A formal semantics for P3P

Ting Yu, Ninghui Li, Annie I. Antón

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)


The Platform for Privacy Preferences (P3P), developed by the W3C, provides an XML-based language for websites to encode their datacollection and data-use practices in a machine-readable form. To fully deploy P3P in enterprise information systems and over the Web, a well-defined semantics for P3P policies is a must, which is lacking in the current P3P framework. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents; it is difficult to determine whether a P3P policy is indeed enforced by an enterprise; and privacy policies from different corporations cannot be formally compared before information exchange. In this paper, we propose a relational formal semantics for P3P policies, which precisely and intuitively models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions) during online information collection. The proposed formal semantics is an important step towards improving P3P, making it more appropriate to be integrated with business practice and ultimately accelerating the large-scale adoption of P3P across the Internet.

Original languageEnglish
Title of host publicationProceedings of the 2004 Workshop on Secure Web Service, SWS 2004
PublisherAssociation for Computing Machinery, Inc
Number of pages8
ISBN (Print)158113973X, 9781581139730
Publication statusPublished - 29 Oct 2015
Externally publishedYes
EventWorkshop on Secure Web Service, SWS 2004 - Fairfax, United States
Duration: 29 Oct 2015 → …


OtherWorkshop on Secure Web Service, SWS 2004
CountryUnited States
Period29/10/15 → …

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'A formal semantics for P3P'. Together they form a unique fingerprint.

  • Cite this

    Yu, T., Li, N., & Antón, A. I. (2015). A formal semantics for P3P. In Proceedings of the 2004 Workshop on Secure Web Service, SWS 2004 (pp. 1-8). Association for Computing Machinery, Inc. https://doi.org/10.1145/1111348.1111349