Consistent privacy preferences (CPP): model, semantics, and properties

The Platform for Privacy Preferences (P3P) is a W3C specification that can be used to build useful protocols and services for protecting user privacy on the semantic Web. An outstanding issue is the need for a simple and efficient representation and management of consistent sets of rules for user privacy preferences. Thus we describe a model for privacy preference representation and management that has a number of desirable properties which are lacking in privacy preference models proposed thus far. We detail semantics and properties of matching preference rules with requests. We specify the properties of a consistent set of privacy preferences, and propose maintenance operations. Finally, we describe an implementation of our proposal that uses OWL (Web Ontology Language) and the Jena reasoning engine to illustrate the practicality of managing consistent user preferences in privacy rule-sets. An important advantage of our approach is that the user is encouraged to clarify privacy preferences as he/she modifies them as part of a back-end management task, as opposed to mainly at website interaction times.

[1]  Peter Bodorik,et al.  Sociotechnical architecture for online privacy , 2005, IEEE Security & Privacy Magazine.

[2]  Peter Bodorik,et al.  PeCAN: An architecture for users' privacy-aware electronic commerce contexts on the semantic web , 2006, Inf. Syst..

[3]  Michael Backes,et al.  Efficient comparison of enterprise privacy policies , 2004, SAC '04.

[4]  John C. Mitchell,et al.  Enterprise privacy promises and enforcement , 2005, WITS '05.

[5]  Li Ding,et al.  Enhancing Web privacy protection through declarative policies , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[6]  Lorrie Faith Cranor,et al.  P3P: Making Privacy Policies More Useful , 2003, IEEE Secur. Priv..

[7]  Ramakrishnan Srikant,et al.  An XPath-based preference language for P3P , 2003, WWW '03.

[8]  Steven J. DeRose,et al.  XML Path Language (XPath) , 1999 .

[9]  Fabien L. Gandon,et al.  Semantic web technologies to reconcile privacy and context awareness , 2003, Journal of Web Semantics.