Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu IBM Almaden Research Center.

Published byAlannah Martin Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu IBM Almaden Research Center."— Presentation transcript:

1 Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu IBM Almaden Research Center

2 The Context for This Work  Central theme of our current research –How to design information systems that respect the privacy of individual information while not impeding information flow  An important aspect –Users should be able to express how they would like their information to be treated –Businesses should be able to state what they are going to do with the information they collect –Data exchange should only happen if the two are compatible –P3P provides mechanisms for accomplishing this goal  Other aspects –Mechanisms for enforcing that businesses act according to their stated policies (“Hippocratic Databases”) –Mechanisms for doing analytics at aggregate level while respecting privacy of individual data (“Privacy Preserving Data Mining”)

3 Outline  Overview of P3P (Platform for Privacy Preferences)  Architectures for implementing P3P  Client-Centric (prevailing)  Server-centric (our proposal)  Use of database technology for implementing server-centric architecture  Performance  Conclusion and future work

4 What is P3P  Traditional privacy policies do not work –by the lawyers, for the lawyers  New W3C recommendation (standard) since April 2002  A standard way to communicate privacy practices –Privacy Policies encode a web site’s data-collection and data-use practices in the P3P policy language –Privacy Preferences specify user’s preferences in the APPEL language –Matching programmatically compare a preference against a policy

5 P3P Policy for Volga......

6 APPEL Preference for Jane

7 Current Implementations  Tools for creating policies –IBM Tivoli Privacy Wizard –P3PEdit  Tools for creating preferences –JRC APPEL Preference Editor  Tools for matching preferences –AT&T Privacy Bird –Microsoft Internet Explorer 6.0 –JRC P3P Proxy

8 Policy-Preference Matching (Client-Centric) Web Server Browser request policy 1 send policy 2 request web page if policy conforms to preference 5 policy and user preference 3 result of matching 4 APPEL Engine Client Side Matching Specialized Engine

9 Server-Centric Architecture  We propose a server-centric architecture for deploying P3P: –Server-side matching –Reuse proven database technology  Store privacy policies in a database system  Query the database for matching preferences against privacy policies

10 Policy-Preference Matching (Server-Centric) 3 query policy metadata Database send preference and URI of a web page 1 5 send result of matching preference against policy request web page if policy conforms to preference 6 2 preference and web page URI 4 query results Browser Web Server APPEL to Query Converter

11 Alternative Architectures  Two orthogonal dimensions for implementing P3P –What matching engine should be used? –Where should the matching take place? ClientServer Specialized Engine Current? Database Engine ?Proposed

12 Discussion of Server-Centric Solution  Advantages of server-side matching –Support for thin, mobile clients –Better support for new privacy-sensitive applications –Extra information for policy refinement –Easier upgrade of P3P specification  Advantages of using database –No reinvention, reuse of proven technology –Better Management of policies –Infrastructure for policy enforcement  Disadvantages –Greater amount of trust in the server

13 Variations of the Server-Centric Architecture  Relational tables + SQL queries  Relational tables + XML view + XQueries  Native XML store + XQueries

14 Storing Policies in Database Policy Creation Wizard P3P policies Shredder Database SQL inserts policy metadata

15 Storing Policies (cont.) Statement Purpose Recipient Datagroup Data Policy policy_idname… statement_idpolicy_idretentionconsequence statement_idpolicy_idpurposerequired statement_idpolicy_idrecipientrequired datagroup_idstatement_idpolicy_idbase data_iddatagroup_idstatement_idpolicy_idref … …

16 Converting APPEL into Queries String main(Rule r) { String sql = “SELECT” + r.behavior() + “FROM” + applicablePolicy() + “WHERE” + connect(r); return sql; } String connect(Expression e) { // matching attributes of e String sqlAttr = genAttr(e); // match subexpressions of e String sqlSub; let theta = e.connective(); // theta is either “or” or “and” for each subexpression se of e do sqlSub += “EXISTS(” + path(se) + “AND” + connect(se) + “)”; sqlSub += theta; return sqlAttr + “AND(” + sqlSub + “)”; } String path(Expression e) { return “SELECT *” + “FROM” + e.name() + “WHERE” + e.foreignKey() + “=” + e.parent().primaryKey(); }

17 Converting APPEL into SQL <appel:RULE behavior="block" > <PURPOSE appel:connective="or"> SELECT ‘block’ FROM Policy WHERE EXISTS( SELECT * FROM Statement WHERE Statement.policy_id = Policy.policy_id AND EXISTS( SELECT * FROM Purpose WHERE Purpose.statement_id = Statement.statement_id AND Purpose.policy_id = Statement.policy_id AND Purpose.purpose = ‘telemarketing’ OR Purpose.purpose = ‘contact’  Recursive algorithm  APPEL behavior  Select list  APPEL elements  SQL predicates  Link predicates by foreign keys APPELSQL

18 Converting APPEL into XQuery <appel:RULE behavior="block" > <PURPOSE appel:connective="or"> if (document(“policy”) POLICY /STATEMENT /PURPOSE [ telemarketing OR contact ] then return APPELXQuery

19 Performance Experiments  Experiment Setup –Windows NT 4.0 Sever with dual 600MHz processors and 512M memory –DB2 UDB 7.1 –Public domain APPEL engine (from JRC) –XTable (aka XPERANTO) prototype for the XQuery alternative

20 Datasets  29 P3P policies from Fortune 1000 company web site Preference# RulesSize (KB) Very High103.1 High72.8 Medium42.1 Low20.9 Very Low10.3 Average4.81.9  5 APPEL preferences from JRC test suite Policy# StatementSize (KB) Average24.4 Max511.9 Min11.6

21 Experiment Results APPEL Engine SQLXQuery ConvertQueryTotal Average2.630.08 0.161.65 Max9.080.140.240.345.00 Time for matching a preference against a policy (seconds)

22 Experiment Results PreferenceAPPEL Engine SQLXQuery ConvertQueryTotal Very High2.650.090.080.172.63 High2.680.100.140.242.33 Medium2.660.130.140.27- Low2.600.060.030.091.51 Very Low2.540.04< 0.010.050.31 Matching times for different preferences (seconds)  Latency of the SQL implementation is more than acceptable for practical deployment

23 Why APPEL is Slow  Significant cost for augmenting data elements appearing in a policy with categories predefined in P3P base schema  The APPEL engine incurs this cost for every preference checking  SQL implementation only incurs this cost when shredding policies into database, which is amortized over a large number of matchings of different preferences

24 Why XQuery is Slow  Significant cost for the XML view to convert XQueries into SQL against relational database  Untapped optimization opportunities

25 Summary  P3P is an important application area for database systems  Server-centric architecture reuses database technology for implementing P3P  Adequate performance for it to be used in practical deployment of P3P

26 Future Work  Checking policies against preferences before access web sites is only a small aspect of enabling web users gain control over their private information  P3P will not succeed unless it provides mechanism for enforcing that a site acts according to its stated policy  To this end, we are implementing the Hippocratic Database architecture (VLDB-02) –XPref: XPath-based privacy preference language (WWW-03) –Order preserving encryption –Access control through query analysis and rewriting –Nibbling open problems outlined in the Hippocratic Database vision

27 Backup

28 Proxy model  Imagine a site that has policies for all companies, and checks user preferences –individual company can take our technology also

29 Preference Matching Browser Preferences IBM policy DB2 ATT policy … Ford policy IBM policy DB2 ATT policy DB2 Ford policy DB2 … Internet Browser

30 Policy-Preference Matching (Client-Centric) Web ServerBrowser Reference File Cache  reference file request reference file   send reference file request policy  send policy   URI of a web page  URI of the applicable policy request web page if policy conforms to preference  policy and user preference  result of matching  APPEL Engine

31 Policy-Preference Matching (Server- Centric) 3 SQL query policy metadata Database send preference and URI of a web page 1 5 send result of matching preference against policy request web page if policy conforms to preference 6 2 preference and web page URI 4 query results BrowserWeb Server APPEL to SQL Converter

Download ppt "Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu IBM Almaden Research Center."

Similar presentations

The creation of Yaolan.com A Site for Pre-natal and Parenting Education in Chinese by James Caldwell DAE Interactive Marketing a Web Connection Company.

The creation of "Yaolan.com" A Site for Pre-natal and Parenting Education in Chinese by James Caldwell DAE Interactive Marketing a Web Connection Company.
1 Long term changes to P3P Long Term Future of P3P Workshop Giles Hogben Joint Research Centre European Commission.

1 Long term changes to P3P Long Term Future of P3P Workshop Giles Hogben Joint Research Centre European Commission.
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.

U.S. Department of Commerce Web Advisory Group Implementing Machine Readable Privacy Requirements of the E-Gov Act.
Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 

Chapters 14 & 15 Internet Databases. E-Commerce  Bringing new products, services, or ideas to market, supporting and enhancing business operations 
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
Need for SOA database for storing SOA data Divya Gade Rejitha Rajasekhar.

Need for SOA database for storing SOA data Divya Gade Rejitha Rajasekhar.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
ICS 541 - 01 (072)Database Systems: A Review1 Database Systems: A Review Dr. Muhammad Shafique.

ICS (072)Database Systems: A Review1 Database Systems: A Review Dr. Muhammad Shafique.
1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.

1 Introduction to XML. XML eXtensible implies that users define tag content Markup implies it is a coded document Language implies it is a metalanguage.
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
1 Pertemuan 13 Servers for E-Business Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

1 Pertemuan 13 Servers for E-Business Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
XML Views El Hazoui Ilias Supervised by: Dr. Haddouti Advanced XML data management.

XML Views El Hazoui Ilias Supervised by: Dr. Haddouti Advanced XML data management.
Kashif Jalal CA-240 (072) Web Development Using ASP.NET CA – 240 Kashif Jalal Welcome to week – 2 of…

Kashif Jalal CA-240 (072) Web Development Using ASP.NET CA – 240 Kashif Jalal Welcome to week – 2 of…
Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu Presented by Yajie Zhu 03/24/2005.

Implementing P3P Using Database Technology Rakesh Agrawal Jerry Kiernan Ramakrishnan Srikant Yirong Xu Presented by Yajie Zhu 03/24/2005.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.

Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.
Managing Employee Earnings Statements: PAYSTUB 3.0 A centralized, intranet-based application used to view employee earnings statements online Published:

Managing Employee Earnings Statements: PAYSTUB 3.0 A centralized, intranet-based application used to view employee earnings statements online Published:
Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.

Web Privacy Topics Andy Zeigler Senior Program Manager, Internet Explorer Microsoft.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

Similar presentations

Ads by Google