An Access Control Model for Online Social Networks Using User-to-User Relationships
Open Access
- 24 February 2015
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Dependable and Secure Computing
- Vol. 13 (4), 424-436
- https://doi.org/10.1109/tdsc.2015.2406705
Abstract
Users and resources in online social networks (OSNs) are interconnected via various types of relationships. In particular, user-to-user relationships form the basis of the OSN structure, and play a significant role in specifying and enforcing access control. Individual users and the OSN provider should be enabled to specify which access can be granted in terms of existing relationships. In this paper, we propose a novel user-to-user relationship-based access control (UURAC) model for OSN systems that utilizes regular expression notation for such policy specification. Access control policies on users and resources are composed in terms of requested action, multiple relationship types, the starting point of the evaluation, and the number of hops on the path. We present two path checking algorithms to determine whether the required relationship path between users for a given access request exists. We validate the feasibility of our approach by implementing a prototype system and evaluating the performance of these two algorithms.Keywords
Funding Information
- National Science Foundation (CNS-0831452, CNS-1111925)
This publication has 27 references indexed in Scilit:
- Attribute-Aware Relationship-Based Access Control for Online Social NetworksPublished by Springer Science and Business Media LLC ,2014
- Relationship-Based Access Control for Online Social Networks: Beyond User-to-User RelationshipsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2012
- A User-to-User Relationship-Based Access Control Model for Online Social NetworksLecture Notes in Computer Science, 2012
- ACON: Activity-Centric Access Control for Social ComputingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- A User-Activity-Centric Framework for Access Control in Online Social NetworksIEEE Internet Computing, 2011
- Collective privacy management in social networksPublished by Association for Computing Machinery (ACM) ,2009
- Rule-Based Access Control for Social NetworksLecture Notes in Computer Science, 2006
- An Experimental Study of the Small World ProblemSociometry, 1969
- Programming Techniques: Regular expression search algorithmCommunications of the ACM, 1968
- Finite Automata and Their Decision ProblemsIBM Journal of Research and Development, 1959