INSERTION OF PRIVACY SERVICES IN PRIVACY ARCHITECTURE FOR WEB SERVICES (PAWS)
Bryn, Ajith Winston
MetadataShow full item record
Huge growth of the Internet is due to the large number of websites and web services through which information is easily accessible. E-commerce and e-services obtain much private data from users for various reasons such as advertising, marketing, etc. Collection, storage, and usage of private data are subject to various standards, privacy laws, and regulations. To adhere to these legal requirements, many privacy services, such as secure data transmission, authentication, notice, and consent, are required. Inclusion of these required privacy services early in the life cycle of the software development is preferred and advocated, but not fully adhered to. Inclusion of privacy services in legacy software and currently developed software is required. We describe software architecture and a system for automatic inclusion of privacy services, under the supervision of privacy expert, into web pages after the development phase of the Software Development Life Cycle. This will help organizations to adhere to standards, privacy laws, and regulations when collecting private data online from its clients. We also describe a prototype that we have developed as a proof-of-concept to demonstrate the feasibility of our approach.