Extending P3P to Facilitate Proxies Which Pose as a Potential Threat to Privacy
P3P allows Web sites to declare their intentions in a standard form (as a policy) in so far as privacy related matters are concerned. User agents are free to then examine P3P policies prior to engaging in normal interactions with a Web server (upon which the Web site is hosted). Unsuitable policies...
Gespeichert in:
Hauptverfasser: | , |
---|---|
Format: | Tagungsbericht |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | P3P allows Web sites to declare their intentions in a standard form (as a policy) in so far as privacy related matters are concerned. User agents are free to then examine P3P policies prior to engaging in normal interactions with a Web server (upon which the Web site is hosted). Unsuitable policies may result in no further interactions with the Web server. Since P3P was designed with only two parties in mind (the client and the server), the presence of a Web Proxy in the P3P framework raises privacy concerns that demand attention. What is immediately apparent is the problem of a user accessing a site with an acceptable P3P policy via a Proxy which may employ a privacy policy that is unacceptable to the user.
In this paper we discuss some of these problems within the context of a P3P environment. In discussing these problems we focus our attention on the identification of a Proxy within a P3P environment and the separation of a Proxy’s policy from the policy of a site being accessed through it. |
---|---|
ISSN: | 0302-9743 1611-3349 |
DOI: | 10.1007/11824633_9 |