Abstract
Privacy protection is necessary in many applications in mobile and stationary environments. The advances in web applications with the introduction of HTML5 provide the possibility for cross-platform application support. Access to sensitive information is feasible via various means from such applications in order to provide a personalized user experience. Mechanisms to allow users to control this access are vital for a better web experience. In this work, we present our approach toward a mechanism for privacy protection in HTML5 web environments. User preferences for privacy policies can be specified via an indicated notation that considers contextual parameters. Preferences are taken into account during the execution adapting the application content. Our PrivacySafer approach is supported by implementations of extensions in two popular web browsers, Chrome and Firefox. An evaluation on the efficiency of the approach and the resulting web experience with a small group of users has been performed.
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
References
Achilleos, A.P., Kapitsaki, G.M.: Enabling cross-platform mobile application development: a context-aware middleware. In: Benatallah, B., Bestavros, A., Manolopoulos, Y., Vakali, A., Zhang, Y. (eds.) WISE 2014. LNCS, vol. 8787, pp. 304–318. Springer, Cham (2014). doi:10.1007/978-3-319-11746-1_22
Aggarwal, G., Bursztein, E., Jackson, C., Boneh, D.: An analysis of private browsing modes in modern browsers. In: USENIX Security Symposium, pp. 79–94 (2010)
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise privacy authorization language (EPAL). IBM Research (2003)
Cahn, A., Alfeld, S., Barford, P., Muthukrishnan, S.: An empirical study of web cookies. In: Proceedings of the 25th International Conference on World Wide Web, WWW 2016, International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, Switzerland, pp. 891–901 (2016). http://dx.doi.org/10.1145/2872427.2882991
Herhut, S., Hudson, R.L., Shpeisman, T., Sreeram, J.: Parallel programming for the web. In: Presented as Part of the 4th USENIX Workshop on Hot Topics in Parallelism (2012)
Hu, V.C., Kuhn, D.R., Ferraiolo, D.F.: Attribute-based access control. Computer 48(2), 85–88 (2015)
Joinson, A.N., Reips, U.D., Buchanan, T., Schofield, C.B.P.: Privacy, trust, and self-disclosure online. Hum.-Comput. Interact. 25(1), 1–24 (2010)
Kapitsaki, G.M.: Reflecting user privacy preferences in context-aware web services. In: 2013 IEEE 20th International Conference on Web Services (ICWS), pp. 123–130. IEEE (2013)
Kapitsaki, G.M., Venieris, I.S.: PCP: privacy-aware context profile towards context-aware application development. In: Proceedings of the 10th International Conference on Information Integration and Web-Based Applications and Services, pp. 104–110. ACM (2008)
Leon, P., Ur, B., Shay, R., Wang, Y., Balebako, R., Cranor, L.: Why johnny can’t opt out: a usability evaluation of tools to limit online behavioral advertising. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 589–598. ACM (2012)
Lorch, M., Proctor, S., Lepro, R., Kafura, D., Shah, S.: First experiences using XACML for access control in distributed systems. In: Proceedings of the 2003 ACM Workshop on XML Security, pp. 25–37. ACM (2003)
Mayer, J.R., Mitchell, J.C.: Third-party web tracking: policy and technology. In: 2012 IEEE Symposium on Security and Privacy, pp. 413–427. IEEE (2012)
Melicher, W., Sharif, M., Tan, J., Bauer, L., Christodorescu, M., Leon, P.G.: (Do not) track me sometimes: users contextual preferences for web tracking. Proc. Priv. Enhancing Technol. 2016(2), 135–154 (2016)
Olejnik, Ł., Acar, G., Castelluccia, C., Diaz, C.: The leaking battery. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2015. LNCS, vol. 9481, pp. 254–263. Springer, Cham (2016). doi:10.1007/978-3-319-29883-2_18
Schaub, F., Marella, A., Kalvani, P., Ur, B., Pan, C., Forney, E., Cranor, L.F.: Watching them watching me: browser extensions impact on user privacy awareness and concern (2016)
Sivakorn, S., Polakis, I., Keromytis, A.D.: The cracked cookie jar: HTTP cookie hijacking and the exposure of private information. In: IEEE Symposium on Security and Privacy, pp. 724–7420. IEEE (2016)
Westin, A.F.: Privacy and freedom. Wash. Lee Law Rev. 25(1), 166 (1968)
Yin, R.K.: Case Study Research: Design and Methods. Sage Publications, Thousand Oak (2013)
Zachte, E.: Wikimedia traffic analysis report-browsers e.a. Wikimedia Traffic Analysis Report, 2013–03 (2013)
Acknowledgment
This work was partially funded by the European Community CEF-TC-2015-1 Safer Internet (grant agreement number INEA/CEF/ICT/A2015/1152069) CYberSafety (http://www.cybersafety.cy/) project.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kapitsaki, G.M., Charalambous, T. (2017). PrivacySafer: Privacy Adaptation for HTML5 Web Applications. In: Bouguettaya, A., et al. Web Information Systems Engineering – WISE 2017. WISE 2017. Lecture Notes in Computer Science(), vol 10570. Springer, Cham. https://doi.org/10.1007/978-3-319-68786-5_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-68786-5_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68785-8
Online ISBN: 978-3-319-68786-5
eBook Packages: Computer ScienceComputer Science (R0)