Skip to Main Content
Service-oriented systems facilitate business workflows to span multiple organizations (e.g. by means of Web services). As a side effect, data may be more easily transferred over organizational boundaries. Thus, privacy issues arise. At the same time, there are personal, business and legal requirements for protecting privacy and IPR and allowing customers to request information about how and by whom their data was handled. Managing these requirements constitutes an unsolved technical and organizational problem. We propose to solve the information request problem by attaching meta-knowledge about how data was handled to the data itself. We present our solution, in form of an architecture, a formalization and an implemented prototype for logging and collecting logs in service-oriented and cross-organizational systems.