Presentation is loading. Please wait.

Presentation is loading. Please wait.

An XPath-based Preference Language for P3P IBM Almaden Research Center Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu.

Published byRichard Bates Modified over 8 years ago

Similar presentations

Presentation on theme: "An XPath-based Preference Language for P3P IBM Almaden Research Center Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu."— Presentation transcript:

1 An XPath-based Preference Language for P3P IBM Almaden Research Center Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu

2 Growing Concern about Privacy “Privacy #1 issue in the 21Century” -Wall Street Journal, January 24, 2000 The issues of trust, privacy and security are generally believed to be the greatest barriers to widespread use of the Internet for commercial purposes.

3 What is P3P Current privacy policies are written by the lawyers, for the lawyers Current privacy policies are written by the lawyers, for the lawyers P3P solves this problem. P3P solves this problem. –Encodes policies in machine readable format (XML). –Goal: programatically match privacy policies with user preferences. –W3C recommendation (April 2002) Need preference language to make this work! Need preference language to make this work! –APPEL: W3C Draft –Unfortunately …

4 Outline Motivation Motivation Problems with APPEL Problems with APPEL Can these problems be fixed? Can these problems be fixed? An XPath-based preference language An XPath-based preference language Conclusion Conclusion

5 Context: P3P Policies......

6 Jack’s Simple Preference Only purposes “current” and “pseudo-analysis” are acceptable. Only purposes “current” and “pseudo-analysis” are acceptable. Will use this example to illustrate the problems with APPEL. Will use this example to illustrate the problems with APPEL.

7 Jack’s First Attempt The APPEL engine evaluates rule in order until one fires APPEL preferences are organized as a list of rules

8 Jack’s First Attempt Rule head: Specifies the outcome of the rule (request or block) Rule body: Specifies the structure and content of matching policies

9 Jack’s First Attempt Strictly access sites which collect personal information for purposes “current” and “pseudo-analysis” Logical connectives: Govern matching of subelements

10 Problem: Policies with Multiple Statements...... … … … … … … This statement will match, and the policy will be accepted. This statement (tele-marketing) is exactly what Jack tried to avoid by putting “or-exact” in purpose! Problem: A policy can have multiple statements, some of which may violate the user’s preference

11 Jack’s Second Attempt … … … … Use “and-exact” to ensure that each statement in the policy satisfies the condition Problem: The connective applies to the subelements of a STATEMENT, not to all statements in a policy

12 Jack’s Second Attempt … … … … Use “and-exact” to ensure that each statement in the policy satisfies the condition

13 Problem: POLICY has Multiple Subelements … … … … … … … Problem: POLICY has other subelements aside from STATEMENT

14 Key Point: Cannot Specify What is Acceptable … … … … … … … … There is no STATEMENTS tag in P3P (which could be used to specify a logical connective)

15 Jack spends quality time with the manuals … … figures out he can convert his preference into specifying what is unacceptable. … figures out he can convert his preference into specifying what is unacceptable.

16 Jack’s Third Attempt Convert positive preferences into negative preferences Note: Must enumerate all unacceptable purposes Problem: Does not block web sites that use extensions

17 How about a slightly more complex preference? Purposes “current” and “pseudo-analysis” are acceptable Purpose “individual-analysis” is also acceptable provided the recipient is “ours”

18 Negating Logical Expressions… First, have to negate the expression (since we can’t specify what is acceptable). First, have to negate the expression (since we can’t specify what is acceptable). –Forall (current OR … OR ( … AND … ) => accept Becomes: Becomes: –Exists !(current AND … and ( … OR … ) => block

19 Parse Tree of Expression Or And Purpose = “current” Purpose = “pseudo-analysis” Purpose = “individual-analysis” Recipient = “ours”

20 Negated Parse Tree of Expression And Or Purpose != “current” Purpose != “pseudo-analysis” Purpose != “individual-analysis” Recipient != “ours”

21 Parse Trees that can be Expressed in APPEL Statement connective Purpose connective Recipient connective current Individual-analysis Pseudo-analysis ours Logical expressions involving PURPOSE and RECIPIENT that can be expressed as a single APPEL rule Cannot express the desired condition as a single rule The condition can be expressed as multiple rules, but the translation is no longer a simple negation

22 Translation into APPEL Negations must be translated into enumerations

23 Recap: Problems With APPEL APPEL rules cannot be used to specify what is acceptable, only what is unacceptable APPEL rules cannot be used to specify what is acceptable, only what is unacceptable Logical expressions involving simple combinations of purpose, recipient and data are hard to express Logical expressions involving simple combinations of purpose, recipient and data are hard to express –APPEL logical connectives are tied to the structure of a policy Writing APPEL preferences is error prone, even for experts Writing APPEL preferences is error prone, even for experts –Errors in the APPEL working draft

24 Outline Overview of P3P and APPEL Overview of P3P and APPEL Problems with APPEL Problems with APPEL Can these problems be fixed? Can these problems be fixed? An XPath-based preference language An XPath-based preference language Conclusion Conclusion

25 New Operators Enumeration of unacceptable choices Enumeration of unacceptable choices –Can APPEL be fixed by adding new operators? Any-except logical connective Any-except logical connective –True if any element in the policy is not listed as a subelement in the rule

26 Any-except Operator: Helps for Example 1, but not Example 2 Lists acceptable choices Preferences involving logical operators over combinations of purpose, recipient, and data are still a problem

27 Modify P3P to Fix APPEL? … … … … Add a STATEMENTS tag to P3P policies to specify acceptable policies P3P is a W3C Recommendation and therefore hard to change Conditions over combinations of PURPOSE, RECIPIENT and DATA remain hard to express

28 Summary: Can the problems be fixed? Problems with APPEL are fundamental. Problems with APPEL are fundamental. Problems arise from the design choice to structure APPEL like P3P Problems arise from the design choice to structure APPEL like P3P Fixing APPEL would essentially mean designing a new language. Fixing APPEL would essentially mean designing a new language.

29 Outline Overview of P3P and APPEL Overview of P3P and APPEL Problems with APPEL Problems with APPEL Can these problems be fixed? Can these problems be fixed? An XPath-based preference language An XPath-based preference language Conclusion Conclusion

30 Language Design Goals At least as expressive as APPEL At least as expressive as APPEL –APPEL designers investigated requirements for a preference language Use, if possible, an existing language Use, if possible, an existing language –P3P is specified in an XML format –XPath is a query language for XML –XPath is a W3C Recommendation which is already used in a variety of available systems –Benefits from the rigorous work done on the design of XPath syntax and semantics

31 XPref Retain APPEL rule heads Retain APPEL rule heads Replace APPEL rule bodies with XPath Replace APPEL rule bodies with XPath –Using a strict subset of XPath 1.0 necessary for expressing preferences –Adding the XPath 2.0 “every” quantified expression to simplify expressing positive preferences

32 Negative Preferences in XPref <RULE behavior="block“ condition="/POLICY/STATEMENT [ PURPOSE/*[ name(.) = "individual-analysis"] and RECIPIENT/* [ name(.) != "ours"] ]" /> Block access to sites where the purpose is “individual-analysis” and the recipient is not “ours”

33 Positive Preferences in XPref <RULE behavior="request“ condition="/POLICY [ every $pname in STATEMENT/PURPOSE/* satisfies (name($pname) = "current" or name($pname) = "pseudo-analysis") ]" /> Access sites whose purposes for collecting information are strictly “current” or “pseudo- analysis”

34 Expressive Power Algorithm for converting APPEL to XPref Algorithm for converting APPEL to XPref

35 Conclusion P3P is currently the only standard for expressing privacy policies on the web P3P is currently the only standard for expressing privacy policies on the web To be successful, P3P needs a viable preference language To be successful, P3P needs a viable preference language XPref solves the problems of APPEL XPref solves the problems of APPEL XPref is based upon XPath which is an existing and successful standard XPref is based upon XPath which is an existing and successful standard An algorithm which translates XPref into APPEL is given in the paper An algorithm which translates XPref into APPEL is given in the paper Next step: make XPref a W3C recommendation Next step: make XPref a W3C recommendation

36 Policy-Preference Matching Web Server Browser request policy 1 send policy 2 request web page if policy conforms to preference 5 policy and user preference 3 result of matching 4 APPEL Engine

37 P3P Adoption Year Sites posting P3P policies among 100 most popular sites 199845% 199985% 200097% 200199%

Download ppt "An XPath-based Preference Language for P3P IBM Almaden Research Center Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu."

Similar presentations

XML-XSL Introduction SHIJU RAJAN SHIJU RAJAN Outline Brief Overview Brief Overview What is XML? What is XML? Well Formed XML Well Formed XML Tag Name.

XML-XSL Introduction SHIJU RAJAN SHIJU RAJAN Outline Brief Overview Brief Overview What is XML? What is XML? Well Formed XML Well Formed XML Tag Name.
U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.

U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.
 Fundamentals of Web Design.  Describe the history and theory of XHTML  Understand the rules for creating valid XHTML documents  Apply a DTD to an.

 Fundamentals of Web Design.  Describe the history and theory of XHTML  Understand the rules for creating valid XHTML documents  Apply a DTD to an.
CHAPTER 30 THE HTML 5 FORMS PROCESSING. LEARNING OBJECTIVES What the three form elements are How to use the HTML 5 tag to specify a list of words’ form.

CHAPTER 30 THE HTML 5 FORMS PROCESSING. LEARNING OBJECTIVES What the three form elements are How to use the HTML 5 tag to specify a list of words’ form.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
Pranam Kolari – Policy 2005 Enhancing Web Privacy Protection Through Declarative Policies Pranam Kolari 1 Li Ding 1, Lalana Kagal 2, Shashi Ganjugunte.

Pranam Kolari – Policy 2005 Enhancing Web Privacy Protection Through Declarative Policies Pranam Kolari 1 Li Ding 1, Lalana Kagal 2, Shashi Ganjugunte.
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.

Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.
NaLIX: A Generic Natural Language Search Environment for XML Data Presented by: Erik Mathisen 02/12/2008.

NaLIX: A Generic Natural Language Search Environment for XML Data Presented by: Erik Mathisen 02/12/2008.
CSE 190: Internet E-Commerce Lecture 17: XML, XSL.

CSE 190: Internet E-Commerce Lecture 17: XML, XSL.
Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.

Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.
IS 373—Web Standards Todd Will

IS 373—Web Standards Todd Will
Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu Presented by Yajie Zhu 03/24/2005.

Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu Presented by Yajie Zhu 03/24/2005.
Tutorial 9 Working with XHTML. XP Objectives Describe the history and theory of XHTML Understand the rules for creating valid XHTML documents Apply a.

Tutorial 9 Working with XHTML. XP Objectives Describe the history and theory of XHTML Understand the rules for creating valid XHTML documents Apply a.
Creating a Well-Formed Valid Document. 2 Objectives Introducing XHTML Creating a Well-Formed Document Creating a Valid Document Creating an XHTML Document.

Creating a Well-Formed Valid Document. 2 Objectives Introducing XHTML Creating a Well-Formed Document Creating a Valid Document Creating an XHTML Document.
Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.

Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.
Chapter 1 Understanding the Web Design Environment

Chapter 1 Understanding the Web Design Environment
Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.

Enterprise Privacy Promises and Enforcement Adam Barth John C. Mitchell.
Chapter 2: Algorithm Discovery and Design

Chapter 2: Algorithm Discovery and Design
Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.

Hippocratic Databases Paper by Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu CS 681 Presented by Xi Hua March 1st,Spring05.

Similar presentations

Ads by Google