1 / 15

Privacy Policy Management

Privacy Policy Management. October 11, 2007. Privacy & security policy management. http://projects.cerias.purdue.edu/ocrproj/ Today many organizations have ad hoc policies Difficult to enforce reliably Policy management frameworks promote consistent policy enforcement Components

sanura
Download Presentation

Privacy Policy Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy Policy Management October 11, 2007

  2. Privacy & security policy management • http://projects.cerias.purdue.edu/ocrproj/ • Today many organizations have ad hoc policies • Difficult to enforce reliably • Policy management frameworks promote consistent policy enforcement • Components • Policy authoring • Policy conflict/gap detection/resolution • Policy enforcement • Policy communication • Policy composition and comparison (combining multiple policies)

  3. Privacy languages serve many roles • Specify organization’s privacy policy to end users and their agents • Specify users’ privacy preferences to users’ agent • Specify organization’s privacy policy to gatekeeper server that can approve or deny requests to access database • Specify policy associated with particular data elements to parties that buy or rent data

  4. Can one privacy language do it all? • Maybe… • But so far none have emerged • We’ve found over a dozen privacy languages (including several access control and rule languages used for privacy applications) • Languages have different audiences, specify policies at different levels of granularity, and have different strengths and weaknesses

  5. Privacy Languages • A P3P Preference Exchange Language (APPEL) • Alliance Identity - Web Services Framework (ID - WSF) • Customer Profile Exchange (CPExchange) • Declarative Privacy Authorization Language (DPAL) • Enterprise Privacy Authorization Language (EPAL) • eXtensible Access Control Markup Language (XACML) • GEOPRIV • Platform for Enterprise Privacy Practices (E-P3P) • Platform for Privacy Preferences (P3P) • Privacy Rights Markup Language (PRML) • Privacy Template • Security Assertion Markup Language (SAML) • XML Access Control Language (XACL) • X-Path Based Preference Langauage (XPref)

  6. Genealogy of languages

  7. EPAL • Enterprise Privacy Authorization Language • Developed by IBM, submitted to W3C • Allows enterprises to develop granular rules to check whether data access is authorized • Similar to P3P syntax but not identical • Includes • Data-categories • User-categories - administrators, doctors, etc. • Purposes • Actions - disclose, read, etc. • Obligations - delete after 30 days, get consent, etc. • Conditions - user category = doctor • Allow and deny rules http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/

  8. User privacy preferences • P3P 1.0 agents may (optionally) take action based on user preferences • Users should not have to trust privacy defaults set by software vendors • User agents that can read APPEL (A P3P Preference Exchange Language) files can offer users a number of canned choices developed by trusted organizations • Preference editors allow users to adapt existing preferences to suit own tastes, or create new preferences from scratch • For more info on APPEL see http://www.w3.org/TR/WD-P3P-preferences or Chapter 13 in Web Privacy with P3P

  9. Microsoft privacy template language • See Appendix D of Web Privacy with P3P • http://msdn.microsoft.com/library/default.asp?url=/workshop/security/privacy/overview/privacyimportxml.asp • Specifies rules for user agents to handle various types of cookies • Based on P3P compact policy tokens • Allows policies for specific web sites

  10. Microsoft example <MSIEPrivacy><MSIEPrivacySettings formatVersion="6"> <p3pCookiePolicy zone="internet"> <firstParty noPolicyDefault="reject" noRuleDefault="accept" alwaysAllowSession="yes"> <if expr="TEL" action="reject"></if> <if expr="FIN,CON" action="forceSession"></if> <if expr="FIN,CONa" action="forceSession"></if> <if expr="GOV,PUB" action="forceSession"></if> </firstParty> <thirdParty noPolicyDefault="accept" noRuleDefault="accept" alwaysAllowSession="yes"> </thirdParty> </p3pCookiePolicy> <alwaysReplayLegacy/> </MSIEPrivacySettings> <MSIESiteRules formatVersion="6"> <site domain="www.BlueYonderAirlines.com" action="accept"> </site> </MSIESiteRules></MSIEPrivacy>

  11. APPEL rule <appel:RULE behavior="limited" prompt="yes" description="Warning! Data may be shared."> <p3p:POLICY> <p3p:STATEMENT> <p3p:RECIPIENT appel:connective="or" > <p3p:same/> <p3p:other-recipient/> <p3p:public/> <p3p:unrelated/> </p3p:RECIPIENT> </p3p:STATEMENT> </p3p:POLICY> </appel:RULE> description connective- or- and- non-or- non-and- and-exact- or-exact pattern Behavior- request- block- limited

  12. What does this APPEL ruleset do? <?xml version="1.0"?> <appel:RULESET xmlns:appel="http://www.w3.org/2001/02/APPELv1" xmlns:p3p=http://www.w3.org/2000/12/P3Pv1 crtdby="Lorrie Cranor" > <appel:RULE behavior="limited" description=”WHAT DOES IT DO?" > <p3p:POLICY > <p3p:STATEMENT > <p3p:PURPOSE appel:connective="or"> <p3p:contact required="opt-out" /> <p3p:telemarketing required="opt-out" /> <p3p:contact required="always" /> <p3p:telemarketing required="always" /> </p3p:PURPOSE> </p3p:STATEMENT> </p3p:POLICY> </appel:RULE> <appel:RULE behavior="request" > <appel:OTHERWISE /> </appel:RULE> </appel:RULESET>

  13. Creating APPEL rule sets • Express your personal privacy preferences in English • Example: "I don't want companies to share my data." • Translate your rules into P3P vocabulary elements • Example: "RECIPIENT=ours" • Create an APPEL ruleset that represents your privacy preference rules (plus a catch-all rule)

  14. Using APPEL to analyze P3P policies • Toolkit for Automated Privacy Policy Analysis (TAPPA) • http://cups.cs.cmu.edu/tappa/

  15. Homework 3 Discussion • http://cups.cs.cmu.edu/courses/privpolawtech-fa07/hw/hw3.html • Web bugs - What are they used for? Do these uses raise privacy concerns? • P3P user agent critiques

More Related