1. Field of the Invention
The present invention generally relates to network privacy. More specifically, the present invention relates to a method, system and program product for privately communicating web requests.
2. Background Art
As the use of networks such as the world wide web becomes more popular, network privacy is becoming an increasing concern. Specifically, many web users are frequently transmitting confidential information over the web in an effort to conduct a commercial transaction. Such information could include personal information such as the user's name and social security number as well as technical information such as the IP address of the user's computer. In many cases, much of the information transmitted with a web request to a web services provider is not needed to complete the transaction. For example, if a user is ordering an article of clothing, it may not be necessary for the web services provider (e.g., EDDIE BAUER) to know the user's IP address or social security number to complete the transaction. Including such information only increases the risk to the user.
These concerns are heightened when the web request is relayed through other systems en route to the web services provider. In particular, an emerging practice in web communication is to consult with a web services provider directory such as a Universal Description, Discovery and Integration (UDDI) Directory, which may be an XML registry for businesses and invocable Web Services listed on a network such as the Internet. The web services provider directory (hereinafter sometimes called a “provider directory”) may be compared with a “telephone” directory for businesses and service-providers to be listed by name, product, location or the web services they offer, but unlike a telephone directory may include the technical information needed to invoke computer-based Web Services programmatically, such as supported protocols (e.g., SOAP over HTTP), invocation style (e.g., remote procedure call) and parameters (e.g., a callback address to post further messages). The provider directory can resolve a web services request to a specific web services provider. However, communicating with a third party system such as a provider directory introduces additional privacy exposure into the system. Specifically, just like the web services provider ultimately receiving the web services request, any private information contained in the web services request is also exposed at the provider directory. This increases the probability that hackers can obtain the private information.
Even in cases where the information on a web services request—such as a customer name or delivery address—is legitimately needed by a recipient to perform a service, a further privacy concern arises. A third party eavesdropping on web traffic, or a malicious individual who obtains historical records of transactions performed by a web services provider or queries made to a provider directory, could learn a great deal about the individual making web services requests by analyzing a pattern of requests over time (if the requests contain sufficient personal identifying information to correlate one request with another). This problem becomes more acute if the third party or malicious individual obtains records from several web services providers and/or directories and is able to correlate personal identifying information across multiple sources.
“Data mining” involves piecing together numerous attributes about a person into a rather complete demographic profile of that person. This can include many items of precise personal data gleaned from various sources and cross-checked and correlated across those sources. Such “data mining” operations are today routinely conducted by credit card companies and others in order to target individuals for marketing purposes. The larger a body of data about a person that can be assembled for analysis, the more successful the data mining operation is likely to be in gleaning many particulars about that person.
As the emerging use of Web Services and provider directories promises to significantly increase the amount of personal information potentially available for data mining, the possibility that data mining could become even more intrusive raises privacy concerns to a new level. Even information not overtly revealed in individual web services requests could be inferred from a pattern of requests. For example, one could infer that a person suffers from a particular medical condition if the person queries a directory for a bookstore selling books about that medical condition, and then queries a directory for a pharmacy selling medicine for that condition. The resulting inference—whether accurate or inaccurate—could be used surreptitiously, without the individual's consent, to compromise his or her privacy, such as by denying medical insurance coverage or targeting the individual for unwanted advertising.
Heretofore, many attempts have been made to address privacy concerns over a network. To this extent, anonymizer products such as “anonymizer.com” attempt to conceal a user's IP identity by tunneling requests through a proxy to destination web servers. Although such products may help conceal the origin of the requests from the destination web servers, they still require that the proxy know, or have access to, such information. Thus, confidential information is still available, should a hacker compromise the proxy. In addition, many anonymizer products simply require the user to establish an ISP account without the usual identifying information (e.g., via anonymous money order, etc.). Such systems fail to protect data in transit or block the caller-id of the user's telephone number used for dial-up access to the network. Accordingly, the user's information is still exposed to great risk. Such systems do little to disguise the pattern of requests from which certain private personal information could be inferred.
Thus, individuals are rightfully concerned about protecting their privacy when surfing the Web, querying directories, and making Web Services requests, and new solutions are needed to these problems.
In view of the foregoing, there exists a need for a method, system and program product for privately communicating web requests. A need exists whereby identifying data in a web request is protected (e.g., encrypted and/or obscured) before leaving the user's system (client). Moreover, a need exists for a protected web services request to be randomly relayed to a privacy proxy through a set of echo peers. A further need exists for the privacy proxy to proxy the web services request (e.g., to a provider directory and/or an appropriate web services provider). Another need exists for a reply received from a web services provider to be protected by the privacy proxy, and then relayed back to the user in a secure fashion.