Specifying Personal Privacy Policies to Avoid Unexpected Outcomes
نویسندگان
چکیده
The growth of the Internet is increasing the deployment of e-services in such areas as e-commerce, e-learning, and e-health. In parallel, the providers and consumers of such services are realizing the need for privacy. The use of P3P privacy policies on web sites is an example of this growing concern for privacy. Managing privacy using privacy policies is a promising approach. In this approach, an e-service provider and an e-service consumer each have separate privacy policies. Before an e-service is engaged, the provider's policy must be "compatible" with the consumer's policy. However, beyond compatibility, the policies may lead to unexpected outcomes. This can result in the lost of privacy and even lead to serious injury in certain cases. This paper gives examples of how such outcomes can arise and suggests how the consumer’s personal privacy policy can be modified to avoid such outcomes.
منابع مشابه
Future Interactions in Policy-Driven Privacy Management
The growth of the Internet is increasing the deployment of e-services in such areas as e-business, e-learning, and e-health. In parallel, the providers and consumers of such services are realizing the need for privacy. The widespread use of P3P privacy policies for web sites is an example of this growing concern for privacy. However, while the privacy policy approach may seem to be a reasonable...
متن کاملA Machine Learning Solution to Assess Privacy Policy Completeness
A privacy policy is a legal document, used by websites to communicate how the personal data that they collect will be managed. By accepting it, the user agrees to release his data under the conditions stated by the policy. Privacy policies should provide enough information to enable users to make informed decisions. Privacy regulations support this by specifying what kind of information has to ...
متن کاملPrivacy Aware Recommender Service using Multi-agent Middleware- an IPTV Network Scenario
IPTV service providers are starting to realize the significant value of recommender services in attracting and satisfying customers as they offer added values e.g. by delivering suitable personalized contents according to customers personal interests in a seamless way, increase content sales and gain competitive advantage over other competitors. However the current implementations of recommende...
متن کاملS4P: A Generic Language for Specifying Privacy Preferences and Policies
This paper presents S4P, a declarative language for specifying both users’ privacy preferences and services’ privacy policies. Preferences and policies are uniformly expressed as assertions and queries written in SecPAL extended with two modal verbs, may and will, and can express both permissions and obligations. Checking if a user’s preference is satisfied by a service’s policy is simple as it...
متن کاملAutomated Synthesis of Privacy-Preserving Distributed Applications
We introduce a framework for the automated synthesis of security-sensitive distributed applications. The central idea is to provide the programmer with a high-level declarative language for specifying the system and the intended security properties, abstracting away from any cryptographic details. A compiler takes as input such high-level specifications and automatically produces the correspond...
متن کامل