- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
While the challenge of preserving privacy is foremost in the minds of most Internet users, Web site developers balance the need to collect in formation about users with their obligation to show respect for their users' privacy. The Platform for Privacy Preferences Project, or P3P, has emerged as an answer that may satisfy the wishes of both parties. Developed by the World Wide Web Consortium (W3C), P3P gives user more control over the amount of information they disclose about themselves as they browse the Web. At the same time, it allows Web sites to declare to browsers what sort of information they will request of users. Their privacy policies are embedded in the code of the site, so browsers talk to the Web server just below the surface. The number of Web developers using P3P continues to grow, especially with the increasing popularity of Microsoft's IE 6,which blocks cookies from sites that aren't P3P compliant. . Web Privacy with P3P explains the P3P protocol and shows Web site developers how to configure their sites for P3P compliance. Author Lorrie Faith Cranor, chair of the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and co-author of the P3P1.0 specification, explains the inner workings of the P3P protocol while maintaining a hands-on implementation approach. The book begins with an introduction to P3P and an overview of online privacy concerns and the laws governing online privacy. Cranor discusses existing privacy technology, such as encryption tools, filters and identity management tools. Next,the book shows you how to P3P-enable your own site. Among the many topics covered are: P3P deployment steps; P3P policy syntax; creating P3P policies; creating and referencing policy reference files; data schemas; and full of examples and case studies. Web Privacy with P3P delivers practical advice and insider tips. Software developers, privacy consultants, corporate decision-makers, lawyers, public policy-makers, and any individual interested in online privacy issues will find this book a necessary reference.
Contents
Foreword Preface Part I. Privacy and P3P 1. Introduction to P3P How P3P Works P3P-Enabling a Web Site Why Web Sites Adopt P3P 2. The Online Privacy Landscape Online Privacy Concerns Fair Information Practice Principles Privacy Laws Privacy Seals Chief Privacy Officers Privacy-Related Organizations 3. Privacy Technology Encryption Tools Anonymity and Pseudonymity Tools Filters Identity-Management Tools Other Tools 4. P3P History The Origin of the Idea The Internet Privacy Working Group W3C Launches the P3P Project The Evolving P3P Specification The Patent Issue Feedback from Europe Finishing the Specification Legal Implications Criticism Part II. P3P-Enabling Your Web Site 5. Overview and Options P3P-Enabled Web Site Components P3P Deployment Steps Creating a Privacy Policy Analyzing the Use of Cookies and Third-Party Content One Policy or Many? Generating a P3P Policy and Policy Reference File Helping User Agents Find Your Policy Reference File Combination Files Compact Policies The Safe Zone Testing Your Web Site 6. P3P Policy Syntax XML Syntax General Assertions Data-Specific Assertions The P3P Extension Mechanism The Policy File 7. Creating P3P Policies Gathering Information About Your Site's Data Practices Turning the Information You Gathered into a P3P Policy Writing a Compact Policy Avoiding Common Pitfalls 8. Creating and Referencing Policy Reference Files Creating a Policy Reference File Referencing a Policy Reference File P3P Policies in Policy Reference Files Changing Your P3P Policy or Policy Reference File Avoiding Common Pitfalls 9. Data Schemas Sets, Elements, and Structures Fixed and Variable Categories P3P Base Data Schema Writing a P3P Data Schema 10. P3P-Enabled Web Site Examples Simple Sites Third-Party Agents Third Parties with Their Own Policies Examples From Real Web Sites Part III. P3P Software and Design 11. P3P Vocabulary Design Issues Rating Systems and Vocabularies P3P Vocabulary Terms What's Not in the P3P Vocabulary 12. P3P User Agents and Other Tools P3P User Agents Other Types of P3P Tools P3P Specification Compliance Requirements 13. A P3P Preference Exchange Language (APPEL) APPEL Goals APPEL Evaluator Engines Writing APPEL Rule Sets Processing APPEL Rules Other Privacy Preference Languages 14. User Interface Case Studies Privacy Preference Settings User Agent Behavior Accessibility Privacy Part IV. Appendixes A. P3P Policy and Policy Reference File Syntax Quick Reference B. Configuring Web Servers to Include P3P Headers C. P3P in IE6 D. How to Create a Customized Privacy Import File for IE6 E. P3P Guiding Principles Index
