Abstract
Online social networks (OSNs) have shown rapid growth in the past decade and are consistently growing at a high rate. OSNs provide an efficient way of performing online social interactions, data sharing, and multimedia communications with millions of internet users. Along with the advantages, OSNs also raise some security and privacy challenges. Currently, available sharing mechanisms can protect data associated with a single user but lack in protecting data associated with multiple users. Considering privacy issues related to multiparty online objects, this research proposes a collaborative sharing model that works on the principles of joint sharing to fulfill privacy needs of OSN users on shared objects. The proposed model follows multiparty authorizations, the socio-technical concepts of joint sharing, and joint-ownership policy enforcement mechanism. It also supports a fine-grained automated conflict resolution method for jointly owned objects. Formal verification of the proposed model is performed through Petri-nets, its semantics are validated through ontologies, while a third-party Facebook application is developed for proof of concept. The analysis of users’ response, performed through the technology acceptance model (TAM), reflects an 81% acceptance of the proposed joint sharing model.
Similar content being viewed by others
References
Abdulla, A.K., Bakiras, S.: HITC data privacy in online social networks with fine-grained access control. 123–134. https://doi.org/10.1145/3322431.3325104.
Ahmad, A., Whitworth, B., Zeshan, F., Bertino, E., Friedman, R.: Extending social networks with delegation. Computers & Security. 70, 546–564 (2017)
Ahmad, A., Whitworth, B., Zeshan, F., Janczewski, L., Ali, M., Chaudary, M.H., Friedman, R.: A relation-aware multiparty access control. Journal of Intelligent & Fuzzy Systems. 37(1), 227–239 (2019)
Ali, A., Habiba, U., Shibli, M.A.: Taxonomy of delegation model. In: 2015 12th international conference on information technology-new generations 2015, pp. 218-223. IEEE
Baek, S., Kim, S.: Trust-based access control model from sociological approach in dynamic online social network environment. Sci. World J. 2014, 1–8 (2014)
Barka, E., Sandhu, R.: Framework for role-based delegation models. In: proceedings 16th annual computer security applications conference (ACSAC'00) 2000, pp. 168-176. IEEE
Beato, F., Peeters, R.: Collaborative joint content sharing for online social networks. In: pervasive computing and communications workshops (PERCOM workshops), 2014 IEEE international conference on 2014, pp. 616-621. IEEE
Bechhofer, S., Van Harmelen, F., Hendler, J., Horrocks, I., McGuinness, D.L., Patel-Schneider, P.F., Stein, L.A.: OWL web ontology language reference. W3C recommendation 10(02) (2004)
Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A logical framework for reasoning about access control models. ACM Transactions on Information and System Security (TISSEC). 6(1), 71–127 (2003)
Bertino, E., Jabal, A.A., Calo, S., Verma, D., Williams, C.: The challenge of access control policies quality. J. Data and Information Quality. 10(2), 1–6 (2018). https://doi.org/10.1145/3209668
Bruns, G., Fong, P.W., Siahaan, I., Huth, M.: Relationship-based access control: its expression and enforcement through hybrid logic. In: proceedings of the second ACM conference on data and application security and privacy 2012, pp. 117-124. ACM
Carminati, B., Ferrari, E.: Collaborative access control in on-line social networks. In: collaborative computing: networking, applications and worksharing (CollaborateCom), 2011 7th international conference on 2011, pp. 231-240. IEEE
Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: Semantic web-based social network access control. Computers & security. 30(2), 108–115 (2011)
Castelfranchi, C., Falcone, R.: Towards a theory of delegation for agent-based systems. Robot. Auton. Syst. 24(3–4), 141–157 (1998)
Chadwick, D.W., Otenko, S., Nguyen, T.A.: Adding support to xacml for dynamic delegation of authority in multiple domains. In: IFIP international conference on communications and multimedia security 2006, pp. 67-86. Springer
Cheng, Y., Park, J., Sandhu, R.: Attribute-aware relationship-based access control for online social networks. In: IFIP Annual Conference on Data and Applications Security and Privacy 2014, pp. 292–306. Springer
Cheng, Y., Park, J., Sandhu, R.: An access control model for online social networks using user-to-user relationships. IEEE Transactions on Dependable and Secure Computing. 13(4), 424–436 (2016)
Crampton, J., Khambhammettu, H.: Delegation in role-based access control. In: European symposium on research in computer security 2006, pp. 174-191. Springer
Damen, S., den Hartog, J., Zannone, N.: CollAC: collaborative access control. In: collaboration technologies and systems (CTS), 2014 international conference on 2014, pp. 142-149. IEEE
Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS quarterly, 319–340 (1989)
Davis, F.D., Bagozzi, R.P., Warshaw, P.R.: User acceptance of computer technology: a comparison of two theoretical models. Manag. Sci. 35(8), 982–1003 (1989)
Facebook Data Policy. Facebook, Inc. https://web.facebook.com/policy.php (2020) Accessed September 2020
Facebook Statistics. Facebook, Inc. https://newsroom.fb.com/company-info/ (2020). Accessed September 2020
Fernández-López, M., Gómez-Pérez, A., Juristo, N.: Methontology: from Ontological Art towards Ontological Engineering. (1997)
Fogues, R.L., Murukanniah, P., Such, J.M., Espinosa, A., Garcia-Fornes, A., Singh, M.: Argumentation for Multi-Party Privacy Management. (2015)
Gefen, D., Straub, D.W.: The relative importance of perceived ease of use in IS adoption: a study of e-commerce adoption. J. Assoc. Inf. Syst. 1(1), 8 (2000)
Google Privacy Policy. Google, LLC. https://www.google.com/intl/en/policies/privacy/ (2020). Accessed September 2020
Haddadi, A.: Communication and cooperation in agent systems: A pragmatic theory, vol. 1056. Springer Science & Business Media, (1996)
Hu, H., Ahn, G.-J., Jorgensen, J.: Enabling collaborative data sharing in google+. In: global communications conference (GLOBECOM), 2012 IEEE 2012, pp. 720-725. IEEE
Hu, H., Ahn, G.-J., Jorgensen, J.: Multiparty access control for online social networks: model and mechanisms. IEEE Trans. Knowl. Data Eng. 25(7), 1614–1627 (2013)
Hu, D., Hu, C., Fan, Y., Wu, X.: oGBAC--A Group Based Access Control Framework for Information Sharing in Online Social Networks. IEEE Transactions on Dependable and Secure Computing. 1–1 (2018). https://doi.org/10.1109/TDSC.2018.2875697
Ilia, P., Polakis, I., Athanasopoulos, E., Maggi, F., Ioannidis, S.: Face/off: preventing privacy leakage from photos in social networks. In: proceedings of the 22nd ACM SIGSAC conference on computer and communications security 2015, pp. 781-792. ACM
Ilia, P., Carminati, B., Ferrari, E., Fragopoulou, P., Ioannidis, S.: SAMPAC: socially-aware collaborative multi-party access control. In: proceedings of the seventh ACM on conference on data and application security and privacy 2017, pp. 71-82. ACM
Jayaprabha, P., Jacob, K.P., Mathew, K.P.: Fuzzy-based multiparty privacy management in social media using modified elliptic curve cryptography. Soft Computing, 1–18 (2021)
Kekulluoglu, D., Kokciyan, N., Yolum, P.: Preserving privacy as social responsibility in online social networks. ACM Transactions on Internet Technology (TOIT). 18(4), 42 (2018)
Lee, C., Wang, W., Guo, Y.: A fine-grained multiparty access control model for photo sharing in OSNs. In: data science in cyberspace (DSC), IEEE international conference on 2016, pp. 440-445. IEEE
Li, M., Sun, X., Wang, H., Zhang, Y., Zhang, J.: Privacy-aware access control with trust management in web service. World Wide Web. 14(4), 407–430 (2011)
Li, F., Sun, Z., Li, A., Niu, B., Li, H., Cao, G.: HideMe: Privacy-Preserving Photo Sharing on Social Networks. In: IEEE INFOCOM 2019 - IEEE Conference on Computer Communications, 29 April-2 May 2019 2019, pp. 154–162
Liao, L., He, X., Zhang, H., Chua, T.-S.: Attributed social network embedding. IEEE Trans. Knowl. Data Eng. 30(12), 2257–2270 (2018)
Likert, R.: A technique for the measurement of attitudes. Arch. Psychol. (1932)
Murata, T.: Petri nets: properties, analysis and applications. Proc. IEEE. 77(4), 541–580 (1989)
Noy, N.F., McGuinness, D.L.: Ontology development 101: A guide to creating your first ontology. In. Stanford knowledge systems laboratory technical report KSL-01-05 and Stanford medical informatics technical report SMI-2001–0880, Stanford, CA, (2001)
Obar, J.A., Wildman, S.S.: Social media definition and the governance challenge-an introduction to the special issue. Telecommun. Policy. 39(9), 745–750 (2015)
Omanakuttan, S., Chatterjee, M.: Trust based access control for social networks (stbac). International Journal of Innovations in Engineering and Technology (IJIET), 325–331 (2013)
Pang, J., Zhang, Y.: A new access control scheme for Facebook-style social networks. Computers & Security. 54, 44–59 (2015)
Patsakis, C., Zigomitros, A., Papageorgiou, A., Solanas, A.: Privacy and security for multimedia content shared on OSNs: issues and countermeasures. Comput. J. 58(4), 518–535 (2015)
C. A. Petri, “Kommunikation mit Automaten.” Bonn: Insti- tut fur lnstrumentelle Mathematik, Schriften des IIM Nr. 3, 1962
Qiu, M., Gai, K., Thuraisingham, B., Tao, L., Zhao, H.: Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry. Futur. Gener. Comput. Syst. 80, 421–429 (2018)
Rajtmajer, S., Squicciarini, A., Griffin, C., Karumanchi, S., Tyagi, A.: Constrained social-energy minimization for multi-party sharing in online social networks. In: proceedings of the 2016 international conference on autonomous agents & multiagent systems 2016, pp. 680-688. International Foundation for Autonomous Agents and Multiagent Systems
Rathore, N.C., Tripathy, S.: Collaborative access control model for online social networks. In: advanced computing (IACC), 2016 IEEE 6th international conference on 2016, pp. 19-24. IEEE
Rathore, N.C., Tripathy, S.: A trust-based collaborative access control model with policy aggregation for online social networks. Soc. Netw. Anal. Min. 7(1), 7 (2017)
Reenskaug, T.M.H.: The Original MVC Reports. (1979)
Spitzer, A.L.: Joint tenancy with right of survivorship: a legacy from thirteenth century England. Tex. Tech L. Rev. 16, 629 (1985)
Such, J.M., Criado, N.: Adaptive conflict resolution mechanism for multi-party privacy management in social media. In: proceedings of the 13th workshop on privacy in the electronic society 2014, pp. 69-72. ACM
Such, J.M., Criado, N.: Resolving multi-party privacy conflicts in social media. IEEE Trans. Knowl. Data Eng. 28(7), 1851–1863 (2016)
Sun, W., Zhou, J., Zhu, S., Tang, Y.Y.: Robust privacy-preserving image sharing over online social networks (OSNs). ACM Transactions on Multimedia Computing, Communications, and Applications (TOMM). 14(1), 14 (2018)
Suntaxi-Oña, G., Varadharajan, V.: A comparative analysis of the social graph model and multiparty access control model for online social networks. International Journal of Future Computer and Communication. 4(5), 290–298 (2015)
Tapiador, A., Carrera, D., Salvachúa, J.: Tie-RBAC: an application of RBAC to Social Networks. arXiv preprint arXiv:1205.5720 (2012)
Wang, H., Sun, L.: Trust-involved access control in collaborative open social networks. In: 2010 fourth international conference on network and system security 2010, pp. 239-246. IEEE
Wang, F., Yang, C.: An approach for setting access control rule based on multi-party collaborative in online social networks. In: information science and technology (ICIST), 2013 international conference on 2013, pp. 580-585. IEEE
Whitworth, B., Ahmed, A.: Socio-technical system design. The Encyclopedia of Human-Computer Interaction, 2nd Ed. (2013)
Wood, D.J., Gray, B.: Toward a comprehensive theory of collaboration. J. Appl. Behav. Sci. 27(2), 139–162 (1991)
Xiao, Q., Tan, K.-L.: Peer-aware collaborative access control in social networks. In: collaborative computing: networking, applications and Worksharing (CollaborateCom), 2012 8th international conference on 2012, pp. 30-39. IEEE
Xu, K., Guo, Y., Guo, L., Fang, Y., Li, X.: My privacy my decision: control of photo sharing on online social networks. IEEE Transactions on Dependable and Secure Computing. 14(2), 199–210 (2017)
Xu, L., Jiang, C., He, N., Han, Z., Benslimane, A.: Trust-based collaborative privacy management in online social networks. IEEE Transactions on Information Forensics and Security. 14(1), 48–60 (2018)
Zahak, M., Alizadeh, M., Abbaspour, M.: Collaborative privacy management in P2P online social networks. In: information security and cryptology (ISCISC), 2015 12th international Iranian Society of Cryptology Conference on 2015, pp. 64-72. IEEE
Zhang, Z., Gupta, B.B.: Social media security and trustworthiness: overview and new direction. Futur. Gener. Comput. Syst. 86, 914–925 (2018)
Zhang, Z., Sun, R., Zhao, C., Wang, J., Chang, C.K., Gupta, B.B.: CyVOD: a novel trinity multimedia social network scheme. Multimed. Tools Appl. 76(18), 18513–18529 (2017)
Zhang, Z., Wen, J., Wang, X., Zhao, C.: A novel crowd evaluation method for security and trustworthiness of online social networks platforms based on signaling theory. Journal of computational science. 26, 468–477 (2018)
Zhu, Y., Hu, Z., Wang, H., Hu, H., Ahn, G.-J.: A collaborative framework for privacy protection in online social networks. In: 6th international conference on collaborative computing: networking, applications and Worksharing (CollaborateCom 2010) 2010, pp. 1-10. IEEE
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix
Appendix
Rights and permissions
About this article
Cite this article
Muhammad, T., Ahmad, A. A joint sharing approach for online privacy preservation. World Wide Web 24, 895–924 (2021). https://doi.org/10.1007/s11280-021-00876-5
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11280-021-00876-5