service integration solution," in Proceedings of the 7th international conference on Electronic commerce, 2005, pp. 454-461.

[9]A. Ajay, A. Jaiswal, and K. Verma, "Security of Web Applications with short web service: a review Study," in 2015 Fifth International Conference on Advanced Computing & Communication Technologies, 2015, pp. 569-574.

[10]L. D. Ngan and R. Kanagasabai, "Semantic Web service discovery: state-of-the-art and research challenges," Personal and ubiquitous computing, vol. 17, pp. 1741-1752, 2013.

[11]M. Al-Aaidroos, N. Jailani, and M. Mukhtar, "Automated web service SLA negotiation using multiagent system," in WITPress, 2014.

[12]C. Di Napoli, P. Pisa, and S. Rossi, "Towards a dynamic negotiation mechanism for qos-aware service markets," in Trends in Practical Applications of Agents and Multiagent Systems, ed: Springer, 2013, pp. 9-16.

[13]A. Abdelatey, M. Elkawkagy, A. El-Sisi, and A. Keshk, "A Repaired Genetic Algorithm-based Approach for Web Service Security Negotiation," in International Conference on Computer Theory and Applications, 2016.

[14]M. Al-Aaidroos, N. Jailani, and M. Mukhtar, "Agent-based negotiation framework for web service's SLA," in Information Technology in Asia (CITA 11), 2011 7th International Conference on, 2011, pp. 1-7.

[15]E. Costante, F. Paci, and N. Zannone, "Privacy-aware web service composition and ranking," in Web Services (ICWS), 2013 IEEE 20th International Conference on, 2013, pp. 131-138.

[16]Y. Li, N. Cuppens-Boulahia, J.-M. Crom, F. Cuppens, V. Frey, and X. Ji, "Similarity measure for security policies in service provider selection," in International Conference on Information Systems Security, 2015, pp. 227-242.

[17]S. Godik, A. Anderson, B. Parducci, P. Humenn, and S. Vajjhala, "OASIS eXtensible access control 2 markup language (XACML) 3," Tech. rep., OASIS2002.

[18]Y. Li, N. Cuppens-Boulahia, J.-M. Crom, F. Cuppens, and V. Frey, "Reaching agreement in security policy negotiation," in 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, 2014, pp. 98-105.

[19]S. Sadki and H. El Bakkali, "An approach for privacy policies negotiation in mobile health-Cloud environments," in Cloud Technologies and Applications (CloudTech), 2015 International Conference on, 2015, pp. 1-6.

[20]K. Hashmi, A. Alhosban, Z. Malik, B. Medjahed, and S. Benbernou, "Automated Negotiation Among Web services," in Web Services Foundations, ed: Springer, 2014, pp. 451-482.

[21]P. Faratin, C. Sierra, and N. R. Jennings, "Negotiation decision functions for autonomous agents," Robotics and Autonomous Systems, vol. 24, pp. 159-182, 1998.

[22]H. F. E. Yamany, M. A. Capretz, and D. S. Allison, "Quality of security service for web services within SOA," in 2009 Congress on Services-I, 2009, pp. 653-660.

[23]E. Zheleva and L. Getoor, "To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles," in Proceedings of the 18th international conference on World wide web, 2009, pp. 531-540.

[24]G. Pandurangan, P. Robinson, and M. Scquizzato, "A Time-and Message-Optimal Distributed Algorithm for Minimum Spanning Trees," arXiv preprint arXiv:1607.06883, 2016.