Wei She

TL;DR: This paper proposes an enhanced security model to facilitate the control of information flow through service chains that extends the basic security models by introducing the concepts of delegation and pass-on.

TL;DR: A run-time information flow control model to enable each service in a service chain to specify policies on how its sensitive information can be released to its subsequent services and what types of input data from prior services can be accepted and how they can flow within the services is developed.

TL;DR: A novel three-phase composition protocol integrating information flow control is developed that uses historical information to efficiently evaluate and prune candidate compositions and perform local/remote policy evaluation only on top candidates, and introduces the novel concept of transformation factor to model the computation effect of intermediate services.

TL;DR: This paper develops a role-based data provenance scheme which tracks the roles of the data originators and contributors and uses this information to help evaluate data trustworthiness and develops an extended access control model in which access permissions are specified with constraints over the provenance attributes.