【摘要】：隨著計算機技術(shù)的迅速發(fā)展,Web服務組合越來越廣泛的應用于互聯(lián)網(wǎng)中。用戶在使用服務組合時需要提供一些個人隱私信息來完成必要的業(yè)務功能,確保服務組合在滿足用戶功能性需求的前提下,保障用戶的隱私信息是服務組合隱私保護的關(guān)鍵性問題。因此在Web服務組合的設計階段,需要一種隱私分析和驗證方法來保證服務組合中的隱私信息安全。信息流分析方法是一種通過使用信息流策略保障系統(tǒng)端到端的信息傳輸安全性的方法,本文提出一種信息流分析方法對服務組合的隱私數(shù)據(jù)進行保護,從而保障用戶的隱私信息安全。本文的主要內(nèi)容如下:(1)提出Web服務組合隱私策略形式化規(guī)約方法。使用隱私數(shù)據(jù)項依賴圖模型構(gòu)造服務組合中隱私數(shù)據(jù)項間的依賴關(guān)系;提出基于隱私數(shù)據(jù)使用目的的格模型對隱私策略進行規(guī)約。(2)提出Web服務組合隱私行為建模與驗證方法。該方法采用隱私開放工作流網(wǎng)模型對BPEL的隱私行為進行建模,并將信息流的無干擾性屬性轉(zhuǎn)化為隱私開放工作流網(wǎng)的基于庫所的無干擾性,通過分析隱私開放工作流網(wǎng)中的基于庫所的無干擾性屬性,驗證服務組合的隱私行為是否滿足隱私策略的規(guī)約。(3)設計并實現(xiàn)了服務組合隱私信息流分析與驗證原型工具。利用該工具對服務組合的隱私行為進行細粒度的信息流分析和驗證,最后通過網(wǎng)絡購物服務組合的案例說明了所提出的理論和方法的有效性。
[Abstract]:With the rapid development of computer technology, Web services composition is more and more widely used in the Internet. When using service composition, users need to provide some personal privacy information to complete the necessary business functions, and ensure that the service composition meets the functional requirements of users. Protecting user's privacy information is the key problem of service composition privacy protection. Therefore, in the design phase of Web service composition, a privacy analysis and verification method is needed to ensure the security of privacy information in service composition. The information flow analysis method is a method to ensure the end-to-end information transmission security of the system by using the information flow strategy. In this paper, an information flow analysis method is proposed to protect the privacy data of the service composition. In order to protect the user's privacy information security. The main contents of this paper are as follows: (1) A formal specification method of Web service composition privacy policy is proposed. The dependence relationship between privacy data items in service composition is constructed by using privacy item dependency graph model. A lattice model based on the purpose of using privacy data is proposed to regulate privacy policy. (2) A modeling and verification method for privacy behavior of Web services composition is proposed. The privacy behavior of BPEL is modeled by the privacy open workflow net model, and the non-interference attribute of the information flow is transformed into the non-interference property based on the library of the privacy open workflow net. By analyzing the non-interference properties of the library based on the privacy open workflow network, the privacy behavior of the service composition is verified to satisfy the privacy policy specification. (3) A prototype tool for the analysis and verification of the privacy information flow of the service composition is designed and implemented. Using this tool, the privacy behavior of service composition is analyzed and verified by fine-grained information flow. Finally, the effectiveness of the proposed theory and method is illustrated by a case study of online shopping service composition.
【學位授予單位】：南京航空航天大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP309;TP393.09

【參考文獻】

相關(guān)期刊論文 前6條

1 吳澤智;陳性元;楊智;杜學繪;;信息流控制研究進展[J];軟件學報;2017年01期

2 劉瑩;;矛與盾的交鋒——大數(shù)據(jù)背景下的隱私泄露現(xiàn)狀研究[J];法制與社會;2015年36期

3 賈哲;黃志球;王珊珊;沈國華;柯昌博;;支持本體推理的P3P隱私策略沖突檢測研究[J];計算機科學與探索;2013年01期

4 劉林源;李清;祝義;周航;肖芳雄;黃志球;;Web服務組合中的隱私需求規(guī)約與驗證[J];解放軍理工大學學報(自然科學版);2012年01期

5 李景霞,侯紫峰;Web服務組合綜述[J];計算機應用研究;2005年12期

6 岳昆,王曉玲,周傲英;Web服務核心支撐技術(shù):研究綜述[J];軟件學報;2004年03期

，

本文編號：2351900