End-to-end privacy control in service outsourcing of human intensive processes: A multi-layered Web service integration approach

Hung, Patrick C. K.; Chiu, Dickson K. W.; Fung, W. W.; Cheung, William K.; Wong, Raymond; Choi, Samuel P. M.; Kafeza, Eleanna; Kwok, James; Pun, Joshua C. C.; Cheng, Vivying S. Y.

End-to-end privacy control in service outsourcing of human intensive processes: A multi-layered Web service integration approach

Patrick C. K. Hung (), Dickson K. W. Chiu (), W. W. Fung (), William K. Cheung (), Raymond Wong (), Samuel P. M. Choi (), Eleanna Kafeza (), James Kwok (), Joshua C. C. Pun () and Vivying S. Y. Cheng ()
Additional contact information
Patrick C. K. Hung: University of Ontario Institute of Technology
Dickson K. W. Chiu: Dickson Computer Systems
W. W. Fung: The Hong Kong University of Science and Technology
William K. Cheung: Hong Kong Baptist University
Raymond Wong: University of New South Wales
Samuel P. M. Choi: The Open University of Hong Kong
Eleanna Kafeza: Athens University of Economics and Business
James Kwok: The Hong Kong University of Science and Technology
Joshua C. C. Pun: The Hong Kong University of Science and Technology
Vivying S. Y. Cheng: The Hong Kong University of Science and Technology

Information Systems Frontiers, 2007, vol. 9, issue 1, No 6, 85-101

Abstract: Abstract With the recent adoption of service outsourcing, there have been increasing general demands and concerns for privacy control, in addition to basic requirement of integration. The traditional practice of a bulk transmission of the customers’ information to an external service provider is no longer adequate, especially in the finance and healthcare sectors. From our consultancy experience, application-to-application privacy protection technologies at the middleware layer alone are also inadequate to solve this problem, particularly when human service providers are heavily involved in the outsourced process. Therefore, we propose a layered architecture and a development methodology for enforcing end-to-end privacy control policies of enterprises over the export of personal information. We illustrate how Web services, augmented with updated privacy facilities such as Service Level Agreement (SLA), Platform for Privacy Preferences Project (P3P), and the P3P Preference Exchange Language (APPEL), can provide a suitable interoperation platform for service outsourcing. We further develop a conceptual model and an interaction protocol to send only the required part of a customer’s record at a time. We illustrate our approach for end-to-end privacy control in service outsourcing with a tele-marketing case study and show how the software of the outsourced call center can be integrated effectively with the Web services of a bank to protect privacy.

Keywords: Web service integration; Privacy policies; Need-to-know principle; Layered architecture; SLA; P3P; APPEL (search for similar items in EconPapers)
Date: 2007
References: View complete reference list from CitEc
Citations: View citations in EconPapers (5)

Downloads: (external link)
http://link.springer.com/10.1007/s10796-006-9019-y Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:infosf:v:9:y:2007:i:1:d:10.1007_s10796-006-9019-y

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/10796

DOI: 10.1007/s10796-006-9019-y

Access Statistics for this article

Information Systems Frontiers is currently edited by Ram Ramesh and Raghav Rao

More articles in Information Systems Frontiers from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().