Enhancing P3P Framework through Policies and Trust

Thumbnail Image

Files

118.pdf (380.23 KB)

Links to Files

https://ebiquity.umbc.edu/paper/html/id/192/Enhancing-P3P-Framework-through-Policies-and-Trust

Permanent Link

http://hdl.handle.net/11603/12257

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2004-09-09

Type of Work

technical reports
Text

Department

Program

Citation of Original Publication

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

privacy preferences (P3P)
policy
trust
UMBC Ebiquity Research Group

Abstract

The Platform for Privacy Preferences (P3P) is a W3C standard that websites can use to describe their privacy practices. The presence of P3P policies enable users to configure web browsers to constrain what they can and cannot do when visiting websites. It's a good idea that unfortunately is rarely used. We identify two reasons: (i) the languages available to define a user's privacy preferences are not very expressive and (ii) most websites do not have published P3P policies. We present enhancements to P3P framework that uses trust and the Semantic Web concepts to solve these problems. We use the RDF-based Rei policy language to enable users to describe their privacy-related constraints and preferences. Further, our approach is effective even in the absence of published P3P policies through the incorporation of our trust model. We present use cases to demonstrate the relevance of our work to the current web privacy landscape and offer it as a powerful enhancement that can promote P3P's adoption and use.