IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212
International Journal of Research in Information Technology (IJRIT) www.ijrit.com
ISSN 2001-5569
A Sophisticated Mechanism to Manage Access Controls in Online Social Networks D. Kalyani #1, A.K. Puneeth Kumar *2 1#
Post-Graduate Student, Department of Computer Science and Engineering, SEAT, TIRUPATI, India
[email protected] 2*
Assistant Professor, Department of Computer Science and Engineering, SEAT, TIRUPATI, India
Abstract In recent years people go for online social networks (OSNs) to share their personal information using popular social networking sites like Facebook, Myspace and Mylife. These OSNs allow user to enforce privacy concerns over shared data with single user only without providing any model and mechanism to enforce privacy concerns over data associated with multiple users. To overcome this we come across an approach [1] to enable the protection of shared data associated with multiple users by proposing a multiparty authorization framework that allows collaborative management of shared data in OSNs. In OSNs, users manage their profile, interact with other users, and selforganize into different communities. Users profiles usually include information such as the user’s name, address, birthdate, contact information, emails, education, interests, photos, music, videos, blogs and many other attributes The explosive growth of private or sensitive user data that are readily available in OSNs has raised an urgent expectation for effective access control that can protect these data from unauthorized users in OSNs. This paper presents an access control model for the protection of shared data associated with multiple users in online social networks.
Keywords: Online Social Network, Multiparty Access Control, Collaboration, OSN, Privacy. I.
INTRODUCTION
Now a day’s OSNs like Face book, My space and My life are in born designed to permit individuals to share their personal and public information and even have social connections with our friends, coworkers, family and conjointly with strangers [3]. Therefore Access management has become a central feature of OSNs [2, 4].Even though OSNs presently give straightforward access management techniques permitting users to regulate access to info contained in their own areas. Users, by unhealthy luck don't have any management on information existing outside their areas. Full participation in OSNs requires users to register a (pseudo) identity with the network, though some sites do allow browsing public data without explicit sign-on. Users may volunteer information about themselves, for example their birthday, place of residence, interests, etc., all of which constitutes the user’s profile. The online social network itself is composed of links between users. Some sites allow users to link
D. Kalyani, IJRIT- 208
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212
to any other user, without consent from the link recipient, while other sites follow a two-phase procedure that only allows a link to be established when both parties agree. Certain sites, such as Flickr, have social networks with directed links- meaning a link from A to B does not imply the presence of a reverse link, whereas others, such as Orkut, have social networks with undirected links. Most sites also enable users to create special interest groups, which are akin to Usenet [2] newsgroups. Users can post messages to groups (visible to all group members) and even upload shared content to that group. Certain groups are moderated, and admission to the group is controlled by a single group administrator, while other groups are open for any member to join. All sites today require explicit group declaration by the users; users must manually create groups, appoint administrators (if necessary), and declare which groups they are a member of. Once an identity is built, users of content sharing sites can upload content onto their account. Many such online sites enable users to mark content as public (visible to anyone) or private (visible only to their immediate “friends”), and to tag content with labels. Many sites, such as YouTube, allow users to upload an unlimited amount of video content, while other sites, such as Flickr, require that users either pay a subscription fee or be subject to an upload limit. All of the content uploaded by a given user is listed in their user’s profile, allowing other users to browse through the social network to discover new content. Typically, the content is automatically indexed, and, if publicly available, made accessible though a textual search. An example is Flickr’s photo search, which allows the users to locate photos by searching based on tags and comments. II. RELATED WORK Relationship sharing is another characteristic of social networks which client contributes to associations through former members. For supervision and directions, associations may be based on confidence relations, other may be a freely association based on a general awareness, and finally may be dedicated to entirely socializing with associates within the workplace, may be based on the responsibilities of present job. Summary contribution is an interesting characteristic concerning several social networks towards holding up community submission through creators of third-party towards generating extra functionalities put up on the profile of user for social networks [8]. For maintaining the networks there should be a possibility for necessary function about network, and should maintain a balance between the completeness of being with in a network and the superiority of being an outsider. Social networks comprise a significant feature permitting consumer prearranged in assemblage and raise concerns concerning the fortification about confidentiality within the circumstance of increasing support of client. Each group contain an exceptional agreed name which permits customer of online social network towards effortlessly discovering former customer in distributing detailed comfort [1]. Several schemes of access control have been introduced to maintain specifications of fine-grained authorization intended for online social networks. By achieving systems of access control in addition to models for social networks, depiction of multiparty access is put together for confining interior description of the needs of mutual approval which were not up to the indication [11]. Several studies have examined the interface design to support user awareness of the privacy risks and algorithms for relationship-based access-control scheme. In [3], the authors presented a social-networkingbased access-control scheme for online information sharing by considering identities as key pairs and identifying the social relationship based on social attestations. Under this approach, a simple access-control list is employed to manage user access. A more sophisticated mechanism to manage access controls in [4], is rule- based and follows complex policies that are expressed as constraints on the type, depth, and trust level of existing relationships. This control methods is further extended by making access-control decisions completely decentralized and collaborative [5].
D. Kalyani, IJRIT- 209
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212
In [6], the authors introduced a conceptually-similar but more comprehensive trust-based access control model. This model allows the specification of access rules for online resources, where legitimate users are denoted in terms of the relationship type, depth, and trust level between users in OSNs. In [6,7], the authors proposed an access control model that formalizes and generalizes the access control mechanism implemented in Facebook, admitting arbitrary policy vocabularies that are based on theoretical graph properties. In [8], the authors described relationship-based access control as one of new security paradigms that addresses unique requirements of Web 2.0. In [9], the authors provided a solution for collective privacy management in OSNs. Their work considered access control policies of a data content that is co-owned by multiple users in an OSN, such that each co-owner may separately specify her/his own privacy preference for the shared content. III. PROPOSED METHODOLOGY 3.1 MULTIPARTY ACCESS CONTROL MODEL FOR OSNS A. Multi party Access Control Model A social network can be represented by a relationship network, a set of user groups and a collection of user data (Figure 1). The relationship network of a social network is a directed labeled graph, where each node denotes a user and each edge represents a relationship between two users. The label associated with each edge represents the type of the relationship. Edge direction denotes that the initial node of an edge establishes the relationship and the terminal node of the edge accepts that relationship. The number and type of supported relationships rely on the specific social network and its purposes. Social network should allow multiple controllers, who are associated with the shared data, to specify access control policies. In addition to the owner of data, other controllers, including the stakeholder, contributor and disseminator of data, need to regulate the access of the shared data as well.
Figure 1: An Example of Multiparty Social Network Representation
3.2 MULTIPARTY AUTHORIZATION SPECIFICATION To change a cooperative authorization management of information sharing in OSNs, it's essential for multiparty access management policies to be in situ to control access over shared data, representing authorization needs from multiple associated users. Our policy specification theme is constructed upon the
D. Kalyani, IJRIT- 210
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212
above-named OSN model (Section three.2). Recently, many access management schemes (e.g., [7, 11, and 12]) are projected to support fine-grained authorization specifications for OSNs. Sadly, these schemes will solely enable one manager (the resource owner) to specify access control policies. Indeed, a versatile access management mechanism in a very multi-user setting like OSNs is important to permit multiple managers related to the shared data item to specify access control policies. As we have a tendency to mention in Section three.1, additionally to the owner of information, different controllers, together with the contributor, neutral and propagator of information, conjointly need to control access to the shared data.
3.3 MULTIPARTY POLICY ANALYSIS In our projected multiparty authorization model, every controller will specify a collection of policies, which can contains each positive and negative policies, to control access of the shared information.
Fig. 2. Multiparty Policy Evaluation Two steps should be performed to evaluate associate access request over multiparty access management policies. The primary step checks the access request against policies of every controller and yields a choice for the controller. Conveyance in each positive and negative policy within the policy set of a controller raises potential policy conflicts. Within the second step, decisions from all controllers responding to the access request square measure aggregated to create a final decision for the access request. Since those controllers could generate totally different choices (permit and deny) for the access request, conflicts could happens once more. Figure 4 illustrates potential conflicts such as policy conflict resolution in one party, conflict resolution for disseminated data that are present throughout the analysis of multiparty access management policies. So as to create associate unambiguous final decision for every access request, it's crucial to adopt a scientific conflict resolution mechanism to resolve those known conflicts throughout multiparty policy analysis. IV.CONCLUSION Although social networks attempt to improve security and privacy, they have not achieved the complete or ideal access control mechanisms that users actually demand. In current social networks, individual users can choose different preferences, causing privacy conflicts in shared information that multiple users co- own. In this paper, we have proposed an optimal solution for collaborative management of shared data in OSNs. A multi- party access control model was formulated, along with a multi- party policy specification scheme and corresponding policy evaluation method. In addition, we have introduced
D. Kalyani, IJRIT- 211
IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212
an approach for representing and reasoning about our proposed method. A proof-of-concept implementation of our solution called “MController” has been discussed as well, followed by the usability study and system evaluation of our proposed method.
References [1].J. Choi, W. De Neve, K. Plataniotis, and Y. Rio. Collaborative face recognition for improved face annotation in personal photo collections shared on online social networks. Multimedia, IEEE Transactions on,13(1):14–28, 2011. [2] P. Fong. Relationship-based access control: Protection model and policy language. In Proceedings of the first ACM conference on Data and application security and privacy, pages 191–202. ACM, 2011. [3] B. Qureshi, G. Min, and D. Kouvatsos. Collusion detection and prevention with fire+ trust and reputation model. In Computer and Information Technology (CIT), 2010 IEEE 10th InternationalConference on, pages 2548–2555. IEEE, 2010. [4] G. Ahn, H. Hu, J. Lee, and Y. Meng. Representing and reasoning about web access control policies. At Computer Software and Applications Conference (COMPSAC), 2010 IEEE 34th Annual, pages 137– 146.IEEE, 2010. [5] G. Wondracek, T. Holz, E. Kirda, and C. Kruegel. A practical attack to die anonymous social network users. In 2010 IEEE Symposium on Security and Privacy, pages 223–238. IEEE, 2010. [6] Ch. Aruna, G. Mine, International Journal of Modern Engineering Research (IJMER) Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2808-2812. [7] A. k. Rachel Praveena, B. Dr. S. Durga Bhavani,C.k.Suresh Babu,International journal of computer science & Network Solutions December.2013-Volume 1. No4 ISSN 2345-3397. [8]. Liu, D., Li, N., Wang, X., Camp, L.J.: Beyond risk-based access control: towards incentive-based access control. In: Proc. 15th Conference on Financial Cryptography and Data Security (FC). Volume 7035 of LNCS., Springer (2012) [9]. Gates, C.E.: Access control requirements for Web 2.0 security and privacy. In: Proc. IEEE Workshop on Web 2.0 Security and Privacy (W2SP). (2007) [10]. Carminati, B., Ferrari, E., Perego, A.: Enforcing access control in web-based social networks. ACM Transactions on Information & System Security 13(1) (2009) Article No. 6 [11]. Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proc. 14th ACM Symposium on Access Control Models and Technologies (SACMAT), ACM (2009) 177{186
D. Kalyani, IJRIT- 212