01/24/07

The Privacy Systems project takes the notion of private customer information flowing between parties and models it formally.  The formalism is described its properties explained in the PET2004 paper.

The AdLoc messaging system is a Web Services based messaging system that allows users to grant signed digital contracts allowing others to contact them.  The AdLoc system follows the outlines of a privacy system and can therefore be reasoned about formally.

Further work

The original paper used a combination of P3P and XrML to write digital contracts about privacy promises.  P3P is a good language for a company to specify to a user what it will or will not do, but it does not give tools for the company to implement and enforce that policy.  To fill that gap we use the EPAL language which lets us write rules, conditions, and obligations that a will be enforced within a company itself.  P3P, therefore, can be viewed as the high level specification for the system while EPAL is the implementation of that specification.

We use EPAL in two ways - (1) to concretize the abstract privacy system model so that it can be easily studied and (2) to give let us take real privacy management policies and translate them back to the formalism.  As part of doing (1), we give an implementation of an abstract privacy system and implement examples in the paper using EPAL.  As part of (2) we model the AdLoc privacy rules in an EPAL policy and vocabulary.

Documents: