SWS '04 Proceedings of the 2004 workshop on Secure web service
A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations
ACM Transactions on the Web (TWEB)
Privacy-Preserving database systems
Foundations of Security Analysis and Design III
Privacy assurance: bridging the gap between preference and practice
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Understanding privacy policies
Empirical Software Engineering
Hi-index | 0.00 |
This paper describes experiences gained from development of a fully compliant implementation of the W3C's XML based P3P standard. P3P aims to make privacy policies of web sites transparent for automated agents, and thereby to improve transactions of personal data on the Internet. We look at some of the most important issues that have arisen from our development work, including problems with the privacy preference standard, APPEL, before concentrating on issues related to end user assurance. We look at P3P usage scenarios to show that the current P3P standard has weaknesses in this area. The paper then considers possible extensions to P3P, which could provide greater assurance to end users and facilitate dispute resolution. In particular, we present an overview of a way for increasing assurance of a privacy policy's validity using signed XML.