The platform for privacy preferences

Reagle, Joseph; Cranor, Lorrie Faith

doi:10.1145/293411.293455

Cited by 239 publications

(81 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To address this limitation, many logics and languages have been proposed for specifying privacy policies. Some examples are P3P [48,49], EPAL [50,51], Privacy APIs [52], LPU [53,54], past-only fragment of first-order temporal logic (FOTL) [10,11], predLTL [55], pLogic [56], PrivacyLFP [12], MFOTL [5][6][7], the guarded fragment of first-order logic with explicit time [4], and P-RBAC [57]. Our policy language, GMP, is more expressive than many existing policy languages such as LPU [53,54], P3P [48,49], EPAL [50,51], and P-RBAC [57].…”

Section: Related Workmentioning

confidence: 99%

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

Fragments of first-order temporal logic are useful for representing many practical privacy and security policies. Past work has proposed two strategies for checking event trace (audit log) compliance with policies: online monitoring and offline audit. Although online monitoring is space-and timeefficient, existing techniques insist that satisfying instances of all subformulas of the policy be amenable to caching, which limits expressiveness when some subformulas have infinite support. In contrast, offline audit is brute force and can handle more policies but is not as efficient. This paper proposes a new online monitoring algorithm that caches satisfying instances when it can, and falls back to the brute force search when it cannot. Our key technical insight is a new flowand time-sensitive static check of variable groundedness, called the temporal mode check, which determines subformulas for which such caching is feasible and those for which it is not and, hence, guides our algorithm. We prove the correctness of our algorithm and evaluate its performance over synthetic traces and realistic policies.

show abstract

Section: Related Workmentioning

confidence: 99%

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Chowdhury

Jia

Garg³

et al. 2014

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…The Platform for Privacy Preferences (P3P) is a privacy language intended for use by web site operators in informing their visitors of their data practices [16,34]. P3P contains only positive norms and very restricted temporal conditions.…”

Section: Platform For Privacy Preferencesmentioning

confidence: 99%

“…A number of frameworks for defining and enforcing access control and privacy policies have been proposed, including RBAC [12,14,25], EPAL [7,8,38], and P3P [1,2,13,15,16,34]. In comparison with access control and previous privacy policy frameworks, our norms focus on who personal information is about, how it is transmitted, and past and future actions by both the subject and the users of the information.…”

Section: Introductionmentioning

confidence: 99%

Privacy and contextual integrity: framework and applications

Barth

Datta

Mitchell

et al. 2006

2006 IEEE Symposium on Security and Privacy (S&P'06)

335

288

View full text Add to dashboard Cite

Contextual integrity is a conceptual framework for understanding privacy expectations and their implications developed in the literature on law, public policy, and political philosophy. We formalize some aspects of contextual integrity in a logical framework for expressing and reasoning about norms of transmission of personal information. In comparison with access control and privacy policy frameworks such as RBAC, EPAL, and P3P, these norms focus on who personal information is about, how it is transmitted, and past and future actions by both the subject and the users of the information. Norms can be positive or negative depending on whether they refer to actions that are allowed or disallowed. Our model is expressive enough to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA. A number of important problems regarding compliance with privacy norms, future requirements associated with specific actions, and relations between policies and legal standards reduce to standard decision procedures for temporal logic.

show abstract

“…To clarify the scope of our work, we first demonstrate how our intents differ from and complement those found in the established privacy standard P3P [6]. We then analyze two ARP implementations and show their limits by means of an e-commerce scenario.…”

Section: Related Work and State Of The Artmentioning

confidence: 99%

Using XACML for Privacy Control in SAML-Based Identity Federations

Hommel

2005

Communications and Multimedia Security

View full text Add to dashboard Cite

Abstract. With Federated Identity Management (FIM) protocols, service providers can request user attributes, such as the billing address, from the user's identity provider. Access to this information is managed using so-called Attribute Release Policies (ARPs). In this paper, we first analyze various shortcomings of existing ARP implementations; then, we demonstrate that the eXtensible Access Control Markup Language (XACML) is very suitable for the task. We present an architecture for the integration of XACML ARPs into SAML-based identity providers and specify the policy evaluation workflows. We also introduce our implementation and its integration into the Shibboleth architecture.

show abstract

The platform for privacy preferences

Abstract: Web sites can bolster user confidence by clarifying their privacy practices upfront, allowing visitors to become active players in the decision-waking process. NTERNET USHRS ARE CONCERNED ABOUT 48 FebFu.iry I 999/Vol 41, No 2 COMMUNICATIONS OF THE ACM

Cited by 239 publications

References 2 publications

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Temporal Mode-Checking for Runtime Monitoring of Privacy Policies

Privacy and contextual integrity: framework and applications

Using XACML for Privacy Control in SAML-Based Identity Federations

Contact Info

Product

Resources

About