240 likes | 346 Views
P3P - Platform for Privacy Preference. Barkha J. Herman Florida Atlantic University. Introduction. W3C Emerging standard Allows users to control how personal info is used by web sites Uses XML and RDF to express policies HTTP for transport. Background . Recommendation proposed by W3C
E N D
P3P - Platform for Privacy Preference Barkha J. Herman Florida Atlantic University
Introduction • W3C Emerging standard • Allows users to control how personal info is used by web sites • Uses XML and RDF to express policies • HTTP for transport
Background • Recommendation proposed by W3C • Issue with usage of cookies / data collection by web sites. • Working group est. 1997. • Specification 1.0 published April 2002 • Future – CC/PP, XML Signatures.
Why P3P? • Privacy - top concern of individuals • Privacy issues impeding growth • Early attempts on disclosure lengthy and confusing • Need for consistency, simplicity, transparency • Global solution for global market
What does it address? • Who is collecting this data? • Exactly what information is being collected? • For what purposes? • Which information is being shared with others? • And who are these data recipients? • Can users make changes in how their data is used? • How are disputes resolved? • What is the policy for retaining data? • And finally, where can the detailed policies be found in "human readable" form?
How does it work • Policies are expressed in XML – machine readable • Policies are transferred over HTTP • Retrieval can be automated • Policy verification is seamless • Privacy Reports are viewable by client – human readable
Enabling – Server side • Create a policy file • Publish it in the default directory (/w3c/p3p.xml) • Optionally, include reference in the HTTP header • Optionally, include compact notation in the http header
Enabling – Client side • User Agent checks for policy • User agent compares against set policy • If match, user agent gets page and displays • If no match, page (or cookie) is rejected • User Agent displays privacy report
P3P reference in http header HTTP/1.1 200 OK Date: Wed, 17 Mar 2004 20:23:59 GMT Server: Apache/1.3.28 (Unix) PHP/4.2.3 Content-Location: Overview.html Vary: negotiate,accept TCN: choice P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml" Cache-Control: max-age=600 Expires: Wed, 17 Mar 2004 20:33:59 GMT Last-Modified: Tue, 16 Mar 2004 14:59:42 GMT
Compact notation in Http header HTTP/1.0 200 OK Date: Wed, 17 Mar 2004 20:22:13 GMT Content-Length: 428 Content-Type: text/html Expires: Wed, 17 Mar 2004 20:52:13 GMT Cache-Control: max-age=1800 Server: Microsoft-IIS/5.0 P3P: CP="CAO CURa ADMa PSAo PSDo IVAo IVDo OUR BUS PHY ONL PUR COM NAV INT DEM CNT STA PRE“ IISExport: This web site was exported using IIS Export v2.2 Content-Location: http://www.oldnavy.com/taghtml/default.html Last-Modified: Tue, 03 Jun 2003 20:35:10
Example Policy File <?xml version="1.0" ?> <POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1"> <EXPIRYmax-age="604800" /> <POLICY name="public" discuri="http://www.w3.org/Consortium/Legal/privacy-statement#Public"> <ENTITY> <DATA-GROUP> <DATA ref="#business.name">World Wide Web Consortium</DATA> <DATA ref="#business.contact-info.postal.name">MIT/LCS</DATA> <DATA ref="#business.contact-info.postal.street">545 Technology Square</DATA> <DATA ref="#business.contact-info.postal.postalcode">02143</DATA> <DATA ref="#business.contact-info.postal.city">Cambridge MA</DATA> <DATA ref="#business.contact-info.postal.country">USA</DATA> <DATA ref="#business.contact-info.postal.name">INRIA/Sophia Antipolis</DATA>
…Continued <DATA ref="#business.contact-info.postal.street">2004 Routes des Lucioles</DATA> <DATA ref="#business.contact-info.postal.postalcode">F-06902</DATA> <DATA ref="#business.contact-info.postal.city">Sophia Antipolis</DATA> <DATA ref="#business.contact-info.postal.country">FRANCE</DATA> <DATA ref="#business.contact-info.postal.name">Keio University</DATA> <DATA ref="#business.contact-info.postal.street">Shonan Fujisawa Campus</DATA> <DATA ref="#business.contact-info.postal.postalcode">252-8520</DATA> <DATA ref="#business.contact-info.postal.city">5322 Endo, Fujisawa-shi, Kanagawa</DATA> <DATA ref="#business.contact-info.postal.country">JAPAN</DATA> <DATA ref="#business.contact-info.online.email">site-policy@w3.org</DATA> <DATA ref="#business.contact-info.telecom.telephone.intcode">1</DATA> <DATA ref="#business.contact-info.telecom.telephone.loccode">617</DATA> <DATA ref="#business.contact-info.telecom.telephone.number">2532613</DATA>
…Continued <DATA ref="#business.contact-info.online.email">site-policy@w3.org</DATA> <DATA ref="#business.contact-info.online.uri">http://www.w3.org/</DATA> <DATA ref="#business.contact-info.telecom.telephone.intcode">1</DATA> <DATA ref="#business.contact-info.telecom.telephone.loccode">617</DATA> <DATA ref="#business.contact-info.telecom.telephone.number">2532613</DATA> </DATA-GROUP> </ENTITY> <ACCESS> <nonident/> </ACCESS> <DISPUTES-GROUP> <DISPUTES resolution-type="service" service="http://www.w3.org/" short-description="site-policy@w3.org"> <LONG-DESCRIPTION>The Webmaster and our Communications Team will carefully consider the input and correct errors. If you discover privacy invasive behavior, please don't hesitate to contact us.</LONG-DESCRIPTION>
…Continued <<IMGsrc="http://www.w3.org/Icons/WWW/w3c_home" width="72" height="48" alt="Logo World Wide Web Consortium" /> <REMEDIES><correct/></REMEDIES></DISPUTES></DISPUTES-GROUP> <STATEMENT> <CONSEQUENCE>We collect normal Web-Logs. They are used for Server administration, Web protocol research, Statistics of usage and Security.</CONSEQUENCE> <PURPOSE><current/><admin/><develop/></PURPOSE> <RECIPIENT><ours/></RECIPIENT> <RETENTION><indefinitely/> </RETENTION> <DATA-GROUP> <DATAref="#dynamic.clickstream" /> <DATAref="#dynamic.http.useragent" /> <DATAref="#dynamic.http.referer" /> </DATA-GROUP> </STATEMENT> </POLICY> </POLICIES>
User Agent support • IE 6.0 – supports compact notation only • Netscape 7.0 – complete support for 1.0 • AT&T Privacy bird plugin – 1.0 support
Editors • P3PEdit • P3PEditor • PrivacyBot • Privacy Policy Editor – web based • AlphaWorks P3P Editor
Validators • http://www.w3.org/P3P/validator.html (only game in town)
APPEL –A P3P Preference Exchange Language 1.0 (APPEL1.0) • W3C working draft that specifies a language for describing sets of preferences about P3P policies. • Rule-set for expressing P3P <appel:RULE behavior="request" description="My Bank collects data only for itself and its agents"> <appel:REQUEST-GROUP> <appel:REQUEST uri="http://www.my-bank.com/*"/> </appel:REQUEST-GROUP> <p3p:POLICY> <p3p:STATEMENT> <p3p:RECIPIENT appel:connective="or-exact"> <p3p:ours/> </p3p:RECIPIENT> </p3p:STATEMENT> </p3p:POLICY> </appel:RULE>
P3P vs. OPS • The Open Profiling Standard - proposal co-authored by Netscape, Firefly, and VeriSign. • This specification proposed a means for the exchange of user profile information -- how to store and release, under the user's permission, data which is often requested or required by a Web site. • Eventually, the P3P working groups decided not to include a data transfer protocol as part of P3Pv1.
P3P –Digital Signature assurance • W3C Note – Not a specification The design philosophy and requirements of this specification are to: • Define what it means for a P3P Policy to be assured via an XML Signature. • Provide detached signatures for P3P Policies and Assurances. • Enveloping signatures MAY contain the P3P Policy Reference. This can be convenient in that all the files are included together, but this has the following two disadvantages: the Signature is the root element, and XPointer is required to select portions of the document. • Enveloped signatures are prohibited by P3P's content model. • Be concise and unambiguous.
Critiques • Weak on Company data • Lack of Enforcement • Policy changes do not reflect collected data
Future… • Version 1.x • Allow policy choice • Explicit agreement • Non repudiation (DSig?) • CC/PP – now Device Independent WG • Composite Capability Preference Profiles