• Web Site Privacy with P3P

    by  • August 20, 2009 • S-Z

    Rating: four

    The Bottom Line

    Web Site Privacy with P3P is a great introduction to the Platform for Privacy Preferences Project (P3P) written by experts who have helped shape the policy. XML code definition is included as well.
    Pros
    • Introduction to Platform for Privacy Preferences
    • Syntax and examples to code P3P
    • Style is easy to read and follow
    Cons
    • Good overview, but just scratches the surface

    Description

    • The first book to actually show developers HOW to write code to create a P3P compliant web site
    • The style of following fictional characters helps the reader put the issues in perspective
    • Illustrates that what some consider a “feature” others consider a violation of privacy
    • Good information on spam, cookies, log files and web bugs to help readers understand these terms

    Review: Web Site Privacy With P3P

    I may think that having Amazon.com remember who I am and welcoming me to the site each visit along with a history of past purchases and recommendations of similar or related books I might be interested in is a GREAT feature.You may think that having Amazon.com record and retain information on you in order to provide this “feature” is a serious breach of your personal privacy and security.

    The Platform for Privacy Preferences Project (P3P) represents an emerging standard developed by the World Wide Web Consortium (W3C) to help automate privacy settings on web sites to accommodate both points of view.

    The Lindskog’s provide a fabulous introduction to P3P including XML tags and syntax to help developers create P3P compliant web sites.

    Buy it here: Web Site Privacy with P3P

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com