Implementing P3P using database technology

Platform for privacy preferences (P3P) is the most significant effort currently underway to enable Web users to gain control over their private information. P3P provides mechanisms for Web site owners to express their privacy policies in a standard format that a user can programmatically check against her privacy preferences to decide whether to release her data to the Web site. We discuss architectural alternatives for implementing P3P and present a server-centric implementation that reuses database querying technology, as opposed to the prevailing client-centric implementations based on specialized engines. Not only does the proposed implementation have qualitative advantages, our experiments indicate that it performs significantly better than the sole public-domain client-centric implementation and that the latency introduced by preference matching is small enough for real-world deployments of P3P.

[1]  Arnaud Sahuguet,et al.  XML and Data Management , 2002 .

[2]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[3]  Alin Deutsch,et al.  Storing semistructured data with STORED , 1999, SIGMOD '99.

[4]  Menzo Windhouwer,et al.  Efficient Relational Storage and Retrieval of XML Documents , 2000, WebDB.

[5]  R. Acevedo,et al.  Research report , 1967, Revista odontologica de Puerto Rico.

[6]  Vishu Krishnamurthy,et al.  Performance Challenges in Object-Relational DBMSs , 1999, IEEE Data Eng. Bull..

[7]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[8]  Eugene J. Shekita,et al.  Querying XML Views of Relational Data , 2001, VLDB.

[9]  Jennifer Widom,et al.  An overview of production rules in database systems , 1993, The Knowledge Engineering Review.

[10]  A. Froomkin The Death of Privacy? , 2000 .

[11]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[12]  Michael J. Carey,et al.  XPERANTO: Publishing Object-Relational Data as XML , 2000, WebDB.

[13]  Jeffrey F. Naughton,et al.  A general technique for querying XML documents using a relational database system , 2001, SGMD.

[14]  Kyuseok Shim,et al.  Storage and retrieval of XML data using relational databases , 2001, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[15]  S. Boag,et al.  XQuery 1.0 : An XML query language, W3C Working Draft 12 November 2003 , 2003 .

[16]  Mark S. Ackerman,et al.  Beyond Concern: Understanding Net Users' Attitudes About Online Privacy , 1999, ArXiv.

[17]  David J. DeWitt,et al.  Relational Databases for Querying XML Documents: Limitations and Opportunities , 1999, VLDB.

[18]  Ahmad Ashari,et al.  Storing And Querying XML Data Using RDBMS , 2004, iiWAS.