A semantics based approach to privacy languages

N. Li, Ting Yu, A. Antón

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions). Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.

Original languageEnglish
Pages (from-to)339-352
Number of pages14
JournalComputer Systems Science and Engineering
Volume21
Issue number5
Publication statusPublished - 1 Sep 2006
Externally publishedYes

Fingerprint

Formal Semantics
Privacy
Semantics
Query Language
Inconsistent
Query languages
Syntactics
Language
Internet
Policy
Industry
Model

Keywords

  • Formal semantics
  • Platfoirm for privacy preferences (P3P)
  • Privacy languages

ASJC Scopus subject areas

  • Hardware and Architecture
  • Theoretical Computer Science
  • Computational Theory and Mathematics

Cite this

A semantics based approach to privacy languages. / Li, N.; Yu, Ting; Antón, A.

In: Computer Systems Science and Engineering, Vol. 21, No. 5, 01.09.2006, p. 339-352.

Research output: Contribution to journalArticle

@article{774d66ed8e3a42bb88a6a353b34ee4a1,
title = "A semantics based approach to privacy languages",
abstract = "A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions). Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.",
keywords = "Formal semantics, Platfoirm for privacy preferences (P3P), Privacy languages",
author = "N. Li and Ting Yu and A. Ant{\'o}n",
year = "2006",
month = "9",
day = "1",
language = "English",
volume = "21",
pages = "339--352",
journal = "Computer Systems Science and Engineering",
issn = "0267-6192",
publisher = "CRL Publishing",
number = "5",

}

TY - JOUR

T1 - A semantics based approach to privacy languages

AU - Li, N.

AU - Yu, Ting

AU - Antón, A.

PY - 2006/9/1

Y1 - 2006/9/1

N2 - A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions). Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.

AB - A key reason for the slow adoption of the Platform for Privacy Preferences (P3P) is the lack of a formal semantics. Without a formal semantics, a P3P policy may be semantically inconsistent and may be interpreted and represented differently by different user agents. In this paper, we redress these problems by proposing a relational formal semantics for P3P policies, which precisely models the relationships between different components of P3P statements (i.e., collected data items, purposes, recipients and retentions). Based on this semantics, we present SemPref, a simple, efficient and expressive semantics-based preference language. Unlike previously proposed preference languages, SemPref queries the meaning of a privacy policy rather than its syntactic representation. The proposed formal semantics and preference language are an important step towards improving P3P, making it more comprehensible to enterprises and individual users, and ultimately accelerating the large-scale adoption of P3P across the Internet.

KW - Formal semantics

KW - Platfoirm for privacy preferences (P3P)

KW - Privacy languages

UR - http://www.scopus.com/inward/record.url?scp=33846410278&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33846410278&partnerID=8YFLogxK

M3 - Article

VL - 21

SP - 339

EP - 352

JO - Computer Systems Science and Engineering

JF - Computer Systems Science and Engineering

SN - 0267-6192

IS - 5

ER -