skip to main content
10.1145/2487788.2488032acmotherconferencesArticle/Chapter ViewAbstractPublication PagesthewebconfConference Proceedingsconference-collections
research-article

Preserving user privacy from third-party applications in online social networks

Published: 13 May 2013 Publication History

Abstract

Online social networks (OSNs) facilitate many third-party applications (TPAs) that offer users additional functionality and services. However, they also pose serious user privacy risk as current OSNs provide little control over disclosure of user data to TPAs. Addressing the privacy and security issues related to TPAs (and the underlying social networking platforms) requires solutions beyond a simple all-or-nothing strategy. In this paper, we outline an access control framework that provides users flexible controls over how TPAs can access user data and activities in OSNs while still retaining the functionality of TPAs. The proposed framework specifically allows TPAs to utilize some private data without actually transmitting this data to TPAs. Our approach determines access from TPAs based on user-specified policies in terms of relationships between the user and the application.

References

[1]
Facebook platform. http://developers.facebook.com/.
[2]
Opensocial. http://opensocial.org/.
[3]
P. Anthonysamy, A. Rashid, J. Walkerdine, P. Greenwood, and G. Larkou. Collaborative privacy management for third-party applications in online social networks. In Proceedings of the 1st Workshop on Privacy and Security in Online Social Media, 2012.
[4]
A. Besmer, H. R. Lipford, M. Shehab, and G. Cheek. Social applications: exploring a more secure framework. In Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS '09, 2009.
[5]
B. Carminati, E. Ferrari, and A. Perego. Enforcing access control in web-based social networks. ACM Trans. Inf. Syst. Secur., 13(1), 2009.
[6]
Y. Cheng, J. Park, and R. Sandhu. Relationship-based access control for online social networks: Beyond user-to-user relationships. In Proceddings of the 4th IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), 2012.
[7]
Y. Cheng, J. Park, and R. Sandhu. A user-to-user relationship-based access control model for online social networks. In Proceedings of the 26th IFIP Annual WG 11.3 Conference on Data and Application Security and Privacy (DBSec '12), 2012.
[8]
M. Egele, A. Moser, C. Kruegel, and E. Kirda. Pox: Protecting users from malicious facebook applications. Computer Communications, 35(12), 2012.
[9]
A. Felt and D. Evans. Privacy protection for social networking apis. In Proc. of Workshop on Web 2.0 Security and Privacy (W2SP '08), 2008.
[10]
P. W. Fong. Relationship-based access control: protection model and policy language. In Proceedings of the first ACM conference on Data and application security and privacy, 2011.
[11]
C. E. Gates. Access control requirements for web 2.0 security and privacy. In Proc. of Workshop on Web 2.0 Security and Privacy (W2SP '07), 2007.
[12]
M. M. Lucas and N. Borisov. Flybynight: mitigating the privacy risks of social networking. In Proceedings of the 7th ACM workshop on Privacy in the electronic society, WPES '08, 2008.
[13]
M. Shehab, A. Squicciarini, and G.-J. Ahn. Beyond user-to-user access control for online social networks. In L. Chen, M. Ryan, and G. Wang, editors, Information and Communications Security, volume 5308 of Lecture Notes in Computer Science. Springer Berlin / Heidelberg, 2008.
[14]
K. Singh, S. Bhola, and W. Lee. xbook: redesigning privacy control in social networking platforms. In Proceedings of the 18th conference on USENIX security symposium, SSYM'09, 2009.
[15]
B. Viswanath, E. Kiciman, and S. Saroiu. Keeping information safe from social networking apps. In Proceedings of the 2012 ACM Workshop on online social networks, WOSN '12, 2012.

Cited By

View all
  • (2024)A Deep Dive Into Cybersecurity Risk Assessment and Countermeasures in Online Social NetworksRisk Assessment and Countermeasures for Cybersecurity10.4018/979-8-3693-2691-6.ch001(1-19)Online publication date: 31-May-2024
  • (2024)An Evolutionary Game Theory-Based Cooperation Framework for Countering Privacy Inference AttacksIEEE Transactions on Computational Social Systems10.1109/TCSS.2024.335925411:3(4367-4384)Online publication date: Jun-2024
  • (2023)Attribute Inference Attacks in Online Multiplayer Video Games: A Case Study on DOTA2Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy10.1145/3577923.3583653(27-38)Online publication date: 24-Apr-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
WWW '13 Companion: Proceedings of the 22nd International Conference on World Wide Web
May 2013
1636 pages
ISBN:9781450320382
DOI:10.1145/2487788

Sponsors

  • NICBR: Nucleo de Informatcao e Coordenacao do Ponto BR
  • CGIBR: Comite Gestor da Internet no Brazil

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 May 2013

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. online social networks
  2. privacy
  3. social applications

Qualifiers

  • Research-article

Conference

WWW '13
Sponsor:
  • NICBR
  • CGIBR
WWW '13: 22nd International World Wide Web Conference
May 13 - 17, 2013
Rio de Janeiro, Brazil

Acceptance Rates

WWW '13 Companion Paper Acceptance Rate 831 of 1,250 submissions, 66%;
Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)22
  • Downloads (Last 6 weeks)0
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)A Deep Dive Into Cybersecurity Risk Assessment and Countermeasures in Online Social NetworksRisk Assessment and Countermeasures for Cybersecurity10.4018/979-8-3693-2691-6.ch001(1-19)Online publication date: 31-May-2024
  • (2024)An Evolutionary Game Theory-Based Cooperation Framework for Countering Privacy Inference AttacksIEEE Transactions on Computational Social Systems10.1109/TCSS.2024.335925411:3(4367-4384)Online publication date: Jun-2024
  • (2023)Attribute Inference Attacks in Online Multiplayer Video Games: A Case Study on DOTA2Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy10.1145/3577923.3583653(27-38)Online publication date: 24-Apr-2023
  • (2023)Ring signature-based blockchain for guaranteeing privacy preservation in online social networksMultimedia Tools and Applications10.1007/s11042-023-17413-383:16(47151-47174)Online publication date: 25-Oct-2023
  • (2022)Restricting data-leakage using fine-grained access control on OSN objectsInternational Journal of Information Security10.1007/s10207-022-00629-z22:1(93-106)Online publication date: 1-Nov-2022
  • (2022)Privacy in Online Social Networks: A Systematic Mapping Study and a Classification FrameworkDisease Control Through Social Network Surveillance10.1007/978-3-031-07869-9_6(109-131)Online publication date: 21-May-2022
  • (2022)Security and Privacy of Cloud-Based Online Online Social Media: A SurveySustainable Management of Manufacturing Systems in Industry 4.010.1007/978-3-030-90462-3_14(213-236)Online publication date: 1-Feb-2022
  • (2021)A Survey on Privacy Approaches for Social Networks2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom)10.1109/ISPA-BDCloud-SocialCom-SustainCom52081.2021.00204(1514-1521)Online publication date: Sep-2021
  • (2021)Activity Control Design Principles: Next Generation Access Control for Smart and Collaborative SystemsIEEE Access10.1109/ACCESS.2021.31262019(151004-151022)Online publication date: 2021
  • (2021)A Semantic-Based Strategy to Model Multimedia Social NetworksTransactions on Large-Scale Data- and Knowledge-Centered Systems XLVII10.1007/978-3-662-62919-2_2(29-50)Online publication date: 17-Jan-2021
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media