International Journal of Engineering Trends and Technology (IJETT) – Volume 21 Number 7 – March 2015
An Approach Of Collabrative Access Control To
Online Social Network
Mr. Sandip Sharad Shirgave. #1,Prof. Subhash V. Pingale. #2,
#
Department Of Computer Engineering
SKN Sinhgad College of Engineering
Korti, Pandharpur,India-413 304
Abstract—Online social networks (OSNs) have experienced
tremendous growth in recent years and become a de facto portal
for hundreds of millions of Internet users. These OSNs offer
attractive means for digital social interactions and information
sharing, but also raise a number of security and privacy issues.
While OSNs allow users to restrict access to shared data, they
currently do not provide any mechanism to enforce privacy
concerns over data associated with multiple users. To this end, we
propose an approach to enable the protection of shared data
associated with multiple users in OSNs. We formulate an access
control model to capture the essence of multiparty authorization
requirements, along with a multiparty policy specification
scheme and a policy enforcement mechanism.
Keywords—component; formatting; style; styling; insert (key
words) social, security model, policy specification and management
I.
INTRODUCTION
ONLINE social networks (OSNs) such as Facebook,
Google plus, and Twitter are inherently designed to enable
people to share personal and public information and make
social connections with our friends, coworkers which works
with us in company, college friends , family members, and
even with unknown persons. In recent years, we have seen
unprecedented growth in the application of Online social
network, such as, Facebook is one of best social network site, it
says that it has more than 800 million online real users and
more than 30 billion pieces of content and information like web
links, news, written blogs, documented notes, photos, and so on
shared each month. To protect online social networks user data,
access control has become a central feature of online social
network.
A typical OSN provides each user with a virtual space
containing profile information, a list of all online social user’s
friends list, and Web contents, such as status in the Facebook
wall, where user and their friends can post and send the
messages. A online users profile normally contains the user’s
personal information like address, email id, mobile number,
hobbies. In addition, online users upload contents into their
own or others wall and also tag other online users who appear
in the information or content. Every tag is an correct reference
that links to a user’s wall. For the protection of online user’s
information, need a system which secures the online users
social data.
OSNs currently provide simple access control
mechanisms allowing users to govern access to information
contained in their own spaces, users, unfortunately, have no
control over data residing outside their spaces. For example,
ISSN: 2231-5381
when a user uploads a photo and tags friends who appear in
the photo, the tagged friends cannot restrict who can see this
photo, even though the tagged friends may have different
privacy concerns about the photo. Because of this limitation
we are developing collaborative management for shared data
in OSNs, known as MPAC model.
II.
LITERATURE REVIEW
A. A Reachability Based Access Control Model for
Online Social Networks.
Author’s solution aims to support users when they wish to
restrict the visibility of their resources like data, photos, weblinks to a smaller subset of their contacts. In this paper, author
proposes a reachability based access control model that allows
users to express their privacy preferences as constraints on
existing links with other users. Experimental results verify the
effectiveness of our approach over real social networks
datasets.
In this paper, Author developed an access control model for
OSNs that enables a fine-grained description of privacy
policies. These policies are specified in terms of constraints on
the type, direction, depth of relationships and trust levels
between users, as well as on the user’s properties. This model
relies on a reachability- based approach, where a subject
requesting to access an object must satisfy policies determined
by the object owner.
B. A New Access Control Scheme for Facebook-style
Social Net- works..
The popularity of online social networks like Facebook,
linked in and my space and so on makes the protection of
users’ private information an important but scientifically big
problem. In the literature of relationship-based access control
schemes, author has been proposed to address this problem.
However, with the fastest developments of social networks, we
identify new access control requirements which cannot be fully
captured by the current schemes.
In this paper, Author focus on public information in social
networks and treat it as a new dimension which users can use
to regulate access to their resources. Author defines a new
social network model containing users and their relationships
as well as public information. Based on the model, author
introduces a variant of hybrid logic for formulating access
control policies. In addition, author exploit a type of category
http://www.ijettjournal.org
Page 352
International Journal of Engineering Trends and Technology (IJETT) – Volume 21 Number 7 – March 2015
relations among public information to further improve our
logic for its usage in practice.
In this paper, author first identified a new type of access
control policies that are meaningful but have never been
addressed in the literature. Namely, users in social networks
can express access control requirements not only based on their
social relations, but also on their connections through public
information. Then author de- fined a social network model
containing users and public information. Based on this model,
author proposed hybrid logic to define access control policies.
Author gave a number of policies based on public information
and formulated them precisely in our proposed logic. In
addition, authors have used category relations among public
information to extend our logic and make it more practical.
C. Relationship-based Access Control for Online Social
Networks: Beyond User-to-User Relationships
In this paper, author develops a relationship-based access
control model for OSNs that incorporates not only U2U
relationships but also user-to-resource (U2R) and resource-to
resource (R2R) relationships. Furthermore, while most access
control proposals for OSNs only focus on controlling users
normal usage activities, author’s model also captures controls
on user’s administrative activities. Authorization policies are
defined in terms of patterns of relationship paths on social
graph and the hop count limits of these paths. The proposed
policy specification language features hop count skipping of
resource related relationships, allowing more flexibility and
expressive power. Author also provides simple specifications
of conflict resolution policies to resolve possible conflicts
among authorization policies.
III.
METHODOLOGY
The architecture of MController application, which is
divided into two major parts social network server and
application server. The social network server provides an entry
via the online social network application page, and provides
references to pictures, friendships of users with others, and give
data through API calls. Online social network server takes
inputs from online social network users, and then forwards
them to the online social networks application server. The
online social networks application server is responsible for the
input processing and multiparty management of shared
information. Information related to user data such as email id,
date of birth, mobile number are stored in the application
database. Online social network Users can access the
MController application through online social network. When
access requests are made to the decision-making portion in the
application server, results are re- turned in the form of access to
photos or proper information about access to photos.
In addition, when privacy changes are made, the decision
making portion re- turns change-impact information to the
interface to alert the main user. Moreover, analysis services in
MController application are provided by implementing an
answer set programming (ASP) translator, which
communicates with an answer set programming (ASP)
reasoner. Online users can leverage the analysis services to
perform complicated authorization queries.
A core component of MController is the decision-making
part of application, which processes access requests and returns
responses which may be either permit or deny for the requests.
To evaluate an access request, the policies of every controller
of the final targeted content are enforced first to generate a
decision for the controller. Then, the decisions from all
controllers are aggregated to yield a final decision as the
response of the request. Collaborative privacy conflicts are
resolved based on the configured conflict resolution
mechanism when aggregating the decisions of controllers. If
the owner of the data or owner of information chooses
automatic conflict resolution, the aggregated final sensitivity
value is utilized as a threshold for decision making. Otherwise,
Collaborative privacy conflicts are resolved by applying the
strategy selected by the owner, and the aggregated is
considered as a recommendation for strategy selection.
According to the access requests to disseminated content, the
final and last decision is made by combining the disseminator’s
decision and original users (who uploaded the data) controller’s
decision accepting corresponding combination strategy
discussed previously.
MPAC Model
An Online social network can be represented by a
relationship network between different users, a set of online
user groups, and a different collection of user data. The
relationship network of an Online social network is a directed
labeled graph, where each node of directed graph denotes a
user and each edge of directed graph represents a relationship
between two online users. Multiparty access control (MPAC)
includes different controllers, owner, contributor, stakeholder,
and disseminator.
MPAC Controllers
• Definition 1 (Owner). Let S be a data item in the space of
a user u in the online social network. The online user u is called
the owner of S.
• Definition 2 (Contributor). Let S be a data item published
by a user u in someone else's wall in the online social network.
The online user u is called the contributor of S.
• Definition 3 (Stakeholder). Let S be a data item in the
wall of a online user in the online social network. Let T be the
set of tagged online users associated with S. A online user u is
called a stakeholder of S, if u 2 T.
• Definition 4 (Disseminator). Let S be a data item shared
by online user u from someone else wall to his/her wall in the
online social network. The online user u is called a
disseminator of S.
Multiparty policy evaluation process
Figure 1: - Architecture of MController Application.
ISSN: 2231-5381
http://www.ijettjournal.org
Page 353
International Journal of Engineering Trends and Technology (IJETT) – Volume 21 Number 7 – March 2015
Figure 2:- Multiparty policy evaluation process.
IV.
CONCLUSION
In this paper, we have proposed a novel solution for
collaborative management of shared data in online social
network. A collaborative access control model was formulated,
along with a collaborative policy specification scheme and
corresponding policy evaluation method. An access control
model of our solution called collaborative Access Control
model has been discussed as well. For the part of future work,
we are planning to investigate more comprehensive privacy
conflict resolution approach and analysis services for
collaborative management of shared data in online social
network. Also, we would explore more criteria to evaluate the
features of our proposed collaborative access control model.
On the other side, we plan to systematically integrate the notion
of trust and reputation into our collaborative access control
model and investigate a comprehensive solution to cope with
collusion attacks for providing a robust collaborative access
control service in online social networks.
REFERENCES
[1] ”Multiparty Access Control for Online Social Networks:
Model and Mechanisms”Hongxin Hu, Member, IEEE, GailJoon Ahn, Senior Member, IEEE,and Jan Jorgensen.IEEE
TRANSACTIONS ON KNOWLEDGE AND DATA
ENGINEERING, VOL. 25, NO. 7, JULY 2013
[2] S. Kruk, S. Grzonkowski, A. Gzella, T.Woroniecki, and
H. Choi.D-FOAF: Distributed identity management with
access rights delegation”. The Se- mantic WebASWC 2006,
pages 140154, 2006
[3] B. Carminati, E. Ferrari, and A. Perego. Rule-based access
control for social networks. In On the Move to Meaningful
Internet Systems 2006: OTM 2006 Workshops, pages
17341744. Springer, 2006
[4] P. Fong, M. Anwar, and Z. Zhao. A privacy preservation
model for facebookstyle social network systems. In
Proceedings of the 14th Euro- pean conference on Research in
computer security, pages 303320. Springer- Verlag, 2009.
[5] E. Carrie. Access Control Requirements forWeb 2.0
Security and Privacy. In Proc. of Workshop on Web 2.0
Security and Privacy (W2SP). Citeseer, 2007.
[6] F. Paci. Collective privacy management in social
networks. In Proceedings of the 18th international conference
on World wide web, pages 521530. ACM,2009.
[7] B. Carminati and E. Ferrari. Collaborative access control
in online social networks. In Proceedings of the 7th
ISSN: 2231-5381
International Conference on Collabo- rative Computing:
Networking, Applications and Worksharing (CollaborateCom),pages 231240. IEEE, 2011
[8] W. Luo, Q. Xie, and U. Hengartner, “Facecloak: An
architecture for user privacy on social networking sites,” in
CSE (3). IEEE Computer Society, 2009, pp. 26–33.
[9] M. M. Lucas and N. Borisov, “flybynight: mitigating the
privacy risks of social networking,” in SOUPS,ser. ACM
International Conference Proceeding Series, L. F. Cranor, Ed.
ACM, 2009.
[10] R. Baden, A. Bender, N. Spring, B. Bhattacharjee, and D.
Starin, “Persona: an online social network with user-defined
privacy,” in SIGCOMM, P. Rodriguez, E. W. Biersack, K.
Papagiannaki, and L. Rizzo,Eds. ACM, 2009, pp. 135–146.
[11] B. Carminati, E. Ferrari, and A. Perego, “Private
relationships in social networks,” in ICDE Workshops.IEEE
Computer Society, 2007, pp. 163–171.
[12] S. Guha, K. Tang, and P. Francis, “Noyb: privacy in
online social networks,” Proceedings of the first workshop on
online social networks, pp. 49–54, 2008.
[13] B. Carminati and E. Ferrari, “Privacy-aware collaborative
access control in web-based social networks,” in DBSec,
ser. Lecture Notes in Computer Science, V. Atluri, Ed.,
vol. 5094. Springer, 2008, pp. 81–96.
[14] J. Domingo-Ferrer, “A public-key protocol for social
networks with private relationships,” in MDAI, ser.
Lecture Notes in Computer Science, V. Torra, Y.
Narukawa, and Y. Yoshida, Eds., vol. 4617.
Springer,2007, pp. 373–379.
[15] J. Domingo-Ferrer, A. Viejo, F. Seb´e, and ´U.
Gonz´alez-Nicol´as, “Privacy homomorphisms for social
networks with private relationships,” Computer
Networks, vol. 52, no. 15, pp. 3007–3016, 2008.
[16] S. D. C. di Vimercati, S. Foresti, S. Jajodia, S.
Paraboschi, G. Pelosi, and P. Samarati, “Preserving
confidentiality of security policies in data outsourcing,” in
WPES, 2008, pp. 75–84.
[17] K. B. Frikken and P. Srinnivas, “Key allocation schemes
for private social networks,” in Proceedings of the 8th
ACM workshop on Privacy in the electronic society,
2009, pp. 11–20.
[18] B. Carminati, E. Ferrari, and A. Perego, “Rule-based
access control for social networks,” in OTM
Workshops(2), ser. Lecture Notes in Computer Science,
R. Meersman, Z. Tari, and P. Herrero, Eds., vol. 4278.
Springer, 2006, pp. 1734–1744.
[19] V. Goyal, O. Pandey, A. Sahai, and B.Waters, “Attributebased encryption for fine-grained access control of
encrypted data,” in ACM Conference on Computer and
Communications Security, 2006, pp. 89–98.
[20] B. Carminati, E. Ferrari, and A. Perego, “Enforcing
access control in web-based social networks,” ACM
Trans. Inf. Syst. Secur., vol. 13, no. 1, 2009.
[21] M. J. Atallah, M. Blanton, N. Fazio, and K. B. Frikken,
“Dynamic and efficient key management for access
hierarchies,” ACM Trans. Inf. Syst. Secur., vol. 12, no. 3,
2009.
[22] G. Ateniese, A. D. Santis, A. L. Ferrara, and B. Masucci,
“Provably-secure time-bound hierarchical key assignment
schemes,” in ACM Conference on Computer and
Communications Security, A. Juels, R. N. Wright, and S.
D. C. di Vimercati, Eds. ACM, 2006, pp. 288–297.
[23] A. Tootoonchian, S. Saroiu, Y. Ganjali, and A. Wolman,
“Lockr: Better privacy for social networks,” in In Proc. of
the 5th coNEXT, 2009.
[24] M. M. Lucas and N. Borisov, “Flybynight: mitigating the
privacy risks of social networking,” in WPES,V. Atluri and M.
Winslett, Eds. ACM, 2008, pp. 1–8.
http://www.ijettjournal.org
Page 354