HTTPA (Accountable Hyper Text Transfer Protocol)

PhD Proposal Talk

Oshani SeneviratneDIG, MIT CSAILMay 31, 2011

Problems Addressed

Personal Information on the Web

• Increasing amounts of personal information on the Social Web

• Often times there are unforeseen adverse consequences

• Users become victims of poor design choices: E.g. Facebook Beacon, Google Buzz, etc

Reuse of Creative Works

• Reuse is good, but unauthorized content use is bad

• How can you prove that someone has violated your usage restrictions?

User Behavior Tracking Across Websites

Proposed Solution

Web Ecosystem that supports Accountability

• Build an accountable protocol and applications that use it

• Evaluate the adoption and the usability of the protocol

• Provide a framework for information accountability within the context of Web Science research

Protocol Components

Authentication

• Access Control – Identifying the data consumer before serving data

• Tracking and Auditing – Association of data with the entity that accessed/used them

• Side Effect – HTTPA may not support anonymous access unless the data consumer uses the Provenance Tracker to hide her identity

• Use WebID for authentication

Usage Restriction Specification

• Initial Implementation of the protocol will use the RMP (Respect My Privacy) ontology

• May also use the PPO (Privacy Preference Ontology)

• Usage Restriction needs terms such as:

– No cookies– No ownership transfer– No commercial use

– No depiction– No employment use– No insurance use

Negotiation of Usage Restrictions and Intentions / Handshake

• Uses HTTP headers ‘usage-restrictions’ and ‘intentions’

• Use ‘negotiate’ when the original usage restrictions and intentions do not match

Motivating Scenarios for the Handshake

Data Uploaded to Websites

• Specify usage restrictions on data that belongs to the user.– Creative works– Personal data

• Negotiate usage restrictions on the data uploaded to sites– Sites may have a terms that are not what the user

wanted

Data Uploaded to Websites (I)

POST pictureUsage Restrictions: No Ownership Transfer

HTTPA 412 Precondition FailedIntentions: Ownership Transfer

POST picture

Data Uploaded to Websites (II)

POST pictureUsage Restrictions: No Ownership Transfer

HTTPA 412 Precondition FailedIntentions: Ownership Transfer

POST pictureNegotiate: No Ownership Transfer

HTTPA 204 No Content

Data Downloaded from Websites

• Usage restrictions are sent along with the data• Smart clients help the user with proper (re)-

usage

Data Downloaded from WebsitesHEAD Alice’s PhotoIntentions: No-Commercial

Usage Restrictions: No Ownership Transfer

GET Alice’s PhotoIntentions: No-Commercial, No Ownership Transfer

HTTPA 200 OKUsage Aware Log: Log URI

Do Not Track

• Users can accept cookies or reject them when dealing with certain websites

• Usage restrictions are applied to the data collected on users and NOT on the data transferred from the website

Do Not Track: Accepting Cookies (I)

HEAD /index.html

HTTPA 200 OKCookie1, Cookie2,…

GET /index.htmlIntentions: No-Commercial, No-Employment

HTTPA 200 OKCookie1, Cookie2,…Data Content

GET /index.htmlCookie1, Cookie2,…

Do Not Track: Accepting Cookies (II)

HEAD /index.htmlUsage Restrictions: No-Cookies

HTTPA 412 Precondition FailedIntentions: Cookies?

GET /index.htmlIntentions: No-Commercial, No-Employment

HTTPA 200 OKCookie1, Cookie2,…Data Content

GET /index.htmlCookie1, Cookie2,…

Do Not Track: Not Accepting Cookies (I)

HEAD /index.html

HTTPA 200 OKCookie1, Cookie2,…

GET /index.htmlNegotiate: No-cookies, No-Commercial, No-Employment

HTTPA 200 OKData Content

Do Not Track: Not Accepting Cookies (II)

HEAD /index.htmlIntentions: No-Cookies

HTTPA 200 OKData Content

Protocol Components Contd.

Provenance Trackers

• Trusted intermediary– Determination of trust:• Based on hierarchy• Other means of trust to be

investigated

• Stores the accountability logs• Mechanism of communication within the

Provenance Tracker Network TBD

Logging

• Accountability Logs– Available at the Provenance Trackers– Contains the details of the HTTPA transaction– Encrypted– Can only be read by protocol components

• Usage Aware Logs– Available at the Smart Client– Guides the Smart Client on reuse

• Data Provenance Logs– Available at the Smart Client– Keeps track of the subsequent modifications

Accountability Checking

• User can ‘complain’ about violations via the smart client

• Smart client requests for a provenance trail from the provenance tracker network

• Provenance Trackers communicate with each other and provides a proof with:– URIs of subsequent derivatives– Usage restrictions attached at each

reuse/modification/transmission– Identity of the violator

Related Work

P3P

Source: http://www.w3.org/P3P/brochure.html

Project DReaM

• DRM everywhere/available• Plans on providing an interoperable DRM

architecture• Interface allows to assert fair use• Has an identity management focus

Timeline

Expected Contributions

• Development of a protocol that will change the way users access and use data on the web

• Evaluation of user behavior with smart clients that help them – improve decision making when disclosing private data– reuse content properly– find out who may have violated their usage restrictions

• Recommendations for future accountability research

Questions?