Compliance enforcement for service process flows

Abstract

In a service oriented system both the internal and the external services may easily interact with each other, which may make the establishment and the enforcement of the privacy policies and the rules across the systems increasingly challenging. In this paper we present our ongoing system architecture and implementation work to enable efficient and flexible methods for auditing such systems by leveraging the middleware platform capabilities. We show how the service process flows that have been executed in the system can be audited both based on their structure and the information that is disclosed by them. © 2007 IEEE.