Skip to content Skip to navigation
University of Warwick
  • Study
  • |
  • Research
  • |
  • Business
  • |
  • Alumni
  • |
  • News
  • |
  • About

University of Warwick
Publications service & WRAP

Highlight your research

  • WRAP
    • Home
    • Search WRAP
    • Browse by Warwick Author
    • Browse WRAP by Year
    • Browse WRAP by Subject
    • Browse WRAP by Department
    • Browse WRAP by Funder
    • Browse Theses by Department
  • Publications Service
    • Home
    • Search Publications Service
    • Browse by Warwick Author
    • Browse Publications service by Year
    • Browse Publications service by Subject
    • Browse Publications service by Department
    • Browse Publications service by Funder
  • Help & Advice
University of Warwick

The Library

  • Login
  • Admin

Refinement checking for privacy policies

Tools
- Tools
+ Tools

Papanikolaou, Nikolaos K., Creese, Sadie and Goldsmith, M. (2012) Refinement checking for privacy policies. Science of Computer Programming, Volume 77 (Number 10-11). pp. 1198-1209. doi:10.1016/j.scico.2011.07.009

Research output not available from this repository, contact author.
Official URL: http://dx.doi.org/10.1016/j.scico.2011.07.009

Request Changes to record.

Abstract

This paper presents a framework for analysis and comparison of privacy policies expressed in P3P (Platform for Privacy Preferences). In contrast to existing approaches to policy analysis, which focus on demonstrations of equality or equivalence of policies, our approach makes it possible to check for refinement between policies. We automatically generate a CSP model from a P3P policy, which represents the policy’s intended semantics; using the FDR model checker, we then perform various tests (using process refinement) to determine (a) whether a policy is internally consistent, and (b) whether a given policy refines another by permitting similar data collection, processing and sharing practices. Our approach allows for the detection of subtle differences between practices prescribed by different privacy policies, the comparison of relative levels of privacy offered by different policies, and captures the semantics of policies intended in the original P3P standard. The systematic translation of policies to CSP provides a formal means of reasoning about websites’ privacy policies, and therefore the practices of various enterprises with regards to personal data

Item Type: Journal Article
Divisions: Faculty of Science > WMG (Formerly the Warwick Manufacturing Group)
Journal or Publication Title: Science of Computer Programming
Publisher: Elsevier BV
ISSN: 0167-6423
Official Date: 2012
Dates:
DateEvent
2012Published
Volume: Volume 77
Number: Number 10-11
Page Range: pp. 1198-1209
DOI: 10.1016/j.scico.2011.07.009
Status: Peer Reviewed
Publication Status: Published
Access rights to Published version: Restricted or Subscription Access

Request changes or add full text files to a record

Repository staff actions (login required)

View Item View Item
twitter

Email us: wrap@warwick.ac.uk
Contact Details
About Us