ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
An XPath-based preference language for P3P
WWW '03 Proceedings of the 12th international conference on World Wide Web
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Translating Privacy Practices into Privacy Promises—How to Promise What You Can Keep
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Web Privacy with P3p
Inside JetBlue's Privacy Policy Violations
IEEE Security and Privacy
Platform for enterprise privacy practices: privacy-enabled management of customer data
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Super-sticky and declassifiable release policies for flexible information dissemination control
Proceedings of the 5th ACM workshop on Privacy in electronic society
A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future
IEEE Transactions on Dependable and Secure Computing
Towards the development of privacy-aware systems
Information and Software Technology
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Enforcing P3P policies using a digital rights management system
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
A purpose-based privacy-aware system using privacy data graph
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
A formal P3P semantics for composite services
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Conformance verification of privacy policies
WS-FM'10 Proceedings of the 7th international conference on Web services and formal methods
Representing web service policies in OWL-DL
ISWC'05 Proceedings of the 4th international conference on The Semantic Web
Formalizing and reasoning with p3p policies using a semantic web ontology
MIWAI'11 Proceedings of the 5th international conference on Multi-Disciplinary Trends in Artificial Intelligence
Refinement checking for privacy policies
Science of Computer Programming
Context management for m-commerce applications: determinants, methodology and the role of marketing
Information Technology and Management
Privacy by design: a formal framework for the analysis of architectural choices
Proceedings of the third ACM conference on Data and application security and privacy
Understanding privacy policies
Empirical Software Engineering
Hi-index | 0.00 |
The Platform for Privacy Preferences (P3P), developed by the W3C, provides an XML-based language for websites to encode their data-collection and data-use practices in a machine-readable form. To fully deploy P3P in enterprise information systems and over the Web, a well-defined semantics for P3P policies is a must, which is lacking in the current P3P framework. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents; it is difficult to determine whether a P3P policy is indeed enforced by an enterprise; and privacy policies from different corporations cannot be formally compared before information exchange. In this paper, we propose a relational formal semantics for P3P policies, which precisely and intuitively models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions) during online information collection.The proposed formal semantics is an important step towards improving P3P, making it more appropriate to be integrated with business practice and ultimately accelerating the large-scale adoption of P3P across the Internet.