International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013
Prevention of an Attack Scenario from Fake
Identity in Online Social Networks in Multiparty
Access Control
S. Sri Harshini #1, Prof C.Rajendra *2
1#
2
M.Tech 2nd year, Dept of CSE, ASCET, GUDUR, AP, India
Professor & Head, Dept of CSE, ASCET, GUDUR, AP, India
Abstract— In recent years people go for online social networks
(OSNs) to share their personal information using popular social
networking sites like Facebook, Myspace and Mylife. These
OSNs allow user to enforce privacy concerns over shared data
with single user only without providing any model and
mechanism to enforce privacy concerns over data associated with
multiple users. To overcome this we come across an approach [1]
to enable the protection of shared data associated with multiple
users by proposing a multiparty authorization framework that
allows collaborative management of shared data in OSNs.
Multiparty Access Control (MPAC) model is also formulated in
order to capture the essence of multiparty authorization
requirements. In this MPAC model some users collude with one
another so as to manipulate the final access control. This MPAC
gave raise to three issues (1) There is no fake identity in OSNs.(2)
All users tagged are real users appeared in the photo. (3) All
controllers of the photo are honest to specify their privacy
preferences [1]. To overcome these issues we utilize a
collaborative Face Recognition (FR) framework [9].in to OSNs.
We also demonstrate a proof-of-concept prototype as part of an
application in Facebook.
Keywords— Online Social Network, Multiparty Access Control,
Collaboration, Face Annotation, Face Recognition, Personal
Photos, Social Context.
I. INTRODUCTION
Now a day’s OSNs like Facebook, Myspace and Mylifeare in
born designed to permit individuals to share their personal and
public information and even have social connections with our
friends, coworkers, family and conjointly with strangers [3].
Therefore Access management has become a central feature of
OSNs [2, 4].Even though OSNs presently give straightforward
access management techniques permitting users to regulate
access to info contained in their own areas. Users, by
unhealthy luck don't have any management on information
existing outside their areas.
In this paper we have a tendency to pursue a scientific answer
to facilitate cooperative management of shared knowledge in
OSNs. Therefore we have a tendency to propose a multiparty
authorization framework (MAF) to model and understand
multiparty access control (MPAC) model in OSNs. We have a
tendency to begin by examining however the dearth of
multiparty access control model for shared knowledge in
ISSN: 2231-5381
OSNs will undermine the protection of user knowledge. A
multiparty authorization model is developed to capture the
core options of multiparty authorization needs that haven't to
date accommodated by existing access management systems
and models for OSNs (e.g., [7, 8, 12, 14]). Meanwhile, as
conflicts inevitable in multiparty authorization specification
and social control, systematic conflict resolution mechanism is
additionally self-addressed to deal with authorization and
privacy conflicts in our framework. In this MPAC model users
collude with one another in order to manipulate final access
control decision. Consider a collusion attack, in which a set of
poisonous users may want to make a shared photo available to
a wider audience. Suppose they can access the photo and they
can all tag themselves or fake their identities to that photo.
With this large number of colluding users that photo may be
exposed to those users who are not expected to get the access.
To prevent such an attack from existing we have to solve 3
main issues such as (1) there is no fake identity in OSNs. (2)
All users tagged are real users appeared in the photo. (3) All
controllers of the photo are honest to specify their privacy
preferences. To solve these issues we utilize a collaborative
Face Recognition (FR) framework in OSNs for effective
management of personal photos in OSNs.
The remainder of the paper is organized as follows. In
Section two provides pair of quick summary of connected
work. We have a tendency to gift multiparty authorization
needs for OSNs. We have a tendency to articulate our
projected multiparty authorization model, together with
multiparty authorization specification and multiparty policy
analysis in Section three. In Section four Overview of
collaborative Face Recognition (FR) framework. In Section
five implementation details and experimental results are
delineated. Section six concludes this paper.
II.RELATED WORK
Several access management models for OSNs are
introduced (e.g., [7, 8, 12, and 14]). Previous access
management solutions for OSNs introduced trust-based access
management galvanized by the developments of trust and
name computation in OSNs. The D-FOAF system [13] is
primarily a follower of a follower (FOAF) ontology-based
http://www.ijettjournal.org
Page 3721
International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013
distributed identity management system for OSNs, wherever
relationships are related to a trust level, that indicates the
extent of friendly relationship between the users collaborating
in an exceedingly given relationship introduced a
conceptually-similar however a lot of comprehensive trustbased access management model.
III. MULTIPARTY AUTHORIZATION FOR OSNS:This model permits the specification of access rules
for on-line resources, wherever licensed users are denoted in
terms of the connection kind, depth, and trust level between
users in OSNs. They additional had given a semidecentralized discretionary access management model and a
connected social control mechanism for controlled sharing of
data in OSNs [8]. Fong et al. [12] projected Associate in an
access management model that formalizes and generalizes the
access management mechanism enforced in Facebook,
admitting arbitrary policy vocabularies that are supported
theoretical graph properties. Gates delineated relationshipbased access management united of recent security paradigms
that addresses distinctive needs of internet a pair of 2.0 Then,
Fong [11] recently developed this paradigm known as a
Relationship-Based Access management (ReBAC) model that
bases authorization selections on the relationships between the
resource owner and therefore the resource accessor in
Associate in an OSN. However, none of those existing work
might model and analyze access management needs with
relation to cooperative authorization management of shared
knowledge in OSNs.
The requirement of joint management for knowledge
sharing, particularly photo sharing, in OSNs has been
recognized by the recent work [5,15].The nearest work to the
present paper is maybe the answer provided by ref [14] for
collective privacy management in OSNs. Different connected
work includes general conflict resolution mechanisms for
access management [11, 12,] and learn-based generation of
privacy policies for OSNs.
Fig: 1b.A shared content is published by a contributor
3.1 REQUIREMENTS
OSNs give intrinsic mechanisms for facultative
users to communicate and share data with different members.
OSN users will post statuses and notes, upload photos and
videos in their own spaces, and tag others to their contents and
share the contents with their friends. On the opposite hand,
users may also post contents in their friends’ spaces. The
shared contents could also be connected with multiple users.
Take an example wherever a photo contains three users, Alice,
Bob and Carol. If Alice uploads it to her own space and tags
each Bob and Carol within the photo, we have a tendency to
decision Alice an owner of the photo, and Bob and Carol
stakeholders of the photo. All of those users could specify
access management policies over this a data. Figure 1(a)
depicts a data sharing state of affairs wherever the owner of a
data item shares the info item with different OSN members,
and therefore the data item has multiple stakeholders who may
additionally wish to involve within the management of
information sharing.
Figure 1(b) shows another data sharing scenario
wherever a contributor publishes an information item to
somebody else’s house and therefore the data item may
additionally have multiple stakeholders (e.g., labelled users).
All associated users should be allowed to outline access
management policies for the shared data item
3.2 MODELING SOCIAL NETWORKS
Fig 1a: A shared content has multiple stakeholders
ISSN: 2231-5381
An OSN are often diagrammatical by a relationship
network, a collection of user teams and a set of user data. The
link network of an OSN may be a directed labelled graph,
wherever every node denotes a user, and every edge
represents a relationship between users. The label related to
every edge indicates the kind of the link. Edge direction
denotes that the initial node of a grip establishes the link and
therefore the terminal node of the string accepts the link. The
quantity and sort of supported relationships believe the precise
OSNs and its functions. Besides, OSNs embody a very
important feature that enables users to be organized in teams,
wherever every cluster encompasses a distinctive name. This
feature permits users of an OSN to simply notice different
users with whom they may share specific interests (e.g., same
hobbies), demographic teams (e.g., finding out at an
http://www.ijettjournal.org
Page 3722
International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013
equivalent schools), political theory, and so on. Users will
take part teams without any approval from different cluster
members. Moreover, OSNs give every member with an online
house wherever users will store and manage their personal
data together with profile info, friend list and user content.
3.3 MULTIPARTY AUTHORIZATION SPECIFICATION
To change a cooperative authorization management of
information sharing in OSNs, it's essential for multiparty
access management policies to be in situ to control access
over shared data, representing authorization needs from
multiple associated users. Our policy specification theme is
constructed upon the above-named OSN model (Section
three.2). Recently, many access management schemes (e.g., [7,
11, and 12]) are projected to support fine-grained
authorization specifications for OSNs. Sadly, these schemes
will solely enable one manager (the resource owner) to
specify access control policies. Indeed, a versatile access
management mechanism in a very multi-user setting like
OSNs is important to permit multiple managers related to the
shared data item to specify access control policies. As we
have a tendency to mention in Section three.1, additionally to
the owner of information, different controllers, together with
the contributor, neutral and propagator of information,
conjointly need to control access to the shared data.
responding to the access request square measure aggregated to
create a final decision for the access request. Since those
controllers could generate totally different choices (permit and
deny) for the access request, conflicts could happens once
more. Figure 4 illustrates potential conflicts such as policy
conflict resolution in one party, conflict resolution for
disseminated data that are present throughout the analysis of
multiparty access management policies. So as to create
associate unambiguous final decision for every access request,
it's crucial to adopt a scientific conflict resolution mechanism
to resolve those known conflicts throughout multiparty policy
analysis.
IV. COLLABORATIVE FACE RECOGNITION
FRAMEWORK:-
3.4 MULTIPARTY POLICY ANALYSIS
In our projected multiparty authorization model,
every controller will specify a collection of policies, which
can contains each positive and negative policies, to control
access
of
the
shared
information.
.
Fig. 2. Multiparty Policy Evaluation
Item. Two steps should be performed to evaluate associate
access request over multiparty access management policies.
The primary step checks the access request against policies of
every controller and yields a choice for the controller.
Conveyance in each positive and negative policy within the
policy set of a controller raises potential policy conflicts.
Within the second step, decisions from all controllers
ISSN: 2231-5381
Figure 3.Proposed collaborative FR framework in an OSN.
(a)High-level visualization.
(b)Detailed visualization
The construction of our collaborative FRframework for a
particular OSN member further referred to as the current user
(“owner”). As shown in Fig. 6(a), the collaborative
FRframework for the current user (“owner”) is constructed
using M+1 differentFR engines: one FR engine belongs to the
current user (“owner)”,while M FR engines belong to M
different contacts of the current user(“owner”) it may be
contributor, stakeholder and disseminator. We assume that
photo collections and FR engines can be shared within the
collaborative FR framework. Here the current user is
considered to as owner of shared photos
Fig. 6(b) illustrates that our collaborative FR framework
consists of two parts: 1.selection of suitable FR engines and 2.
Merging of multiple FR results. For the selection of K suitable
FR engines out of M+1 FR engines, we construct a social
graph model (SGM) that represents the social relationships
between the different contacts considered.
4.1 SELECTION OF FR ENGINES BASED ON SOCIAL
GRAPH MODEL (SGM):In this we discusses about the selection of FR
engines based on construction of social graph model. A social
graph is represented by a weighted graph as below
http://www.ijettjournal.org
Page 3723
International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013
G = {N, E, W} (1)
In which N = { /m = 1,…..,M} U {
is a set of nodes
that is a combination of both current user (“owner”)
and
his/her contacts, E = { /m =1,….., M } is a set of edges
connecting the node of the current user (“owner”) and the
element of
and W represents the strength of the social
relationship connected with
.
To compute this
we estimate the identity occurrence and
the co-occurrence probabilities from all personal photo
collection by given formulas:
, for
, for
(2)
(3)
By using equations (2) and (3) we compute
as below
= exp (
+
(4)
Based on this
value to select the appropriate FR engines
for this we denote
contact of the current user as .
4.2 Merging face recognition (FR) results:The main purpose of merging these multiple FR engine results
taken from several FR engines is to improve the accuracy of
our face annotation which is caused by combining multiple
classifications decisions based on the identity of a query face
image calculated by using relevance score. For this we have 2
main different solutions for this merging for this we have a
common mathematical notation as
be a set having K
personalized FR engines. One solution is by fusion using a
Bayesian decision rule and the other one is by fusion using
Confidence-Based majority voting [17].
For both cases, the experimental results show that the policy
evaluation cost increased slightly with the increase of the
number of the controllers. Also, we can observe that
MController performs fast enough to handle even a large
number of controllers for collaboratively managing the shared
data. This manual input of the privacy preferences could be a
long and tedious task.
To overcome this we performed an experiment by
collecting all photos from the weblog of each volunteer who
are willing to participate and also all photos posted on the
weblogs of the contacts of each volunteer. As a result of this
we constructed a test bed for each volunteer which consists of
one photo collection that was acquired from the current user
(“owner”) and the photo collection of contacts of the current
user. Now all photos collected in each test bed are applied to
Viola-Jones face detection algorithm [18] and FERET
protocol [19] taking the center coordinates of eye by eye
detection algorithm [20] Based on this ground truth datasets
are arranged. Using these ground truth datasets we construct
corresponding sets of target and query face images in order to
evaluate the accuracy of face annotation of this collaborative
FR framework. Figure 6 shows how it works. Now we
construct an FR engine for that we assume that the current
user (“owner”) make use of a personalized FR engine based
on this we constructed several training sets which are in turn
used to construct several independent FR engines we selected
the 15 most frequently appearing subjects in each photo
collection always includes the owner of weblog. We merge
these FR engine results and tag the names in the personal
photo.
VI.CONCLUSION
V. PROTOTYPE IMPLEMENTATION AND ANALYSIS:-
Fig. 4.Performance of Policy
To evaluate the performance of the policy evaluation
mechanism in MController, we changed the number of the
controllers of a shared photo from 1 to 20. Also, we
considered two cases for our evaluation. In the first case, each
controller has only one positive policy. The second case
examines two policies (one positive policy and one negative
policy) of each controller. Figure 7 shows the policy
evaluation cost while changing the number of the controllers.
ISSN: 2231-5381
In this paper, we have a multiparty authorization
framework that helps in collaborative management of the data
shared in OSNs. We have given an analysis of multiparty
authorization requirements in OSNs, and also formulated a
multiparty access control model (MPAC). This access control
model is accompanied with a multiparty policy specification
scheme and corresponding policy evaluation mechanism.
OSNs allowing MPAC have come to realize three issues [1]
and in this paper we have shown ways to overcome these
issues by following a methodology of controlling the tagged
users to be part of the content by utilizing a collaborative Face
Recognition (FR) framework in OSNs. We also present a
proof of concept implementation of our approach called
MController and FR engines, which is a Facebook application,
along with implementation and performance analysis.
REFERENCES
[1] Multiparty Access Control for Online Social Networks: Model and
Mechanisms
[2] D.M. Boyd und N.B. Ellison. Social network sites: Definition, history, and
scholarship. Journal of Computer-Mediated Communication, 13(1):210–230,
2008.
http://www.ijettjournal.org
Page 3724
International Journal of Engineering Trends and Technology (IJETT) – Volume 4 Issue 9- Sep 2013
[3]http://en.mercopress.com/2011/06/14/facebook-preparing-for-publicoffering-company-value-over-100-billion-usd, 6 2011. Aufgerufen
28.6.2011.
am
[4] Myspace Privacy Policy,
http://www.myspace.com/index.cfm?fuseaction=misc.privacy/
[5] Besmer, A., Lipford, H.R.: Moving beyond untagging: photo privacy in a
tagged world. In Proceedings of the 28th International Conference on Human
Factors in Computing Systems, pp. 1563–1572. ACM, New York (2010)
[7] Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social
networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM2006Workshops.
LNCS, vol. 4278, pp. 1734– 1744. Springer, Heidelberg (2006)
[8] Carminati, B., Ferrari, E., Perego, A.: Enforcing access control in webbased social networks. ACM Transactions on Information and System
Security (TISSEC) 13(1), 1–38 (2009)
[9] Choi, J., DeNeve, W., Plataniotis, K., Ro, Y., Lee, S., Sohn, H., Yoo, H.,
Neve, W., Kim, C., Ro, Y., et al.: Collaborative Face Recognition for
Improved Face Annotation in Personal Photo Collections.
Shared on Online Social Networks. IEEE Transactions on Multimedia, 1–14
(2010)
[10] Fang, L., LeFevre, K.: Privacy wizards for social networking sites. In:
Proceedings of the 19th International Conference on World Wide Web, pp.
351–360. ACM, New York (2010)
[11] Fong, P.: Relationship-Based Access Control: Protection Model and
Policy Language. In: Proceedings of the First ACM Conference on Data and
Application Security and Privacy. ACM, New York (2011)
[12] Fong, P., Anwar, M., Zhao, Z.: A privacy preservation model for
facebook-style social network systems. In: Backes, M., Ning, P. (eds.)
ESORICS 2009. LNCS, vol. 5789, pp. 303– 320. Springer, Heidelberg (2009)
[13] Jin, J., Ahn, G.J., Hu, H., Covington, M.J., Zhang, X.: Patient-centric
authorization framework for electronic healthcare services. Computers &
Security 30(2-3), 116–127 (2011)
[14] Kruk, S., Grzonkowski, S., Gzella, A., Woroniecki, T., Choi, H.: DFOAF: Distributed identity management with access rights delegation. In:
Mizoguchi, R., Shi, Z.-Z., Giunchiglia, F. (eds.) ASWC 2006. LNCS, vol.
4185, pp. 140–154. Springer, Heidelberg (2006)
[15] Squicciarini, A., Shehab, M., Paci, F.: Collective privacy management in
social networks. In: Proceedings of the 18th International Conference on
World Wide Web, pp. 521–530. ACM, New York (2009)
[16] Wondracek, G., Holz, T., Kirda, E., Kruegel, C.: A practical attack to deanonymize social network users. In: 2010 IEEE Symposium on Security and
Privacy, pp. 223–238. IEEE, Los Alamitos (2010)
[17] J. Kittler, M. Hatef, R. P. W. Duin, and J. Matas, “On combining
classifiers,”
IEEE Trans. Pattern Anal. Mach. Intell., vol. 20, no. 3, pp.226–239, 1998.
[18] P. Viola and M. Jones, “Rapid object detection using a boosted cascade
of simple features,” in Proc. IEEE Int. Conf. CIVR, 2001.
[19] P. J. Phillips, H. Moon, S. A. Rizvi, and P. J. Rauss, “The
FERETevaluation methodology for face recognition algorithms,” IEEE Trans.
Pattern Anal. Mach. Intell., vol. 22, no. 10, pp. 1090–1104,
2000.
[20] P.Wang, M. B. Green, and Q. Ji, “Automatic eye detection and its
validation,”inProc. IEEE Int.Conf.Computer Vision and Pattern
RecognitionWorkshops, 2005.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 3725