Abstract
Online social network (OSN) has become one of the primary means of interaction and digital information sharing among individuals. Preserving information privacy is indispensable in such applications as the shared information would be sensitive. The issue becomes more challenging due to participation of multiple parties on the same shared data. We propose an effective trust-based access control technique to allow or disallow the shared resources considering the authorization requirements of all the multiple parties. A logical representation of the proposed access control technique is prepared to analyze the privacy risk. To demonstrate feasibility of the proposed technique, a Facebook Canvas application has also been developed. The usability study of this application supports the call for such access control technique.
Similar content being viewed by others
Notes
User who actually could get access to d.
With \(h=1\), the access request function do not need Dijkstra’s Algorithm as the request just need to see the friend of the most trusted friend with the minimum trust level.
References
Abdessalem T, Dhia IB (2011) A reachability-based access control model for online social networks. In: Databases and social networks. DBSocial ’11. ACM, New York, pp 31–36
Besmer A, Heather RL (2010) Moving beyond untagging: photo privacy in a tagged world. In: Proceedings of the SIGCHI conference on human factors in computing systems. ACM, New York, pp 1563–1572
Carminati B, Ferrari E (2011) Collaborative access control in on-line social networks. In: 2011 7th International conference on collaborative computing: networking, applications and worksharing (CollaborateCom), pp 231–240
Carminati B, Ferrari E, Perego A (2006) Rule-based access control for social networks. In: On the move to meaningful Internet systems 2006: OTM 2006 workshops. Lecture Notes in Computer Science, vol 4278. Springer, Berlin, pp 1734–1744
Carminati B, Ferrari E, Perego A (2008) A decentralized security framework for web-based social networks. Int J Inf Secur Privacy (IJISP) 2(4):22–53
Carminati B, Ferrari E, Perego A (2009) Enforcing access control in web-based social networks. ACM Trans Inf Syst Secur 13(1):6–1638
Carminati B, Ferrari E, Heatherly R, Kantarcioglu M, Thuraisingham B (2011) Semantic web-based social network access control. Comput Secur 30(2–3):108–115
Cheng Y, Park J, Sandhu R (2012) Relationship-based access control for online social networks: beyond user-to-user relationships. In: 2012 International conference on social computing (SocialCom) and privacy, security, risk and trust (PASSAT), pp 646–655
Cheng Y, Park J, Sandhu R (2014) Attribute-aware relationship-based access control for online social networks. In: Data and applications security and privacy XXVIII. Lecture Notes in Computer Science, vol 8566. Springer, Berlin, pp 292–306
Dhia IB (2012) Access control in social networks: a reachability-based approach. In: Proceedings of the 2012 Joint EDBT/ICDT Workshops. ACM, New York, pp 227–232
Facebook, Facebook Data Policy (2015). www.facebook.com/about/privacy/
Fong P (2011) Relationship-based access control: protection model and policy language. In: Proceedings of the first ACM conference on data and application security and privacy. ACM, New York, pp 191–202
Gates CE (2007) Access control requirements for Web 2.0 security and privacy. In: Proceedings of workshop on Web 2.0 security & privacy (W2SP)
Gebser M, Kaminski R, König A, Schaub T (2011) Advances in gringo Series 3, pp 345–351
Gebser M, Kaufmann B, Schaub T (2012) Conflict-driven answer set solving: from theory to practice. Artif Intell 187–188:52–89
Gross R, Acquisti A (2005) Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on privacy in the electronic society. WPES ’05. ACM, New York, pp 71–80
Hoadley CM, Kilner PG (2005) Using technology to transform communities of practice into knowledge-building communities. SIGGROUP Bull 25(1):31–40
Hu H, Ahn G-J (2011) Multiparty authorization framework for data sharing in online social networks. In: Li Y (ed)Data and applications security and privacy XXV. Lecture Notes in Computer Science, vol 6818. Springer, Berlin, pp 29–43
Hu H, Ahn GJ, Jorgensen J (2013) Multiparty access control for online social networks: model and mechanisms. IEEE Trans Knowl Data Eng 25(7):1614–1627
Kruk SR, Grzonkowski S, Gzella A, Woroniecki T, Choi H-C (2006) The Semantic Web—Aswc 2006: First Asian Semantic Web Conference, Beijing, China, 3–7 September 2006. In: Mizoguchi R, Shi Z, Giunchiglia F (eds) Proceedings, D-FOAF: distributed identity management with access rights delegation. Springer, Berlin, pp 140–154
Lifschitz V (2008) What is answer set programming?. In: Proceedings of the twenty-third AAAI conference on artificial intelligence, AAAI 2008, Chicago, Illinois, USA, 13–17 July 2008, pp 1594–1597
Mcauley J, Leskovec J (2014) Discovering social circles in ego networks. ACM Trans Knowl Discov Data 8(1):4–1428
Milgram S (1967) The small world problem. Psychol Today 2:60–67
Morrison K (2014) The growth of social media: from passing trend to international obsession. http://www.adweek.com/socialtimes/the-growth-of-social-media-from-trend-to-obsession-infographic/142323
Pang J, Zhang Y (2013) A new access control scheme for Facebook-style social networks. CoRR abs/1304.2504
Pew Research Center (2010) Pew Research Center: global publics embrace social networking. Pew Research Center, 2010. http://pewglobal.org/2010/12/15/global-publics-embrace-social-networking
Rathore NC, Tripathy S (2016) Collaborative access control mechanism for online social networks. In: Advanced computing—6th IEEE international conference, IACC 2016, Bhimavaram, A.P. India, 27–28 February 2016, Proceedings, pp 19–24
Rathore NC, Tripathy S, Chandra J (2015) Predicting user visibility in online social networks using local connectivity properties. In: Distributed computing and Internet technology—11th international conference, ICDCIT 2015, Bhubaneswar, India, 5–8 February 2015. Proceedings, 2015, pp 419–430
Rathore NC, Shaw P, Tripathy S (2016) Collaborative access control mechanism for online social networks. In: Distributed computing and Internet technology—12th international conference, ICDCIT 2016, Bhubaneswar, India, 15–18 January 2016, Proceedings, pp 142–147
SBRI (2015a) Statistics Brain Research Institute: Facebook Statistics, 2015. http://www.statisticbrain.com/facebook-statistics
SBRI (2015b) Statistics Brain Research Institute: Social Networking Statistics, 2015. http://www.statisticbrain.com/social-networking-statistics/
Shehab M, Cheek G, Touati H, Squicciarini AC, Cheng PC (2010) Learning based access control in online social networks. In: Proceedings of the 19th international conference on World Wide Web. ACM, New York, pp 1179–1180
Squicciarini AC, Shehab M, Paci F (2009) Collective privacy management in social networks. In: Proceedings of the 18th international conference on World Wide Web. WWW ’09. ACM, New York, pp 521–530
White J, Park J, Kamhoua C (2014) Kwiat K (2014) Social network attack simulation with honeytokens. Soc Netw Anal Min 4(1):1–4
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Rathore, N.C., Tripathy, S. A trust-based collaborative access control model with policy aggregation for online social networks. Soc. Netw. Anal. Min. 7, 7 (2017). https://doi.org/10.1007/s13278-017-0425-6
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s13278-017-0425-6