ABSTRACT:
Online social networks (OSNs) have experienced
tremendous growth in recent
years and become a de facto portal for hundreds of millions of Internet users.
These OSNs offer attractive means for digital social interactions and
information sharing, but also raise a number of security and privacy issues.
While OSNs allow users to restrict access to shared data, they currently do not
provide any mechanism to enforce privacy concerns over data associated with
multiple users. To this end, we propose an approach to enable the protection of
shared data associated with multiple users in OSNs. We formulate an access
control model to capture the essence of multiparty authorization requirements,
along with a multiparty policy specification scheme and a policy enforcement
mechanism. Besides, we present a logical representation of our access control
model which allows us to leverage the features of existing logic solvers to
perform various analysis tasks on our model. We also discuss a proof-of-
concept prototype of our approach as part of an application in Facebook and
provide usability study and system evaluation of our method.
years and become a de facto portal for hundreds of millions of Internet users.
These OSNs offer attractive means for digital social interactions and
information sharing, but also raise a number of security and privacy issues.
While OSNs allow users to restrict access to shared data, they currently do not
provide any mechanism to enforce privacy concerns over data associated with
multiple users. To this end, we propose an approach to enable the protection of
shared data associated with multiple users in OSNs. We formulate an access
control model to capture the essence of multiparty authorization requirements,
along with a multiparty policy specification scheme and a policy enforcement
mechanism. Besides, we present a logical representation of our access control
model which allows us to leverage the features of existing logic solvers to
perform various analysis tasks on our model. We also discuss a proof-of-
concept prototype of our approach as part of an application in Facebook and
provide usability study and system evaluation of our method.
No comments:
Post a Comment