research-article

A semantic web based framework for social network access control

Authors:

Barbara Carminati,

Raymond Heatherly,

Murat Kantarcioglu,

Bhavani ThuraisinghamAuthors Info & Claims

SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

Pages 177 - 186

https://doi.org/10.1145/1542207.1542237

Published: 03 June 2009 Publication History

Abstract

The existence of on-line social networks that include person specific information creates interesting opportunities for various applications ranging from marketing to community organization. On the other hand, security and privacy concerns need to be addressed for creating such applications. Improving social network access control systems appears as the first step toward addressing the existing security and privacy concerns related to on-line social networks. To address some of the current limitations, we propose an extensible fine grained access control model based on semantic web tools. In addition, we propose authorization, admin and filtering policies that depend on trust relationships among various users, and are modeled using OWL and SWRL. Besides describing the model, we present the architecture of the framework in its support.

References

[1]

B. Ali, W. Villegas, and M. Maheswaran. A trust based approach for protecting user data in social networks. In 2007 Conference of the Center for Advanced Studies on Collaborative research (CASCON'07), pages 288--293, 2007.

Digital Library

[2]

S. Berteau. Facebook's misrepresentation of Beacon's threat to privacy: Tracking users who opt out or are not logged in. CA Security Advisor Research Blog, Mar. 2007.

[3]

D. Brickley and L. Miller. FOAF vocabulary specification 0.91. RDF Vocabulary Specification, Nov. 2007. Available at http://xmlns.com/foaf/0.1.

[4]

B. Carminati, E. Ferrari, and A. Perego. Enforcing Access Control in Web-based Social Networks. ACM Transactions on Information & System Security, 2008. To appear, 4(3):191--233, 2001.

Digital Library

[5]

B. Carminati, E. Ferrari, and A. Perego. Security and privacy in social networks. In M. Khosrow-Pour, editor, Encyclopedia of Information Science and Technology, 2nd Edition, volume VII, pages 3369--3376. IGI Publishing, Sept. 2008.

[6]

H.-C. Choi, S. R. Kruk, S. Grzonkowski, K. Stankiewicz, B. Davis, and J. G. Breslin. Trust models for community aware identity management. In Identity, Reference, and the Web Workshop (IRW 2006), 2006. Available at: http://www.ibiblio.org/hhalpin/irw2006/skruk.pdf.

[7]

N. Elahi, M. M. R. Chowdhury, and J. Noll. Semantic access control in web based communities. In ICCGI '08: Proceedings of the 2008 The Third International Multi-Conference on Computing in the Global Information Technology (iccgi 2008), pages 131--136, Washington, DC, USA, 2008. IEEE Computer Society.

Digital Library

[8]

T. W. Finin, A. Joshi, L. Kagal, J. Niu, R. S. Sandhu, W. H. Winsborough, and B. M. Thuraisingham. Rowlbac: representing role based access control in owl. In SACMAT, pages 73--82, 2008.

Digital Library

[9]

I. Horrocks, P. F. Patel-Schneider, H. Boley, S. Tabet, B. Grosof, and M. Dean. SWRL: A Semantic Web rule language combining OWL and RuleML. W3C Member Submission, World Wide Web Consortium, May 2004. Available at: http://www.w3.org/Submission/SWRL.

[10]

S. R. Kruk, S. Grzonkowski, H.-C. Choi, T. Woroniecki, and A. Gzella. D-FOAF: Distributed identity management with access rights delegation. In Proceedings of the 1st Asian Semantic Web Conference (ASWC 2006), LNCS 4185, pages 140--154. Springer Verlag, 2006.

Digital Library

[11]

P. Mika. Social Networks and the Semantic Web, volume 5 of Semantic Web And Beyond Computing for Human Experience. Springer, 2007.

Digital Library

[12]

G. Tonti, J. Bradshaw, R. Jeffers, R. Montanari, N. Suri, and A. Uszok. Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder. 2003.

[13]

World Wide Web Consortium. Defining n-ary relations on the semantic web, 2006. Available at:http://www.w3.org/TR/swbp-n-aryRelations/.

[14]

World Wide Web Consortium. Status for resource description framework (rdf) model and syntax specification. Available at: http://www.w3.org/1999/.status/PR-rdf-syntax-19990105/status.

[15]

M. I. Yague, M. del-mar Gallardo, and A. MaÜna. Semantic access control model: A formal specification. In ESORICS 2005, pages 24--43, 2005.

Digital Library

Cited By

Zhang XJing CChen YWang LXu LFu D(2024)Trusted Data Access Control Based on Logistics Business Collaboration SemanticsApplied Sciences10.3390/app1410409914:10(4099)Online publication date: 12-May-2024
https://doi.org/10.3390/app14104099
Procko TOchoa O(2024)Leveraging Linked Data for Knowledge Management: A Proposal for the Aerospace IndustrySSRN Electronic Journal10.2139/ssrn.4703237Online publication date: 2024
https://doi.org/10.2139/ssrn.4703237
Bajpai SChaturvedi A(2024)Toward Detecting Rumor Initiator in Online Social Networks Using Ontology-Driven ModelArabian Journal for Science and Engineering10.1007/s13369-024-08852-7Online publication date: 11-Mar-2024
https://doi.org/10.1007/s13369-024-08852-7
Show More Cited By

Index Terms

A semantic web based framework for social network access control
1. Computing methodologies
  1. Artificial intelligence
    1. Knowledge representation and reasoning
      1. Semantic networks
2. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security

Recommendations

Enforcing access control in Web-based social networks

In this article, we propose an access control mechanism for Web-based social networks, which adopts a rule-based approach for specifying access policies on the resources owned by network participants, and where authorized users are denoted in terms of ...
Attribute-Aware Relationship-Based Access Control for Online Social Networks
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Relationship-based access control ReBAC has been adopted as themost prominent approach for access control in online social networks OSNs, where authorization policies are typically specified in terms of relationships of certain types and/or depth ...
An Evaluation of Role Based Access Control Towards Easier Management Compared to Tight Security
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems

Role-based access control (RBAC) is a widely-used protocol to design and build an access control for providing the system security regarding authorization. Even though in the context of internet resources access, the authentication and access control ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '09: Proceedings of the 14th ACM symposium on Access control models and technologies

June 2009

258 pages

ISBN:9781605585376

DOI:10.1145/1542207

General Chair:
Barbara Carminati
University of Insubria, Italy
,
Program Chair:
James Joshi
University of Pittsburgh, USA

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 June 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SACMAT '09

Sponsor:

SACMAT '09: 14th ACM Symposium on Access Control Models and Technologies

June 3 - 5, 2009

Stresa, Italy

Acceptance Rates

SACMAT '09 Paper Acceptance Rate 24 of 75 submissions, 32%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

118
Total Citations
View Citations
1,874
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)4

Reflects downloads up to 19 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang XJing CChen YWang LXu LFu D(2024)Trusted Data Access Control Based on Logistics Business Collaboration SemanticsApplied Sciences10.3390/app1410409914:10(4099)Online publication date: 12-May-2024
https://doi.org/10.3390/app14104099
Procko TOchoa O(2024)Leveraging Linked Data for Knowledge Management: A Proposal for the Aerospace IndustrySSRN Electronic Journal10.2139/ssrn.4703237Online publication date: 2024
https://doi.org/10.2139/ssrn.4703237
Bajpai SChaturvedi A(2024)Toward Detecting Rumor Initiator in Online Social Networks Using Ontology-Driven ModelArabian Journal for Science and Engineering10.1007/s13369-024-08852-7Online publication date: 11-Mar-2024
https://doi.org/10.1007/s13369-024-08852-7
Obrezkov DSohr K(2024)UCAT: The Uniform Categorization for Access ControlFoundations and Practice of Security10.1007/978-3-031-57540-2_1(3-14)Online publication date: 25-Apr-2024
https://doi.org/10.1007/978-3-031-57540-2_1
Thuraisingham B(2023)Secure Multimedia Data Systems in the Era of Artificial Intelligence: Significant Progress and Vision for the Future2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)10.1109/TPS-ISA58951.2023.00031(180-183)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TPS-ISA58951.2023.00031
Yen ITiwari ABastani F(2023)Access Control in Dynamic IoT Scenarios2023 IEEE 15th International Symposium on Autonomous Decentralized System (ISADS)10.1109/ISADS56919.2023.10092159(1-8)Online publication date: 15-Mar-2023
https://doi.org/10.1109/ISADS56919.2023.10092159
Sadeghi MSartor LRossi M(2022)A semantic-based access control approach for systems of systemsACM SIGAPP Applied Computing Review10.1145/3512753.351275421:4(5-19)Online publication date: 19-Jan-2022
https://dl.acm.org/doi/10.1145/3512753.3512754
Praharaj LAmeer SGupta MSandhu R(2022)Attributes Aware Relationship-based Access Control for Smart IoT Systems2022 IEEE 8th International Conference on Collaboration and Internet Computing (CIC)10.1109/CIC56439.2022.00021(72-81)Online publication date: Dec-2022
https://doi.org/10.1109/CIC56439.2022.00021
Shaikh AAl-Shamli MNazir A(2021)Designing a relational model to identify relationships between suspicious customers in anti-money laundering (AML) using social network analysis (SNA)Journal of Big Data10.1186/s40537-021-00411-38:1Online publication date: 14-Jan-2021
https://doi.org/10.1186/s40537-021-00411-3
Awad MAl-karaki RIdais D(2021)User as a Super Admin: Giving the End-Users Full Control to Manage Access to Their Data in Social Media Networks2021 International Symposium on Electrical, Electronics and Information Engineering10.1145/3459104.3459204(623-627)Online publication date: 19-Feb-2021
https://dl.acm.org/doi/10.1145/3459104.3459204
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents