| Mashups, which use multiple sources to create a new service, emerged as an evolution of Web2.0. However, scalable authorization control for mashups is very difficult. To enable a mashup to gather data from legacy applications and services, users must obey as the mashup host orders. These orders are created without any standard or limits about the privacy protection. This authorization approach violated the principle of least privilege and leaves users vulnerable to misuse of their private information by malicious mashups.To overcome the limitations, we introduce the privacy-preserving authorization method for mashups, which encapsulates the data of backend services with different private sensitivity degrees before the authorization process executes. We also give the data-user relationship model to make standard for backend services when defining private sensitivity degrees of users’ data. In this progress, standard encapsulation file and authorization file are created successively. In the end, the authorization-steps, which could be set stored for regular use of the mashups, are created based on the authorization mechanism and authorization file.The proposed method mainly focuses on the users and backend services, which are the real data owners. Through this method, users have the ability to observe and control the data involved in the mashup, and the backend services can take the responsibility of their users’ private information protecting. In the end of the paper, the application example and a series of experimental study are given to demonstrate the feasibility and efficiency of this method. |
PDF Full Text Request