Use the tools below to copy the article in plain text form, or you can copy it as HTML, ready to copy and paste directly into a web page.
HTML <html> <head> <title>TIPS AND TRICKS Privacy platform on Internet</title> </head> <body> <h1>TIPS AND TRICKS Privacy platform on Internet</h1> <div class="info">Author: <a href="author_1_110126.html">Richel Fox</a></div><div class="body">Privacy has been a major concern for internet users and particularly for the web users. Many a times, while registering over several web-based services, users do not know if their e-mail address is going to be shared or not, or whether they would be bombarded with spam mail from manufacturers of all sorts of counterfeit products. Same is the case with other private information, like browser history and whatever cookies track on behest of their web masters.<br /> <br /> The only way out to get some details on this phenomenon is reading through lengthy Privacy Policy pages which does not make much sense given the time available and legal intricacies of the language used. To address this issue, and give users more information about how privacy is handled over a website, a set of standards called Platform for Privacy Preferences Project (P3P) is being developed by the World Wide Web Consortium (W3C).<br /> <br /> P3P is an emerging industry standard that converts text intensive privacy policies of websites to a simple form that is easy to read by both humans and machines. This automation means more control at user-end to opt-in or opt-out from browsing a particular page based on personal privacy preference. For example, if a cautious user decides that his/her e-mail address must not be provided to any third party advertising company, this setting can be stored in a P3P-enabled web browser.<br /> <br /> When the user browses an online shopping website, the browser requests the site to disclose its terms and conditions on how user information is gathered and used. If this reveals sharing of user e-mail address, the browser may flag an inconsistency with user’s privacy preference, and block the access to the site. Similarly, if a cookie is revealed to be placed for a particular undesirable use, it will be blocked — rather there will be a blanket ban on all the cookies on all the sites.<br /> <br /> Such a mechanism makes reading privacy statements consistent and repeatable, and in fact, standardizes the way sites disclose their data collection to the end-users whose privacy is at stake.<br /> <br /> Technologies like P3P are required; courtesy the interest e-businesses have in making use of confidential data for their short-term advantage. In doing so, personally identifiable user information is susceptible to fall in wrong hands. For example, an online shopping store tracking purchase pattern and browser history, and then sharing it with other tracking sites may result in the creation of a virtual user profile, which can then be targeted for customized ads, spam, phasing and identifying theft attacks.<br /> <br /> This is why, as an end-user, it is important to know what an e-commerce site does (or intends to do) with the user-supplied information. This specifically includes IP address, real name, user-name, use of such info for personalization or tracking over a period of time, sharing with others for telemarketing or research, and data retention policy. Knowing all this is critical not only in e-commerce, but also in activities as trivial as search engine queries. Imagine how much one can guess about a person merely by analyzing what that person has been searching over Google recently, or over last one year.<br /> <br /> Conversely, the importance of uniquely identifying user searching ‘Holiday in Bhurbun’ or ‘Laptop prices in Pakistan’ is useful from a merchandiser’s point of view. But the Web is not as simple as one site rendering all the pages. There are embedded contents which, at times implement what are called as ‘web bugs’ to independently track users. P3P takes care of such issues by requesting policy information from embedded sources so that user exactly knows which policy applies to which object on a page.<br /> <br /> Implementation<br /> <br /> At a conceptual level, it is easy to understand how P3P is implemented. A web-server places a policy reference file in a default folder that will be known to web browsers. This file would be in format specified by P3P – and this is where the power lies since this format is open for everybody to read and understand, and implement privacy features in custom tools and browsers. On the end-user side, browsers would either automatically read the file from default location, from location provided by the server or directly from the web-page code in case a file is not kept.<br /> <br /> This exchange does not slow down browsing anymore than fetching a small image does. Also, this information is not fetched every time to make the process efficient. Re-fetching only happens after the policy expires. Here, P3P makes no compulsion on how browsers should configure default user preferences, but does suggests that defaults should be ‘neutral or biased towards privacy and not be configured by default to transfer personal information without the user’s consent’.<br /> <br /> To aid in the development of P3P, there are various tools and guides available over internet which include a Deployment Guide, step-by-step guide, P3P Toolbox, P3P Validator, mailing list and miscellaneous tools and software.<br /> <br /> There are tools in the market as well that block unsafe content and block cookies based on their own learning mechanism. P3P distinguishes itself from such tools by pitting the user in charge of settings that affect privacy.<br /> <br /> Nonetheless, there has been a fair share of concerns arising out of this model, but I think to go for the security certification’s there are many vendors that provide these specializations like <br /> <a href="http://www.testkingdom.com/" >Cisco, Microsoft, Citrix, IBM, CompTIA</a>, and more.. If you are planning to go for the certification method<a href="http://www.testkingdom.com/" > www.testkingdom.com</a> are the best, they provide the complete range of security exams certifications study materials and more, many of my friends have passed there exams on its first attempt, by preparing from the <br /> <a href="http://www.testkingdom.com/" >testkingdom.com.</a> <br /> <br /> First, P3P is only an information providing tool and it can not prevent sites from falsifying their privacy statements. To address this issue, P3P requires a dispute resolution site to be identified in case a user comes to know that the site is bypassing the stated privacy policy.<br /> <br /> Additionally, P3P can work as a tool in conjunction with legal framework since a violation of declared privacy stance or misuse of data is a criminal offence in many countries. This empowers the user to know his/her rights, and holds the sites accountable for their conflicting policies and deeds.<br /> <br /> The next objection on P3P is that its specification is complex in structure and not many site administrators will be able to write policies in P3P format.<br /> <br /> As a solution, P3P believes that new tools will make it easier to write policies much on the lines of web authoring tools that do not require users to know HTML tags and details. To further assist developers, P3P offers Test Suite site that simulates different scenarios which can take place depending upon conflicting user preferences and site policies.<br /> <br /> Yet another objection on P3P is its slow pace of adoption at a mass level. P3P counters this with the scope of this ambitious project and the need to get buy-in from various privacy advocacy groups and stakeholders present in the large internet community. <br /> <br /> There is also a list of known P3P implementation and services present over W3C website for further reference. According to a research by CyLab Privacy Interest Group of Carnegie Mellon University, about 15 per cent of the top 5,000 websites incorporate P3P.<br /> <br /> There are other similar projects as well, such as, the European IST research project called PRIME, MIT <br /> Decentralized Information Group’s project called TAMI, and Policy Aware Web project. P3P has inspired great interest in developing an easy to use and understand method of deciphering complex privacy practices. Such an interface can become a helpful tool in developing a technical solution to aid legal solutions concerning privacy.</div> <div class="source">Article Source: <a href="http://www.articlealley.com/article_531910_81.html">http://www.articlealley.com/article_531910_81.html</a></div> <div class="author"> <div class="authorOccupation"><strong>Occupation:</strong> IT Trainer and e-commerce consultant</div> <div class="authorBio">Educated in the U.S.A. and having worked for 18 years in multinational companies, As an IT instructor, about 5 yeas ago I started a study solution business and now I have launched www.testkingdom.com over here we provide complete solutions for IT exams study material we also provide trainings and consultancy to Corporate and individual Student, Our study articles, Exams Q&A with Explanation, Study Guides, Training Labs, Exams Simulations, Training Videos, etc. and have helped many students to archive the most valuable certification like MCSE 2003, CCNA, CCIE, MCSA, A+, and more we have clients all over US and any many parts of the globe. www.testkingdom.com provide you the best training 100% guarantee. “Consider your-self Certified”</div> <div class="authorUrl"><a href="http://www.testkingdom.com" target="_blank">http://www.testkingdom.com</a></div></author> </body> </html>
Text TIPS AND TRICKS Privacy platform on Internet Author: Richel Fox Privacy has been a major concern for internet users and particularly for the web users. Many a times, while registering over several web-based services, users do not know if their e-mail address is going to be shared or not, or whether they would be bombarded with spam mail from manufacturers of all sorts of counterfeit products. Same is the case with other private information, like browser history and whatever cookies track on behest of their web masters. The only way out to get some details on this phenomenon is reading through lengthy Privacy Policy pages which does not make much sense given the time available and legal intricacies of the language used. To address this issue, and give users more information about how privacy is handled over a website, a set of standards called Platform for Privacy Preferences Project (P3P) is being developed by the World Wide Web Consortium (W3C). P3P is an emerging industry standard that converts text intensive privacy policies of websites to a simple form that is easy to read by both humans and machines. This automation means more control at user-end to opt-in or opt-out from browsing a particular page based on personal privacy preference. For example, if a cautious user decides that his/her e-mail address must not be provided to any third party advertising company, this setting can be stored in a P3P-enabled web browser. When the user browses an online shopping website, the browser requests the site to disclose its terms and conditions on how user information is gathered and used. If this reveals sharing of user e-mail address, the browser may flag an inconsistency with user’s privacy preference, and block the access to the site. Similarly, if a cookie is revealed to be placed for a particular undesirable use, it will be blocked — rather there will be a blanket ban on all the cookies on all the sites. Such a mechanism makes reading privacy statements consistent and repeatable, and in fact, standardizes the way sites disclose their data collection to the end-users whose privacy is at stake. Technologies like P3P are required; courtesy the interest e-businesses have in making use of confidential data for their short-term advantage. In doing so, personally identifiable user information is susceptible to fall in wrong hands. For example, an online shopping store tracking purchase pattern and browser history, and then sharing it with other tracking sites may result in the creation of a virtual user profile, which can then be targeted for customized ads, spam, phasing and identifying theft attacks. This is why, as an end-user, it is important to know what an e-commerce site does (or intends to do) with the user-supplied information. This specifically includes IP address, real name, user-name, use of such info for personalization or tracking over a period of time, sharing with others for telemarketing or research, and data retention policy. Knowing all this is critical not only in e-commerce, but also in activities as trivial as search engine queries. Imagine how much one can guess about a person merely by analyzing what that person has been searching over Google recently, or over last one year. Conversely, the importance of uniquely identifying user searching ‘Holiday in Bhurbun’ or ‘Laptop prices in Pakistan’ is useful from a merchandiser’s point of view. But the Web is not as simple as one site rendering all the pages. There are embedded contents which, at times implement what are called as ‘web bugs’ to independently track users. P3P takes care of such issues by requesting policy information from embedded sources so that user exactly knows which policy applies to which object on a page. Implementation At a conceptual level, it is easy to understand how P3P is implemented. A web-server places a policy reference file in a default folder that will be known to web browsers. This file would be in format specified by P3P – and this is where the power lies since this format is open for everybody to read and understand, and implement privacy features in custom tools and browsers. On the end-user side, browsers would either automatically read the file from default location, from location provided by the server or directly from the web-page code in case a file is not kept. This exchange does not slow down browsing anymore than fetching a small image does. Also, this information is not fetched every time to make the process efficient. Re-fetching only happens after the policy expires. Here, P3P makes no compulsion on how browsers should configure default user preferences, but does suggests that defaults should be ‘neutral or biased towards privacy and not be configured by default to transfer personal information without the user’s consent’. To aid in the development of P3P, there are various tools and guides available over internet which include a Deployment Guide, step-by-step guide, P3P Toolbox, P3P Validator, mailing list and miscellaneous tools and software. There are tools in the market as well that block unsafe content and block cookies based on their own learning mechanism. P3P distinguishes itself from such tools by pitting the user in charge of settings that affect privacy. Nonetheless, there has been a fair share of concerns arising out of this model, but I think to go for the security certification’s there are many vendors that provide these specializations like Cisco, Microsoft, Citrix, IBM, CompTIA, and more.. If you are planning to go for the certification method www.testkingdom.com are the best, they provide the complete range of security exams certifications study materials and more, many of my friends have passed there exams on its first attempt, by preparing from the testkingdom.com. First, P3P is only an information providing tool and it can not prevent sites from falsifying their privacy statements. To address this issue, P3P requires a dispute resolution site to be identified in case a user comes to know that the site is bypassing the stated privacy policy. Additionally, P3P can work as a tool in conjunction with legal framework since a violation of declared privacy stance or misuse of data is a criminal offence in many countries. This empowers the user to know his/her rights, and holds the sites accountable for their conflicting policies and deeds. The next objection on P3P is that its specification is complex in structure and not many site administrators will be able to write policies in P3P format. As a solution, P3P believes that new tools will make it easier to write policies much on the lines of web authoring tools that do not require users to know HTML tags and details. To further assist developers, P3P offers Test Suite site that simulates different scenarios which can take place depending upon conflicting user preferences and site policies. Yet another objection on P3P is its slow pace of adoption at a mass level. P3P counters this with the scope of this ambitious project and the need to get buy-in from various privacy advocacy groups and stakeholders present in the large internet community. There is also a list of known P3P implementation and services present over W3C website for further reference. According to a research by CyLab Privacy Interest Group of Carnegie Mellon University, about 15 per cent of the top 5,000 websites incorporate P3P. There are other similar projects as well, such as, the European IST research project called PRIME, MIT Decentralized Information Group’s project called TAMI, and Policy Aware Web project. P3P has inspired great interest in developing an easy to use and understand method of deciphering complex privacy practices. Such an interface can become a helpful tool in developing a technical solution to aid legal solutions concerning privacy. Article Source: http://www.articlealley.com/article_531910_81.html About the Author: Educated in the U.S.A. and having worked for 18 years in multinational companies, As an IT instructor, about 5 yeas ago I started a study solution business and now I have launched www.testkingdom.com over here we provide complete solutions for IT exams study material we also provide trainings and consultancy to Corporate and individual Student, Our study articles, Exams Q&A with Explanation, Study Guides, Training Labs, Exams Simulations, Training Videos, etc. and have helped many students to archive the most valuable certification like MCSE 2003, CCNA, CCIE, MCSA, A+, and more we have clients all over US and any many parts of the globe. www.testkingdom.com provide you the best training 100% guarantee. “Consider your-self Certified” http://www.testkingdom.com
return to article
