P3P
出自KMU Wiki
隱私首選項平台項目 ,或P3P的 ,是一項議定書,允許網站申報其打算使用他們的資料,收集有關用戶瀏覽。 Designed to give users more control of their personal information when browsing, P3P was developed by the World Wide Web Consortium (W3C) and officially recommended on April 16 , 2002 .旨在讓用戶更好地控制他們的個人資料瀏覽時, P3P的開發由萬維網協會 ( W3C ) ,並正式建議在2002年 4月16日 。
[編輯] 目的
作為萬維網上成為一個真正的中等,其中出售產品和服務, 電子商貿網站,試圖蒐集更多的資料,有關人民誰購買他們的商品。 Some companies used controversial practices such as tracker cookies to ascertain the users' demographic information and buying habits, using this information to provide specifically targeted advertisements.一些公司使用具爭議性的做法,例如跟踪的Cookie ,以確定用戶的人口統計信息和購買習慣,使用此資訊,提供專門針對廣告。 Users who saw this as an invasion of privacy would sometimes turn off HTTP cookies or use proxy servers to keep their personal information secure.用戶誰認為這是對隱私權的侵犯有時會關閉HTTP Cookie或使用代理服務器 ,以保持其個人信息的安全性。 P3P is designed to give users a more precise control of the kind of information that they allow to release. P3P的目的是向用戶提供更精確的控制該種信息,讓他們釋放。
A P3P-compliant website declares the kind of information it collects and its intended use as a privacy policy . 1 P3P的兼容的網站宣布種收集的信息和其預定用途作為一個隱私權政策 。 A P3P enabled web browser can decide what to do by comparing this policy with the user's stored preferences. 1 P3P的啟用Web瀏覽器可以決定要怎麼做比較,這項政策與用戶的存儲偏好。 Alternatively, the browser can show the user a readable version of the policy and ask them how to proceed.另外,瀏覽器可以顯示用戶可讀版本的政策,並問他們如何進行。 As an example, a user may store in the browser preferences that information about their browsing habits should not be collected.作為一個例子,用戶可能會存儲在瀏覽器偏好信息對他們的瀏覽習慣,不應收取。 If the policy of a Website states that a cookie is used for this purpose, the browser automatically rejects the cookie.如果政策,一個網站的國家Cookie是用於這一目的,瀏覽器會自動拒絕曲奇。 The main content of a privacy policy is the following:為主要內容的隱私權政策,是以下幾點:
which information the server stores:信息服務器店鋪:
which kind of information is collected (identifying or not);哪一種資料收集(查明或沒有) ;
which particular information is collected (IP address, email address, name, etc.);其中尤其是信息收集( IP地址,電子郵件地址,名稱等) ;
use of the collected information:利用所收集的信息:
how this information is used (for regular navigation, tracking, personalization, telemarketing, etc.);如何在這方面的資料是用(定期導航,跟踪,個性化,電話等) ;
who will receive this information (only the current company, third party, etc.);誰將會收到這方面的資料(僅目前公司,第三黨等) ;
permanence and visibility:持久性和能見度:
how long information is stored;多久的資料是儲存;
whether and how the user can access the stored information (read-only, optin, optout).應否及如何使用者都可以存取存儲的信息(唯讀,選擇啟用,禁用) 。
The privacy policy can be retrieved as an XML file or can be included, in compact form, in the HTTP header.隱私政策可以檢索作為一個XML文件或可列入,在緊湊的形式,在HTTP標頭。 The location of the XML policy file that applies to a given document can be:位置的XML的政策文件,適用於某一特定文件可以是:
specified in the HTTP header of the document HTTP標頭中指定該文件
specified in the HTML head of the document在指定的HTML頭文件
if none of the above is specified, the well-known location /w3c/p3p.xml is used (for a similar location compare /favicon.ico )如果沒有上述指定, 著名的地點 / w3c/p3p.xml是用來(一個類似的位置比較/的favicon.ico )
P3P allows to specify a max-age for caching. P3P的允許指定的最高年齡為緩存。 A dummy /w3c/p3p.xml file could use this feature: 一個虛擬/ w3c/p3p.xml文件可以使用此功能:
<META xmlns = "[1]" > <POLICY-REFERENCES > <EXPIRY max-age = "10000000" /> <!-- about four months --> </POLICY-REFERENCES > </META > <meta xmlns = "[2]" > <policy-references > <expiry max-age = "10000000" /> < ! -約4個月- >“ < / 政策參考> < /中繼>
[編輯] P3P User Agents P3P的用戶代理
Microsoft Internet Explorer的提供能力,以顯示P3P的隱私政策,並比較P3P的政策與自己的設置,以決定是否要允許Cookie ,從特定的網站。 However, the P3P functionality in Internet Explorer extends only to cookie blocking, and will not alert you to an entire web site that violates your privacy preferences.不過, P3P的功能在Internet Explorer中僅適用於Cookie封鎖,並不會提醒你整個的網站侵犯了您的隱私首選項。 Users who wish to use a full P3P user agent should use the AT&T Privacy Bird , which is now maintained by Carnegie Mellon's Usable Privacy and Security Laboratory .用戶誰想使用完整的P3P用戶代理應該使用AT & T的 隱私鳥 ,這是現在所保持的卡內基梅隆大學的 實用的隱私和安全實驗室 。
The Privacy Finder service was also created by Carnegie Mellon's Usable Privacy and Security Laboratory . 私隱查找服務,還設立了由卡內基梅隆大學的 實用的隱私和安全實驗室 。 It is a publicly available "P3P-enabled search engine."這是一個公開提供“ P3P的啟用搜索引擎” 。 A user can enter a search term along with their stated privacy preferences, and is then presented with a list of search results which are ordered based on whether the sites comply with their preferences.用戶可以輸入搜索字詞,隨著其聲明的隱私首選項,然後提交了一份名單,搜索結果,這是基於對網站是否遵守其偏好。 This works by crawling the web and maintaining a P3P cache for every site that ever appears in a search query.這個工程由檢索網頁和維持一個P3P的快取記憶體的每一個網站都出現在搜索查詢。 The cache is updated every 24 hours so that every policy is guaranteed to be relatively up to date.緩存是每24小時更新一次,使每一項政策,是保證相對直至目前為止。 The service also allows users to quickly determine why a site does not comply with their preferences, as well as allowing them to view a dynamically generated natural language privacy policy based on the P3P data.該服務還可以讓用戶快速確定為什麼網站不遵守他們的偏好,以及讓他們來查看一個動態生成的自然語言的隱私政策的基礎上, P3P的數據。 This is advantageous over simply reading the original natural language privacy policy on a web site because many privacy policies are written in legalese and are extremely convoluted.這是有利的超過只需讀原來的自然語言的隱私政策在一個網站上,因為有很多的隱私政策是在法律術語的書面和極為錯綜複雜。 Additionally, in this case the user does not have to visit the web site to read its privacy policy.此外,在這種情況下,用戶沒有訪問該網站,閱讀其隱私政策。
資料引用:[3]