World Wide Web users expose information about their interests to many parties:
Users may disable cookies and refuse to give their real name in order to prevent Web services from filing their surfing behavior. In addition, there are anonymizer servers that retrieve specified URLs for the user, concealing all details about the user from the Web service.
But current anonymization techniques only address one side of the problem: concealing a Web surfer's identity from a remote service. Many organizations make use of automatic traffic filtering and analysis tools. These include general packet sniffing, dedicated E-mail filters, and Web browser cache and history file analyzers.2
Users can protect themselves by disabling caching and deleting history files. But since in larger organizations user data is often stored on network devices, tools may be conceived that analyze history files in real-time, access the surfed URLs, and retrieve the content. In the most widespread current browsers, there are no means of disabling history file logging. But even if there were, by imposing mandatory user profiles organizations could prevent users from reconfiguring their browsers. Since users usually don't bother to protect their privacy, it is desirable that they are lead to secure surfing by the Web services, i.e., the Web services provide secure surfing facilities and place links to these facilities on their Web pages.
The current paper doesn't try to suggest how browsers could be improved to provide more security, but takes the currently available browsers like Netscape 3.x/4.x and Microsoft 3.x/4.x/5.x as ``given fate''. Strategies and technologies that provide increased privacy rely on how these browsers handle caching, history logging, and secure connections.
The remainder of this paper is organized as follows: section two explains the requirements for the system that we propose. Section three presents the architecture, section four the implementation of a working prototype. Section five concludes this paper.