Title :
Or Best Offer: A Privacy Policy Negotiation Protocol
Author :
Walker, Daniel D. ; Mercer, Eric G. ; Seamons, Kent E.
Author_Institution :
Brigham Young Univ., Provo, UT
Abstract :
Privacy policy languages, such as P3P, allow websites to publish their privacy practices and policies in machine readable form. Software agents designed to protect users\´ privacy follow a "take it or leave it" approach that is inflexible and gives the server ultimate control. Privacy policy negotiation is one approach to leveling the playing field by allowing a client to negotiate with a server to determine how that server collects and uses the client\´s data. We present a privacy policy negotiation protocol, "or best offer", that includes a formal model for specifying privacy preferences and reasoning about privacy policies. The protocol is guaranteed to terminate within three rounds of negotiation while producing policies that are Pareto-optimal, and thus fair to both the client and the server.
Keywords :
Web sites; XML; data privacy; Pareto-optimal; platform for privacy preferences; privacy policy languages; privacy policy negotiation protocol; software agents; websites; Conferences; Contracts; Data privacy; Fuels; Proposals; Protection; Protocols; Software agents; Software design; XML; P3P; game theory; negotiation; pareto optimality; preference models; privacy; privacy policy; privay policy negotiation protocol; protocol; utility;
Conference_Titel :
Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on
Conference_Location :
Palisades, NY
Print_ISBN :
978-0-7695-3133-5
DOI :
10.1109/POLICY.2008.39
