Or Best Offer: A Privacy Policy Negotiation Protocol
Users today are concerned about how their information is collected, stored and used by Internet sites. Privacy policy languages, such as the Platform for Privacy Preferences (P3P), allow websites to publish their privacy practices and policies in machine readable form. Currently, software agents designed to protect users' privacy follow a ``take it or leave it" approach when evaluating these privacy policies. This approach is inflexible and gives the server ultimate control over the privacy of web transactions. Privacy policy negotiation is one approach to leveling the playing field by allowing a client to negotiate with a server to determine how that server collects and uses the client's data. We present a privacy policy negotiation protocol, ``Or Best Offer", that includes a formal model for specifying privacy preferences and reasoning about privacy policies. The protocol is guaranteed to terminate within three rounds of negotiation while producing policies that are Pareto-optimal, and thus fair to both parties. That is, it remains fair to both the client and the server.
Alternative title: | Or Best Offer: A Privacy Policy Negotiation Protocol |
---|---|
Year of publication: |
2007
|
Authors: | Walker, Daniel David 1980- |
Publisher: |
Brigham Young University |
Subject: | privacy | p3p | privacy policies | privacy policy negotiation | utility | Pareto-optimality | Pareto-efficiency | policy | negotiation | protocol |
Saved in:
Saved in favorites
Similar items by subject
-
A “Nutrition Label” for Privacy
Kelley, Patrick Gage, (2009)
-
Standardizing Privacy Notices: An Online Study of the Nutrition Label Approach (CMU-CyLab-09-014)
Kelley, Patrick Gage, (2010)
-
Power Strips, Prophylactics, and Privacy, Oh My!
Gideon, Julia, (2006)
- More ...