To provide better privacy it is essential that the whole process is completely transparent for users. Therefore, our approach has to avoid the installation of a separate tool for clients. A standard Web browser should be sufficient. The only requirements for browsers are that they are able to open secure connections and accept certificates used by the servers.
The resulting system will be used in a commercial environment, consisting of standard software like Web servers, application servers and databases. The changes that are needed to employ this system in an existing environment have to be small. In our approach, we only add functionality to an existing Web server without any further changes to other server side applications.
Furthermore, the service the system provides has to be fast. It is possible to use this service for many parts of a web site or even the whole site. If this service proves to be the bottleneck for high performance it is very likely that it won't be deployed.
With the existence of dedicated tools that filter and analyze the surf behavior of users, it is important that the technology presented in this paper is ``sufficiently'' secure. The authors don't recommend using this service exclusively in an environment with very high security requirements because of possible vulnerabilities of the underlying encryption technology. But, as mentioned earlier, it has to be impractical to log all activities of users surfing on a web site enhanced with this technology.