Privacy-preserving global customization

We present an architecture for global customization of web content, by which a web site can customize content for each visitor based on the activities undertaken by the same user on other, unrelated sites. Our architecture distinguishes itself in the privacy mechanisms it provides: each user controls what information a merchant can learn about her activities at other merchants, and each merchant controls to what other merchants the information it contributes is revealed. To achieve this we introduce novel data protection mechanisms for merchants and users. We further describe aspects of a prototype implementation of our architecture.

[1]  David Mazières,et al.  The design, implementation and operation of an email pseudonym server , 1998, CCS '98.

[2]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[3]  Lawrence C. Stewart,et al.  Designing Systems for Internet Commerce , 1998 .

[4]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[5]  Lorrie Faith Cranor,et al.  The platform for privacy preferences , 1999, CACM.

[6]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[7]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[8]  John B. Lacy CryptoLib: Cryptography in Software , 1993, USENIX Security Symposium.

[9]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[10]  Dan S. Wallach,et al.  Web Spoofing: An Internet Con Game , 1997 .

[11]  Yossi Matias,et al.  On secure and pseudonymous client-relationships with multiple servers , 1998, TSEC.

[12]  Ibrahim Cingil,et al.  A broader approach to personalization , 2000, CACM.

[13]  Aviel D. Rubin,et al.  Risks of the Passport single signon protocol , 2000, Comput. Networks.