Collaborative Information Service Privacy Algebra for User Defined Security Asim Kumar Pal 1 , Subrata Bose 2 and Arpita Maitra 1 1 Management Information Systems Group, Indian Institute of Management Calcutta, Kolkata, India 2 Department of Computer Science and Engineering, Neotia Institute of Technology, Management & Science, Kolkata, India Keywords: Privacy Template, Privacy Issue, Privacy Protection, Dominance Relation. Abstract: With the increased activity over the internet and globalization of the market economy collaborative computing becomes an important area of research. Security is an increasing concern because of chances of malicious elements breaching the network of collaborating partners. Further the level of mutual belief among the collaborators would not be identical and may change with experience. Thus the concept of user defined flexible security requirements arose. The idea of user defined privacy template was brought in IRaaS (Information Retrieval as a Service) (Pal and Bose 2013) which is a flexible system of information services to customers who seek information from various sources through a service provider. The idea was further extended to CIS (Collaborative Information Service) (Pal and Bose 2016) which provides a framework for general information exchange activities (not restricted to retrievals only) for a set of collaborating partners. The current work extends CIS by introducing privacy algebra to be applied on templates to get a concise expression of privacy restrictions. CIS is a step towards a privacy aware collaborative computing problem. 1 INTRODUCTION Collaboration is often required by independent organizations for their interlinked business, e.g. partners in a supply chain. Many organizations find that collaboration brings additional value to them. Information exchange or information sharing plays a major role in such joint activities. Consider a typical example from e-commerce. An on-line purchase by a buyer goes through a series of information activities such as finding the products of interests, checking their stocks in the warehouses, enquiring delivery status of the items from warehouse to the customer’s address, receiving payment through some credit card company, waiting for return of some goods, etc. In another situation, for a bulk order involving different products and shipping addresses all or most of the above tasks could be performed without much of user interaction though the purchase could be on-line or off-line. Such applications can be designed as a sequence of information exchange activities which are collaborative in nature. We need efficiency as well as security of the operations among separate and independent organizations or organizational components. This kind of computations comes under what is known as collaborative computing. Fundamentally such computation works on the principles of distributed system (Zhu et al. 2006). Security is a serious issue in collaborative computing (Atallah 2006; Ahmed and Tripathi 2007). Security concerns are more serious when the participants do not have much knowledge of each other, e.g. a customer or a small business to a credit card company. Collaboration is successful only when the participants can keep trust in the system. An important security concern in such collaborative computation is at data level. All the data elements belonging to a given participant need not be equally sensitive with respect to specific opponents or its security may need to be traded with efficiency of the activity. This kind of security is known as attribute oriented security (Zhang et al. 2006). Security in collaboration can be user oriented or user defined and role based. Pal and Dey (2014) proposed user oriented policies for secure data storage and computation of enterprise data in cloud collecting varying perceptions of users about trustworthiness of the Cloud Service Provider and also roles which the users represent. The work of (Pearson, Shen and Pal, A., Bose, S. and Maitra, A. Collaborative Information Service - Privacy Algebra for User Defined Security. DOI: 10.5220/0005746304730481 In Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP 2016), pages 473-481 ISBN: 978-989-758-167-0 Copyright c  2016 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved 473