Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
897
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • P3P enables Web sites to translate their privacy practices into a standardized, machine-readable format (Extensible Markup Language XML) that can be retrieved automatically and easily interpreted by a user's browser. Translation can be performed manually or with automated tools. Once completed, simple server configurations enable the Web site to automatically inform visitors that it supports P3P. See the P3P technical report for complete technical specifications.
  • On the user side, P3P clients automatically fetch and read P3P privacy policies on Web sites. A user's browser equipped for P3P can check a Web site's privacy policy and inform the user of that site's information practices. The browser could then automatically compare the statement to the privacy preferences of the user, self-regulatory guidelines, or a variety of legal standards from around the world. P3P client software can be built into a Web browser, plug-ins, or other software.
  • As an introduction to P3P, let us consider one common scenario that makes use of P3P. Claudia has decided to check out a store called CatalogExample, located at http://www.catalog.example.com/. Let us assume that CatalogExample has placed P3P policies on all their pages, and that Claudia is using a Web browser with P3P built in. Claudia types the address for CatalogExample into her Web browser. Her browser is able to automatically fetch the P3P policy for that page. The policy states that the only data the site collects on its home page is the data found in standard HTTP access logs. Now Claudia's Web browser checks this policy against the preferences Claudia has given it. Is this policy acceptable to her, or should she be notified? Let's assume that Claudia has told her browser that this is acceptable. In this case, the homepage is displayed normally, with no pop-up messages appearing. Perhaps her browser displays a small icon somewhere along the edge of its window to tell her that a privacy policy was given by the site, and that it matched her preferences. Next, Claudia clicks on a link to the site's online catalog. The catalog section of the site has some more complex software behind it. This software uses cookies to implement a "shopping cart" feature. Since more information is being gathered in this section of the Web site, the Web server provides a separate P3P policy to cover this section of the site. Again, let's assume that this policy matches Claudia's preferences, so she gets no pop-up messages. Claudia continues and selects a few items she wishes to purchase. Then she proceeds to the checkout page. The checkout page of CatalogExample requires some additional information: Claudia's name, address, credit card number, and telephone number. Another P3P policy is available that describes the data that is collected here and states that her data will be used only for completing the current transaction, her order. Claudia's browser examines this P3P policy. Imagine that Claudia has told her browser that she wants to be warned whenever a site asks for her telephone number. In this case, the browser will pop up a message saying that this Web site is asking for her telephone number, and explaining the contents of the P3P statement. Claudia can then decide if this is acceptable to her. If it is acceptable, she can continue with her order; otherwise she can cancel the transaction. Alternatively, Claudia could have told her browser that she wanted to be warned only if a site is asking for her telephone number and was going to give it to third parties and/or use it for uses other than completing the current transaction. In that case, she would have received no prompts from her browser at all, and she could proceed with completing her order. Note that this scenario describes one hypothetical implementation of P3P. Other types of user interfaces are also possible.

Transcript

  • 1. WS-Privacy Paul Bui Ryan Dickey
  • 2. Agenda
    • WS-Privacy
    • Introduction to P3P
    • How P3P Works
    • P3P Details
    • A P3P Scenario
    • Conclusion
    • References
  • 3. Introduction to WS-Privacy
    • Organizations create, manage and use web services
    • These organizations need to state their privacy policies
    • They also need to require that incoming requests adhere to these policies
  • 4. P3P Still Under Development
    • The specification will describe a model for how a privacy language may be embedded into WS-Policy descriptions
    • WS-Security will associate privacy claims with a message
    • WS-Trust mechanisms can be used to evaluate these privacy claims for both user preferences and organizational practice claims
  • 5. New Name!
    • WS-Privacy is currently implemented as the Platform for Privacy Preferences Project 1.0 Specification (P3P1.0)
    • This provides a model for how privacy preferences and organizational privacy practices are conveyed.
  • 6. Platform for Privacy Preferences Project
    • Also known as P3P
    • A simple, automated way for users to gain more control over the use of their personal information on websites
    • Basically a set of multiple-choice questions covering all major aspects of a website’s privacy policies
  • 7. How P3P Works
    • P3P-enabled websites state their privacy policies in a standard, machine-readable format (XML)
    • P3P-enabled browsers can "read" this snapshot automatically and compare it to the consumer's own set of privacy preferences
  • 8. Making Your Website P3P Compliant
  • 9. An HTTP Transaction With P3P Added
  • 10. A P3P Scenario P3P Policy homepage catalog checkout
  • 11. P3P Policy Elements
    • <ENTITY> gives a precise description of the legal entity making the representation of the privacy practices.
    • <ACCESS> indicates whether the site provides access to various kinds of information.
  • 12. P3P Policy Elements cont’d
    • <DISPUTES> describes dispute resolution procedures that may be followed for disputes about a services' privacy practices, or in case of protocol violation.
    • Each <DISPUTES> element SHOULD contain a <REMEDIES> element that specifies the possible remedies in case a policy breach occurs.
  • 13. P3P Policy Elements (cont’d)
    • <STATEMENT> is a container that groups together a <PURPOSE>, a <RECIPIENT>, a <RETENTION>, a <DATA-GROUP>, and optionally a <CONSEQUENCE>
    • A statement concerns the data practices as applied to data elements (e.g., data collection)
  • 14. P3P Policy Elements cont’d
    • A <STATEMENT> may contain <NON-IDENTIFIABLE>, signifying that there is no data collected under this <STATEMENT>, or that all of the data referenced by that <STATEMENT> will be anonymized upon collection
    • <CONSEQUENCE> explains why the suggested practice may be valuable in a particular instance
  • 15. P3P Policy Elements cont’d
    • A <PURPOSE> must contain one or more purposes for data collection
    • E.g.
      • <current/> to complete current activity (e.g. web search results)
      • <admin/> to administrate the site
      • <historical/> historical preservation
      • <telemarketing/> used to contact individual about promotions and etc.
  • 16. P3P Policy Elements cont’d
    • <RECEPIENT> is the legal entity, or domain, beyond the service provider and its agents where data may be distributed
    • <RETENTION> is the type of retention policy of the data
      • <no-retention/>
      • <indefinitely/>
  • 17. P3P Policy Elements cont’d
    • <CATEGORIES> are elements inside data elements that provide hints to users and user agents as to the intended uses of the data.
      • <physical/> physical contact info
      • <online/> online contact info
      • <purchase/> method of payment
      • <demographic/> gender, age, income, etc.
      • <health/> to aid purchasing of healthcare products
      • etc.
  • 18. P3P Example
    • http://www.w3.org/TR/P3P/ #Example_policy
      • a step by step example of implementing p3p
  • 19. P3P-Enabled Examples
    • Yahoo!
    • About
    • Angelfire
    • Dell
    • Netscape 7
    • IE 6 (cookie element only)
  • 20. Demo 1
    • Show the P3P documents in action at a live site
  • 21. Demo 2
    • Show the P3P policies in action at a live site
    • Demonstrate a policy of requiring cookies to be enabled (e.g., PayPal) running against a browser with cookie settings turned on and off
  • 22. P3P Adoption
    • Ernst & Young report (Jan. 2004) on P3P adoption rates:
    • 23% of the Top 500 web domains
    • 31% of the Top 100 web domains
    • 50% of the top health domains
    • 64% of the top ___ domains
  • 23. P3P Caveats
    • P3P does not enforce adherence to privacy policies
    • P3P cannot monitor whether sites adhere to their own stated practices
    • Thus users do not know whether their policy preferences are actually being enforced
  • 24. Conclusion
    • P3P is a system for making Web site privacy policies machine-readable
    • P3P enhances user control by putting privacy policies where users can find them, in a form users can understand, and enables users to act on what they see. (e.g., a popup)
  • 25. Primary References
    • http://www.w3.org/P3P/
      • the comprehensive page for P3P
    • http://www.w3.org/TR/P3P/
      • the current P3P technical specification
  • 26. Secondary References
    • http:// www.serviceoriented.org / ws-privacy.html
      • a summary of WS-privacy
    • http://wdvl.internet.com/Internet/Security/P3P/
      • a sample P3P page
    • http://www.ey.com/global/download.nsf/US/P3P_Dashboard_-_January_2004/$file /E&YTop500P3PDashboard.pdf
      • statistical information
  • 27. Tools
    • tool1
    • tool2
    • tool3