Social access control language (SocACL)
Pages 261 - 265
Abstract
Online Social Networks hold vast amounts of readily accessible personal information leaving them particularly vulnerable to privacy breach attacks [6]. With the impact these breaches varying from simply embarrassing the user, to negatively influencing the decision of potential employers, identity theft and even physical harm it is important that they are addressed. In this research we approach privacy management in OSNs as an access control problem. We propose a formal Attribute-Based Access Control (ABAC) language; SocACL. SocACL is based on Answer Set Programming (ASP) and allows for policy specification using the most abundant sources of information available in OSNs; user attributes and relationships. This paper outlines SocACL's core concepts, features, syntax and semantics.
References
[1]
C. Baral. Knowledge Representation, Reasoning and Declartive Problem Solving. Cambridge University Press, 1st edition, 2010.
[2]
J. Crampton and C. Morisset. PTaCL: A Language for Attribute-Based Access Control in Open Systems. Lecture Notes in Computer Science, 7215 LNCS: 390--409, 2012.
[3]
I. B. Dhia. Access control in social networks: a reachability-based approach. In Proc. of the 2012 Joint EDBT/ICDT Workshops, EDBT-ICDT '12, pages 227--232, New York, NY, USA, 2012. ACM.
[4]
W. Faber, G. Pfeifer, N. Leone, T. Dell'Armi, and G. Ielpa. Design and implementation of aggregate functions in the DLV system. Theory and Practice of Logic Programming, 8: 545--580, 10 2008.
[5]
P. W. Fong. Relationship-based access control: protection model and policy language. In Proc. of the 1st ACM Conf. on Data and Application Sec. and Pri., CODASPY '11, pages 191--202, New York, NY, USA, 2011. ACM.
[6]
H. Gao, J. Hu, T. Huang, J. Wang, and Y. Chen. Security Issues in Online Social Networks. Internet Computing, IEEE, 15(4): 56--63, July-Aug. 2011.
[7]
H. Hu, G. Ahn, and J. Jorgensen. Multiparty access control for online social networks: Model and mechanisms. Knowledge and Data Engineering, IEEE Trans. on, 25(7): 1614--1627, 2013.
[8]
H. R. Lipford, A. Besmer, and J. Watson. Understanding Privacy Settings in Facebook with an Audience View. In Proc. of the 1st Conf. on Usability, Psychology, and Sec., UPSEC'08, pages 2:1--2:8, Berkeley, CA, USA, 2008. USENIX Association.
[9]
M. Madejski, M. Johnson, and S. Bellovin. A Study of Privacy Settings Errors in an Online Social Network. In Proc. of Pervasive Computing and Comm. Workshops (PERCOM Workshops), 2012 IEEE Int. Conf. on, pages 340--345, March 2012.
[10]
E. Yuan and J. Tong. Attributed based access control (ABAC) for web services. In Web Services, 2005. ICWS 2005. Proc. 2005 IEEE Int. Conf. on. IEEE, 2005.
Index Terms
- Social access control language (SocACL)
Recommendations
SocACL: An ASP-Based Access Control Language for Online Social Networks
CMS 2013: 14th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security - Volume 8099Online Social Networks OSNs, such as Facebook, encourage their users to disclose significant amounts of personal information to facilitate connecting and sharing content with other users. This has resulted in some OSNs holding vast amounts of ...
Patterns for session-based access control
PLoP '06: Proceedings of the 2006 conference on Pattern languages of programsThe concept of session, the context under which a user accesses resources is very important to apply access control. We present first the Controlled Access Session pattern for describing how sessions can limit the rights of a user. We then combine this ...
A card requirements language enabling privacy-preserving access control
SACMAT '10: Proceedings of the 15th ACM symposium on Access control models and technologiesWe address the problem of privacy-preserving access control in distributed systems. Users commonly reveal more personal data than strictly necessary to be granted access to online resources, even though existing technologies, such as anonymous ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
November 2013
483 pages
ISBN:9781450324984
DOI:10.1145/2523514
- General Chairs:
- Atilla Elçi,
- Manoj Singh Gaur,
- Mehmet A. Orgun,
- Oleg B. Makarevich
Copyright © 2013 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- Macquarie U., Austarlia
- MNIT: Malaviya National Institute of Technology
- Aksaray Univ.: Aksaray University
- SFedU: Southern Federal University
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 November 2013
Check for updates
Author Tags
Qualifiers
- Short-paper
Funding Sources
Conference
SIN '13
Sponsor:
- MNIT
- Aksaray Univ.
- SFedU
SIN '13: The 6th International Conference on Security of Information and Networks
November 26 - 28, 2013
Aksaray, Turkey
Acceptance Rates
Overall Acceptance Rate 102 of 289 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 75Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 14 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in