(IJCSIS) International Journal of Computer Science and Information Security,Vol. 7, No. 1, 2010
nations like EU countries, UK, US with ease which alreadyhave well defined privacy laws for the same. Overall, it is awin-win situation for everyone.III.
Unauthorized information transfer
Businesses frequently sell individuals’ private informationto other businesses w/o his explicit consent.
Individuals and organizations exploit the vulnerability of Web-based services to access classified information. Often,unauthorized access is the often of weak security.
Indirectly collecting information
Users can authorize organizations or businesses to collectsome of their private information. However, their privacy canbe implicitly violated if their information undergoes analysisprocesses that produce new knowledge about their personality,wealth, behavior, and so on. This draws conclusions andproduce new facts about the users’ shopping patterns, hobbies,or preferences. In aggressive marketing practices it cannegatively affect customers’ privacy.IV.
Legal Purpose of Signature
A signature authenticates by identifyingthe signer with the signed document. When done in adistinctive manner, the writing becomes attributableto the signer.
The act of signing a shows signer’scommitment and prevents inconsiderateengagements.
A signature expresses the signer's approvalor authorization of the writing, to have a legal effect.
Efficiency and logistics
: A signature imparts a senseof clarity and finality to the transaction and lessensinquires beyond scope of a document.
Advantages of using digital signatures:
The digital signature cannotbe forged, unless the signer’s private key iscompromised by some means. If compromised,signer can immediately report to Issuer for revocationand generation of new private & public key pair.
: The digital signature alsoidentifies the signed message, with better precisionthan paper signatures. Verification reveals anytampering, since the hash result comparison capturesany message identity breach
Creating a digital signature requiresthe signer to use his private key. It alerts signer thathe is making a transaction abiding with the legalconsequences.
With the help of Electronic DataInterchange, creation and verification processes arecapable of complete automation. Digital signaturesyield a high degree of assurance without addinggreatly to the resources required for processing.
: The likelihood of malfunction isfar less than the risk of undetected forgery oralteration on paper or using less secure techniques.V.
XML P3P Schema Format
The following XML P3P schema depicts the elementswhich play an important role in the traceability of the legalagreement. These element fields in electronic court serve as avital piece of evidence. Various <element ref=....> tags serve asreference XML templates enabling us to derive theircharacteristics.
a) XML Schema
<? xml version =”1.0” encoding =.8”<schematargetNamespace=”http://www.w3.org/TR/2001/NOTE-xmldsig-p3p-profile/proposed-legalp3p”<importnamespace="http://www.w3.org/XML/1998/namespace"schemaLocation="http://www.w3.org/2001/xml.xsd"/>
b) Proposed Extended Legal P3P XML Abstraction
<element ref="p3p: EXTENSION"><element ref="p3p: e-LEGAL-DICTIONARYREFERENCES"/><element name="REGULATORY POLICIES"><element name="Legal POLICY-REF"><element name=”legalp3p: regulations”><element ref="p3p: LEGALP3P"/><sequence><element name="DEFINED LAWS OF STATEJURIDSICATION"<element name="EXCLUDED CASES" " type="anyURI"<element name="INCLUDED CASES"type="legalp3p:element"/>
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 1, April 2010177http://sites.google.com/site/ijcsis/ISSN 1947-5500