Abstract

The service consumer's confidence in the protection of their privacy is an important factor for the success of electronic services (e-services). It may increase if the service provider offers a description of its data practices. This description can be compared to what the consumer defines as appropriate practices. To allow the exchange of privacy-related descriptions and automatically compare them, the parties involved in the interaction should be able to use a common vocabulary. The goal of this paper is to present a base privacy ontology for e-services and a privacy framework for service-oriented architecture (SOA). The ontology offers a base vocabulary that can be extended to create ontologies specific to a given service domain and operating environment. The framework uses ontologies so that it can support service selection considering the consumer's privacy requirements. It extends SOA with provider policies and consumer preferences based on privacy ontologies.