Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Privacy preserving mining of association rules
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Web Privacy with P3p
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
On the value of private information
TARK '01 Proceedings of the 8th conference on Theoretical aspects of rationality and knowledge
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Watermarking relational databases
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Managing healthcare data hippocratically
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Enterprise privacy promises and enforcement
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Extending Context Models for Privacy in Pervasive Computing Environments
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
Determining user privacy preferences by asking the right questions: an automated approach
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
SWS '04 Proceedings of the 2004 workshop on Secure web service
Enabling the 21st century health care information technology revolution
Communications of the ACM - Spam and the ongoing battle for the inbox
Consistent privacy preferences (CPP): model, semantics, and properties
Proceedings of the 2008 ACM symposium on Applied computing
A citizen privacy protection model for e-government mashup services
dg.o '08 Proceedings of the 2008 international conference on Digital government research
A privacy-aware access control system
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Towards the development of privacy-aware systems
Information and Software Technology
A Privacy-Protecting Business-Analytics Service for On-Line Transactions
International Journal of Electronic Commerce
Dynamic inference control in privacy preference enforcement
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations
ACM Transactions on the Web (TWEB)
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Privacy protection in government mashups
Information Polity - Government Information Sharing and Integration: Combining the Social and the Technical. Papers from the 9th International Conference on Digital Government Research (d.g.o.2008)
A Formalization of HIPAA for a Medical Messaging System
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
XML-based access control languages
Information Security Tech. Report
Strong and weak policy relations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
A purpose-based privacy-aware system using privacy data graph
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
Enhancing user privacy through data handling policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Privacy-Preserving trust negotiations
PET'04 Proceedings of the 4th international conference on Privacy Enhancing Technologies
Privacy-Preserving database systems
Foundations of Security Analysis and Design III
Privacy friendly information disclosure
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Context obfuscation for privacy via ontological descriptions
LoCA'05 Proceedings of the First international conference on Location- and Context-Awareness
Auditing and inference control for privacy preservation in uncertain environments
EuroSSC'06 Proceedings of the First European conference on Smart Sensing and Context
Privacy in the electronic society
ICISS'06 Proceedings of the Second international conference on Information Systems Security
User controllable security and privacy for mobile mashups
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
Understanding privacy policies
Empirical Software Engineering
A privacy framework for the personal web
The Personal Web
Hi-index | 0.00 |
The Platform for Privacy Preferences (P3P) is the most significant effort currently underway to enable web users to gain control over their private information. The designers of P3P simultaneously designed a preference language called APPEL to allow users to express their privacy preferences, thus enabling automatic matching of privacy preferences against P3P policies. Unfortunately subtle interactions between P3P and APPEL result in serious problems when using APPEL: Users can only directly specify what is unacceptable in a policy, not what is acceptable; simple preferences are hard to express; and writing APPEL preferences is error prone. We show that these problems follow from a fundamental design choice made by APPEL, and cannot be solved without completely redesigning the language. Therefore we explore alternatives to APPEL that can overcome these problems. In particular, we show that XPath serves quite nicely as a preference language and solves all the above problems. We identify the minimal subset of XPath that is needed, thus allowing matching programs to potentially use a smaller memory footprint. We also give an APPEL to XPath translator that shows that XPath is as expressive as APPEL.