Service Discovery as an essential element in pervasive computing environments is widely accepted. Much research on service discovery has been conducted, but privacy and security have been ignored and may be sacrificed. While it is essential that legitimate users should be able to discover services, it is also necessary that services be hidden from illegitimate users. Since service information, service provider's information, service requests, user presence information, and user's identities may be sensitive, we may want to keep them private during service discovery processes. There appears to be no existing service discovery protocols that solve these problems. We present a user-centric model, called Prudent Exposure, which exposes minimal information privately and securely. Users and service owners exchange code words in an efficient and scalable form to establish mutual trust. Based on the trust, secure service discovery sessions are set up. The model is further improved to counter attacks. We analyze the mathematical properties of our model, formally verify our security protocol, and measure the performance of our prototype system.