Translating Privacy Practices into Privacy Promises -How to Promise What You Can Keep

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by G? Karjoth Articles by Matthias Schunter Articles by Els Van Herreweghen

Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03)

Lake Como, Italy

June 04-June 06

ISBN: 0-7695-1933-4

	ASCII Text	x
	G? Karjoth, Matthias Schunter, Els Van Herreweghen, "Translating Privacy Practices into Privacy Promises -How to Promise What You Can Keep," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 135, Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03), 2003.

	BibTex	x
	@article{ 10.1109/POLICY.2003.1206967, author = {G? Karjoth and Matthias Schunter and Els Van Herreweghen}, title = {Translating Privacy Practices into Privacy Promises -How to Promise What You Can Keep}, journal ={Policies for Distributed Systems and Networks, IEEE International Workshop on}, volume = {0}, year = {2003}, isbn = {0-7695-1933-4}, pages = {135}, doi = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2003.1206967}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Policies for Distributed Systems and Networks, IEEE International Workshop on TI - Translating Privacy Practices into Privacy Promises -How to Promise What You Can Keep SN - 0-7695-1933-4 SP EP A1 - G? Karjoth, A1 - Matthias Schunter, A1 - Els Van Herreweghen, PY - 2003 KW - null VL - 0 JA - Policies for Distributed Systems and Networks, IEEE International Workshop on ER -

G? Karjoth, IBM Research

Matthias Schunter, IBM Research

Els Van Herreweghen, IBM Research

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/POLICY.2003.1206967

Enterprises advertise privacy promises using the W3C Platform for Privacy Preferences (P3P). These privacy promises define what recipients can obtain what collected data for what purpose. Internally, enterprises can use fine-grained privacy practices such as defined by the Platform for Enterprise Privacy Practices (E-P3P) to enforce privacy. These internal privacy policies should guarantee and enforce the promises made to the customers. Since privacy practices reflect business internals, they can change frequently. As a consequence, it can be challenging to keep the promises up-to-date with the actual practices. To enable up-to-date privacy promises, we describe a methodology for enterprises to promise what they can keep. This is done by automatically transforming E-P3P privacy practices into corresponding P3P privacy promises that reflect the actual enterprise-internal behavior. These P3P promises can then be published on a regular basis. Whenever the internal policies change, the P3P promises can easily be updated as well.

Citation:

G? Karjoth, Matthias Schunter, Els Van Herreweghen, "Translating Privacy Practices into Privacy Promises -How to Promise What You Can Keep," policy, pp.135, Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.