Privacy Tools

 
 
By Debra Donston  |  Posted 2003-04-21 Print this article Print
 
 
 
 
 
 
 

Following are some of the products, services and standards that can be used to help ensure that private information stays private.

Following are some of the products, services and standards that can be used to help ensure that private information stays private.

  • P3P is a W3C standard that determines how a site handles personal data. P3P-enabled Web sites make this information available in a standard format readable by P3P-enabled browsers. This allows users to easily compare a sites privacy policies with their own preferences. (A paper on the future of P3P is at www.w3.org/2002/12/18-p3p-workshop-report.html.)

  • The AT&T Privacy Bird is a freely downloadable tool that reads P3P privacy policies and displays them in an easy-to-understand way. The software displays a green bird icon at Web sites that match the users privacy preferences and a red bird icon at sites that do not. (www.privacybird.com) Many browsers also have the ability to display a sites adherence to users privacy preferences.

  • EPAL (Enterprise Privacy Authorization Language) is a formal language used to specify enterprise privacy policies. Developed by IBM, it concentrates on the core privacy authorization while including details such as data model or user authentication. (www.zurich.ibm.com/security/enterprise-privacy/epal)

  • XACML (Extensible Access Control Markup Language) is a newly ratified OASIS Open Standard for describing security policies in a uniform manner, suitable for algorithmic analysis of the combined effect of multiple policies affecting a single interaction as it passes through an IT chain. (xml.coverpages.org/xacml.html)

  • IBM Tivoli Privacy Manager is middleware that automates many privacy compliance activities. (www-3.ibm.com/software/tivoli/products/privacy-mgr-e-bus)

  • Watchfire Corp.s PrivacyXM helps determine if an organizations Web site is a privacy risk by identifying activities such as information collection, privacy policy linking and user tracking, as well as P3P compliance. (www.watchfire.com)

  • Zero-Knowledge Systems Inc.s Enterprise Privacy Management automates many of the tasks involved in designing, implementing and enforcing privacy policy. (www.zeroknowledge.com)

  •  
     
     
     
     
     
     
     
     
     
     

    Submit a Comment

    Loading Comments...
     
    Manage your Newsletters: Login   Register My Newsletters























     
     
     
     
     
     
     
     
     
     
     
    Rocket Fuel