POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Amending P3P for Clearer Privacy Promises
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
SWS '04 Proceedings of the 2004 workshop on Secure web service
The Description Logic Handbook
The Description Logic Handbook
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A formal P3P semantics for composite services
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Representing and reasoning about privacy abstractions
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
| Hi-index | 0.00 |
Privacy has become a crucial issue in the online services realm. P3P policy, which is a privacy policy, enables websites to express their privacy practices so that users can be well-informed about the data collection and its usage. Besides, this privacy policy can be checked against its users' privacy preferences to help decide whether or not the service should be used. However, the interpretation of a P3P policy is unwieldy due to the lack of a precise semantics of its descriptions and constraints. For instance, it is admissible to have purpose and recipient values that have inconsistent meaning. There is a need for an explicit formal semantics for P3P policy to mitigate this problem. In this paper, we propose to use an OWL ontology to systematically and precisely describe the structures and constraints inherent in the P3P specification. Additional constraints are also defined and incorporated into the ontology in such a way that P3P policy verification can be automated with the help of an OWL reasoner.