Design and Analysis of a Secure Protocol for the P3P Standard


The KIPS Transactions:PartC, Vol. 14, No. 7, pp. 545-552, Dec. 2007
10.3745/KIPSTC.2007.14.7.545,   PDF Download:

Abstract

P3P(Platform for Privacy Preference) that is used in the World Wide Web is a standard to define and negotiate policies about definition, transmission, collection, and maintenance of personal information. Current P3P standard provides methods that define client personal information protection policy and P3P policy associated with web server. It also provides a method that compares these two policies. The current P3P standard, however, does not handle detail functions for safe transmission of the personal information and data. Also, it does not handle problems that can be induced by the detail functions. In this paper, in order to solve these problems, we propose a Secure P3P(S-P3P) protocol, which is a security protocol for the current P3P standard, offers mutual authentication between the web server and the client, and guarantees integrity and confidentiality of the messages and data. Furthermore, a S-P3P protocol provides non-repudiation on transmission and reception of personal information that is transmitted from the client to the web server.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
H. W. Choi, H. S. Jang, K. S. Ko, C. S. Kim, Y. I. Eom, "Design and Analysis of a Secure Protocol for the P3P Standard," The KIPS Transactions:PartC, vol. 14, no. 7, pp. 545-552, 2007. DOI: 10.3745/KIPSTC.2007.14.7.545.

[ACM Style]
Hyun Woo Choi, Hyun Su Jang, Kwang Sun Ko, Cu Su Kim, and Young Ik Eom. 2007. Design and Analysis of a Secure Protocol for the P3P Standard. The KIPS Transactions:PartC, 14, 7, (2007), 545-552. DOI: 10.3745/KIPSTC.2007.14.7.545.