Presentation on theme: "P3P - Platform for Privacy Preference Barkha J. Herman Florida Atlantic University."— Presentation transcript:
P3P - Platform for Privacy Preference Barkha J. Herman Florida Atlantic University
Introduction W3C Emerging standard Allows users to control how personal info is used by web sites Uses XML and RDF to express policies HTTP for transport
Background Recommendation proposed by W3C Issue with usage of cookies / data collection by web sites. Working group est Specification 1.0 published April 2002 Future – CC/PP, XML Signatures.
Why P3P? Privacy - top concern of individuals Privacy issues impeding growth Early attempts on disclosure lengthy and confusing Need for consistency, simplicity, transparency Global solution for global market
What does it address? Who is collecting this data? Exactly what information is being collected? For what purposes? Which information is being shared with others? And who are these data recipients? Can users make changes in how their data is used? How are disputes resolved? What is the policy for retaining data? And finally, where can the detailed policies be found in "human readable" form?
How does it work Policies are expressed in XML – machine readable Policies are transferred over HTTP Retrieval can be automated Policy verification is seamless Privacy Reports are viewable by client – human readable
How does it work?
Enabling – Server side Create a policy file Publish it in the default directory (/w3c/p3p.xml) Optionally, include reference in the HTTP header Optionally, include compact notation in the http header
Enabling – Client side User Agent checks for policy User agent compares against set policy If match, user agent gets page and displays If no match, page (or cookie) is rejected User Agent displays privacy report
P3P reference in http header HTTP/ OK Date: Wed, 17 Mar :23:59 GMT Server: Apache/ (Unix) PHP/4.2.3 Content-Location: Overview.html Vary: negotiate,accept TCN: choice P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml" Cache-Control: max-age=600 Expires: Wed, 17 Mar :33:59 GMT Last-Modified: Tue, 16 Mar :59:42 GMT
Compact notation in Http header HTTP/ OK Date: Wed, 17 Mar :22:13 GMT Content-Length: 428 Content-Type: text/html Expires: Wed, 17 Mar :52:13 GMT Cache-Control: max-age=1800 Server: Microsoft-IIS/5.0 P3P: CP="CAO CURa ADMa PSAo PSDo IVAo IVDo OUR BUS PHY ONL PUR COM NAV INT DEM CNT STA PRE “ IISExport: This web site was exported using IIS Export v2.2 Content-Location: Last-Modified: Tue, 03 Jun :35:10
Example Policy File World Wide Web Consortium MIT/LCS 545 Technology Square Cambridge MA USA INRIA/Sophia Antipolis
… Continued 2004 Routes des Lucioles F Sophia Antipolis FRANCE Keio University Shonan Fujisawa Campus Endo, Fujisawa- shi, Kanagawa JAPAN site
… Continued site The Webmaster and our Communications Team will carefully consider the input and correct errors. If you discover privacy invasive behavior, please don't hesitate to contact us.
… Continued We collect normal Web-Logs. They are used for Server administration, Web protocol research, Statistics of usage and Security.
User Agent support IE 6.0 – supports compact notation only Netscape 7.0 – complete support for 1.0 AT&T Privacy bird plugin – 1.0 support
Validators (only game in town)
APPEL – A P3P Preference Exchange Language 1.0 (APPEL1.0) W3C working draft that specifies a language for describing sets of preferences about P3P policies. Rule-set for expressing P3P
P3P vs. OPS The Open Profiling Standard - proposal co-authored by Netscape, Firefly, and VeriSign. This specification proposed a means for the exchange of user profile information -- how to store and release, under the user's permission, data which is often requested or required by a Web site. Eventually, the P3P working groups decided not to include a data transfer protocol as part of P3Pv1.
P3P – Digital Signature assurance W3C Note – Not a specification The design philosophy and requirements of this specification are to: Define what it means for a P3P Policy to be assured via an XML Signature. Provide detached signatures for P3P Policies and Assurances.P3P PoliciesAssurances Enveloping signatures MAY contain the P3P Policy Reference. This can be convenient in that all the files are included together, but this has the following two disadvantages: the Signature is the root element, and XPointer is required to select portions of the document. EnvelopingPolicy Reference Enveloped signatures are prohibited by P3P's content model. Enveloped Be concise and unambiguous.
Critiques Weak on Company data Lack of Enforcement Policy changes do not reflect collected data
Future … Version 1.x Allow policy choice Explicit agreement Non repudiation (DSig?) CC/PP – now Device Independent WG Composite Capability Preference Profiles