Privacy Policy Management - PowerPoint PPT Presentation

About This Presentation
Title:

Privacy Policy Management

Description:

Privacy Policy, Law and Technology Carnegie Mellon ... if expr='FIN,CON' action='forceSession' /if if expr='FIN,CONa' action='forceSession' /if ... – PowerPoint PPT presentation

Number of Views:50
Avg rating:3.0/5.0
Slides: 16
Provided by: lorrie2
Learn more at: http://cups.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Privacy Policy Management


1
Privacy Policy Management
  • October 11, 2007

2
Privacy security policy management
  • http//projects.cerias.purdue.edu/ocrproj/
  • Today many organizations have ad hoc policies
  • Difficult to enforce reliably
  • Policy management frameworks promote consistent
    policy enforcement
  • Components
  • Policy authoring
  • Policy conflict/gap detection/resolution
  • Policy enforcement
  • Policy communication
  • Policy composition and comparison (combining
    multiple policies)

3
Privacy languages serve many roles
  • Specify organizations privacy policy to end
    users and their agents
  • Specify users privacy preferences to users
    agent
  • Specify organizations privacy policy to
    gatekeeper server that can approve or deny
    requests to access database
  • Specify policy associated with particular data
    elements to parties that buy or rent data

4
Can one privacy language do it all?
  • Maybe
  • But so far none have emerged
  • Weve found over a dozen privacy languages
    (including several access control and rule
    languages used for privacy applications)
  • Languages have different audiences, specify
    policies at different levels of granularity, and
    have different strengths and weaknesses

5
Privacy Languages
  • A P3P Preference Exchange Language (APPEL)
  • Alliance Identity - Web Services Framework (ID -
    WSF)
  • Customer Profile Exchange (CPExchange)
  • Declarative Privacy Authorization Language (DPAL)
  • Enterprise Privacy Authorization Language (EPAL)
  • eXtensible Access Control Markup Language (XACML)
  • GEOPRIV
  • Platform for Enterprise Privacy Practices (E-P3P)
  • Platform for Privacy Preferences (P3P)
  • Privacy Rights Markup Language (PRML)
  • Privacy Template
  • Security Assertion Markup Language (SAML)
  • XML Access Control Language (XACL)
  • X-Path Based Preference Langauage (XPref)

6
Genealogy of languages
7
EPAL
  • Enterprise Privacy Authorization Language
  • Developed by IBM, submitted to W3C
  • Allows enterprises to develop granular rules to
    check whether data access is authorized
  • Similar to P3P syntax but not identical
  • Includes
  • Data-categories
  • User-categories - administrators, doctors, etc.
  • Purposes
  • Actions - disclose, read, etc.
  • Obligations - delete after 30 days, get consent,
    etc.
  • Conditions - user category doctor
  • Allow and deny rules
  • http//www.w3.org/Submission/2003/SUBM-EPAL-200311
    10/

8
User privacy preferences
  • P3P 1.0 agents may (optionally) take action based
    on user preferences
  • Users should not have to trust privacy defaults
    set by software vendors
  • User agents that can read APPEL (A P3P Preference
    Exchange Language) files can offer users a number
    of canned choices developed by trusted
    organizations
  • Preference editors allow users to adapt existing
    preferences to suit own tastes, or create new
    preferences from scratch
  • For more info on APPEL see http//www.w3.org/TR/WD
    -P3P-preferences or Chapter 13 in Web Privacy
    with P3P

9
Microsoft privacy template language
  • See Appendix D of Web Privacy with P3P
  • http//msdn.microsoft.com/library/default.asp?url
    /workshop/security/privacy/overview/privacyimportx
    ml.asp
  • Specifies rules for user agents to handle various
    types of cookies
  • Based on P3P compact policy tokens
  • Allows policies for specific web sites

10
Microsoft example
  • ltMSIEPrivacygtltMSIEPrivacySettings
    formatVersion"6"gt
  • ltp3pCookiePolicy zone"internet"gt
  • ltfirstParty noPolicyDefault"reject"
    noRuleDefault"accept" alwaysAllowSession"yes"gt
  • ltif expr"TEL" action"reject"gtlt/ifgt
  • ltif expr"FIN,CON" action"forceSession"gtlt/i
    fgt
  • ltif expr"FIN,CONa" action"forceSession"gtlt/
    ifgt
  • ltif expr"GOV,PUB" action"forceSession"gtlt/i
    fgt
  • lt/firstPartygt
  • ltthirdParty noPolicyDefault"accept"
    noRuleDefault"accept" alwaysAllowSession"yes"gt
  • lt/thirdPartygt
  • lt/p3pCookiePolicygt
  • ltalwaysReplayLegacy/gt
  • lt/MSIEPrivacySettingsgt
  • ltMSIESiteRules formatVersion"6"gt
  • ltsite domain"www.BlueYonderAirlines.com"
  • action"accept"gt
  • lt/sitegt
  • lt/MSIESiteRulesgtlt/MSIEPrivacygt

11
APPEL rule
  • ltappelRULE behavior"limited" prompt"yes"
  • description"Warning! Data may be shared."gt
  • ltp3pPOLICYgt
  • ltp3pSTATEMENTgt
  • ltp3pRECIPIENT appelconnective"or" gt
  • ltp3psame/gt
  • ltp3pother-recipient/gt
  • ltp3ppublic/gt
  • ltp3punrelated/gt
  • lt/p3pRECIPIENTgt
  • lt/p3pSTATEMENTgt
  • lt/p3pPOLICYgt
  • lt/appelRULEgt

description
connective- or- and- non-or- non-and-
and-exact- or-exact
pattern
Behavior- request- block- limited
12
What does this APPEL ruleset do?
  • ?lt?xml version"1.0"?gt
  • ltappelRULESET xmlnsappel"http//www.w3.org/20
    01/02/APPELv1"
  • xmlnsp3phttp//www.w3.org/2000/12/P3Pv1
    crtdby"Lorrie Cranor" gt
  • ltappelRULE behavior"limited"
    descriptionWHAT DOES IT DO?" gt
  • ltp3pPOLICY gt
  • ltp3pSTATEMENT gt
  • ltp3pPURPOSE appelconnective"or"gt
  • ltp3pcontact required"opt-out" /gt
  • ltp3ptelemarketing required"opt-out"
    /gt
  • ltp3pcontact required"always" /gt
  • ltp3ptelemarketing required"always"
    /gt
  • lt/p3pPURPOSEgt
  • lt/p3pSTATEMENTgt
  • lt/p3pPOLICYgt
  • lt/appelRULEgt
  • ltappelRULE behavior"request" gt
  • ltappelOTHERWISE /gt
  • lt/appelRULEgt

13
Creating APPEL rule sets
  • Express your personal privacy preferences in
    English
  • Example "I don't want companies to share my
    data."
  • Translate your rules into P3P vocabulary elements
  • Example "RECIPIENTours"
  • Create an APPEL ruleset that represents your
    privacy preference rules (plus a catch-all rule)

14
Using APPEL to analyze P3P policies
  • Toolkit for Automated Privacy Policy Analysis
    (TAPPA)
  • http//cups.cs.cmu.edu/tappa/

15
Homework 3 Discussion
  • http//cups.cs.cmu.edu/courses/privpolawtech-fa07/
    hw/hw3.html
  • Web bugs - What are they used for? Do these uses
    raise privacy concerns?
  • P3P user agent critiques
Write a Comment
User Comments (0)
About PowerShow.com