Abstract
The Internet is moving towards dynamic and ad-hoc service composition. The resulting so-called Web 2.0 sites maintain a unified user-experience while interacting and exchanging personal data with multiple other sites. Since the interaction is dynamic and ad-hoc, existing privacy policy mechanisms are not designed for this scenario.
In this article we describe a new lightweight approach towards privacy management. The core idea is to provide a “privacy panel” – a unified and simple entry point at each site that enables consumers to review stored data and manage their privacy. Key aspects were ease-of-use and handling of recursive disclosures of personal data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cranor, L., Langheinrich, M., Marchiori, M.: A P3P Preference Exchange Language 1.0 (APPEL1.0); W3C Working Draft (April 15, 2002), http://www.w3.org/TR/P3P-preferences/
Backes, M., Bagga, W., Karjoth, G., Schunter, M.: Efficient Comparison of Enterprise Privacy Policies. In: 19th Annual ACM Symposium on Applied Computing, Nicosia, Cyprus, March 14-17, 2004, pp. 375–382. ACM Press, New York (2004)
Badishi, G., Caronni, G., Keidar, I., Rom, R., Scott, G.: Deleting Files in the Celeste Peer-to-Peer Storage System. In: 25th IEEE Symposium on Reliable Distributed Systems (SRDS 2006), pp. 29–38. IEEE Press, Los Alamitos (2006)
Barth, A., Mitchell, J.C.: Enterprise Privacy Promises and Enforcement. In: Proceedings of the 2005 Workshop on Issues in the Theory of Security, Long Beach, California, pp. 58–66. ACM Press, New York (2005)
Backes, M., Pfitzmann, B., Schunter, M.: A Toolkit for Managing Enterprise Privacy Policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 162–180. Springer, Heidelberg (2003)
Chaum, D.: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability. Journal of Cryptology 1/1, 65–75 (1988)
Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proceedings of the 13th USENIX Security Symposium (August 2004)
Karjoth, G., Schunter, M., Van Herreweghen, E.: Enterprise Privacy Practices vs. Privacy Promises - How to Promise What You Can Keep. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003), Lake Como, Italy, June 4-6, pp. 135–146 (2003)
Karjoth, G., Schunter, M.: A Privacy Policy Model for Enterprises. In: 15th IEEE Computer Security Foundations Workshop (CSFW), pp. 271–281. IEEE Computer Society Press, Washington (2002)
Kinateder, M., Pearson, S.: A Privacy-Enhanced Peer-to-Peer Reputation System. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds.) E-Commerce and Web Technologies. LNCS, vol. 2738, pp. 206–215. Springer, Heidelberg (2003)
Levy, S.E., Gutwin, C.: Improving Understanding of Website Privacy Policies with Fine-Grained Policy Anchors. In: WWW 2005, Chiba, Japan, May 10-14, pp. 10–14. ACM Press, New York (2005)
Cranor, L., Dobbs, B., Egelman, S., Hogben, G., Humphrey, J., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J., Schunter, M., Stampley, D.A., Wenning, R.: The Platform for Privacy Preferences 1.1 (P3P1.1) Specification; W3C Working Group Note (November 13, 2006), http://www.w3.org/TR/2006/NOTE-P3P11-20061113/
Pfitzmann, A., Pfitzmann, B., Schunter, M., Waidner, M.: Trusting Mobile User Devices and Security Modules. Computer 30/2, 61–68 (1997)
Pfitzmann, B., Waidner, M.: Federated Identity-Management Protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 3364, pp. 153–174. Springer, Heidelberg (2005)
Stufflebeam, W., Antón, A.I., He, Q., Jain, N.: Specifying Privacy Policies with P3P and EPAL: Lessons Learned. In: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society, WPES 2004, Washington DC, USA, October 28 - 28, 2004, pp. 35–35. ACM Press, New York (2004)
Shamir, A.: How to Share a Secret. Communications of the ACM 22/11, 612–613 (1979)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schunter, M., Waidner, M. (2007). Simplified Privacy Controls for Aggregated Services — Suspend and Resume of Personal Data. In: Borisov, N., Golle, P. (eds) Privacy Enhancing Technologies. PET 2007. Lecture Notes in Computer Science, vol 4776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75551-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-75551-7_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75550-0
Online ISBN: 978-3-540-75551-7
eBook Packages: Computer ScienceComputer Science (R0)