A technique for orchestrating composite web services in a constrained data flow environment. Data flow constraints represent the restrictions which the domains involved in composition might want to impose on access to the data they provide or the source from which they can accept data. The data flow constraints are overcome by breaking down an input composite web service specification into topologies (a topology is a set of partitions communicatively connected with one another at runtime). The system applies a rule-based filtering mechanism to choose a topology that does not violate any data flow constraints. Each of the partitions belonging to the chosen topology is executed within the same domain as the corresponding web service it invokes, thus having the same access rights as the corresponding web service. The composite web service is orchestrated in a decentralized fashion using these partitions, thereby ensuring that no data flow constraints are violated.