Abstract
During the past decade Online Social Networks (OSN) privacy has been thoroughly studied in many aspects. Some of these privacy related aspects are trust and credibility involving the OSN user-data conveyed by different relationships in the network. One of OSN major problems is that users expose their information in a manner thought to be relatively private, or even partially public, to unknown and possibly unwanted entities, such as adversaries, social bots, fake users, spammers or data-harvesters. That is one of the reasons OSN have become a major source of information for companies, different organizations and personal users, possibly misusing it for personal or business gain. Preventing this information leakage is the target of many OSN privacy models, such as Access Control, Relationship based models, Trust based models and many others. In this paper we suggest a new Role and Trust based Access Control model, denoted here as RTBAC, in which roles, that manifest different permissions, are assigned to the users connected to the Ego-node (the user sharing the information), and in addition, every user is evaluated trust wise by several criteria, such as total number of friends, age of user account, and friendship duration. These role and trust assessments provide more precise and viable information sharing decisions and enable better privacy control in the social network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sayaf, R., Clarke, D.: Access control models for online social networks. Social Network Engineering for Secure Web Data and Services, pp. 32–65 (2012)
Levy, S., Gudes, E., Gal-Oz, N.: Sharing-habits based privacy control in social networks. In: Ranise, S., Swarup, V. (eds.) DBSec 2016. LNCS, vol. 9766, pp. 217–232. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41483-6_16
Cheng, Y., Park, J., Sandhu, R.: An access control model for online social networks using user-to-user relationships. IEEE Trans. Dependable Secure Comput. 13(4), 424–436 (2016)
Gudes, E., Voloch, N.: An information-flow control model for online social networks based on user-attribute credibility and connection-strength factors. In: Dinur, I., Dolev, S., Lodha, S. (eds.) CSCML 2018. LNCS, vol. 10879, pp. 55–67. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94147-9_5
Patil, V.T., Shyamasundar, R.K.: Undoing of privacy policies on Facebook. In: Livraga, G., Zhu, S. (eds.) DBSec 2017. LNCS, vol. 10359, pp. 239–255. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61176-1_13
Ranjbar, A., Maheswaran, M.: Using community structure to control information sharing in online social networks. Comput. Commun. 41, 11–21 (2014)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)
Lavi, T., Gudes, E.: Trust-based dynamic RBAC. In: Proceedings of the 2nd International Conference on Information Systems Security and Privacy (ICISSP) 2016, pp. 317–324 (2016)
Anwar, M., Zhao, Z., Fong, P.W.: An Access Control Model for Facebook-Style Social Network Systems. University of Calgary, Calgary (2010)
Cheng, Y., Park, J., Sandhu, R.: Relationship-based access control for online social networks: beyond user-to-user relationships. In: 2012 International Conference on Privacy, Security, Risk and Trust (PASSAT), and 2012 International Conference on Social Computing (SocialCom), pp. 646–655. IEEE (2012)
Fong, P.W.: Relationship-based access control: protection model and policy language. In: Proceedings of the first ACM Conference on Data and Application Security and Privacy, pp. 191–202. ACM (2011)
Crampton, J., Sellwood, J.: Path conditions and principal matching: a new approach to access control. In: Proceedings of the 19th ACM Symposium on Access Control Models and Technologies, pp. 187–198. ACM (2014)
Kumar, A., Rathore, N.C.: Relationship strength based access control in online social networks. In: Satapathy, S.C., Das, S. (eds.) Proceedings of First International Conference on Information and Communication Technology for Intelligent Systems: Volume 2. SIST, vol. 51, pp. 197–206. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30927-9_20
Ali, B., Villegas, W., Maheswaran, M.: A trust based approach for protecting user data in social networks. In: Proceedings of the 2007 Conference of the Center for Advanced Studies on Collaborative Research, pp. 288–293. IBM Corp. (2007)
Wang, H., Sun, L.: Trust-involved access control in collaborative open social networks. In: 2010 4th International Conference on Network and System Security (NSS), pp. 239–246. IEEE (2010)
Misra, G., Such, J.M., Balogun, H.: IMPROVE-identifying minimal PROfile VEctors for similarity-based access control. In: Trustcom/BigDataSE/ISPA, 2016 IEEE, pp. 868–875. IEEE (2016)
Facebook help: roles. https://www.facebook.com/help/323502271070625/
Dunbar, R.I.: Do online social media cut through the constraints that limit the size of offline social networks? Roy. Soc. Open Sci. 3(1), 150292 (2016)
Zheng, X., Zeng, Z., Chen, Z., Yu, Y., Rong, C.: Detecting spammers on social networks. Neurocomputing 159, 27–34 (2015)
Benesty, J., Chen, J., Huang, Y., Cohen, I.: Pearson correlation coefficient. In: Cohen, I., Huang, Y., Chen, J., Benesty, J. (eds.) Noise Reduction in Speech Processing, pp. 1–4. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00296-0_5
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Voloch, N., Levy, P., Elmakies, M., Gudes, E. (2019). An Access Control Model for Data Security in Online Social Networks Based on Role and User Credibility. In: Dolev, S., Hendler, D., Lodha, S., Yung, M. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2019. Lecture Notes in Computer Science(), vol 11527. Springer, Cham. https://doi.org/10.1007/978-3-030-20951-3_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-20951-3_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-20950-6
Online ISBN: 978-3-030-20951-3
eBook Packages: Computer ScienceComputer Science (R0)