Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

: An Access Control Model for Social Networks with Translucent User Provenance

  • @INPROCEEDINGS{10.1007/978-3-319-78816-6_17,
        author={Lorena Gonz\^{a}lez-Manzano and Mark Slaymaker and Jose Fuentes and Dimitris Vayenas},
        title={: An Access Control Model for Social Networks with Translucent User Provenance},
        proceedings={Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
        proceedings_a={SECURECOMM \& ATCS \& SEPRIOT},
        year={2018},
        month={4},
        keywords={Social networks Access control User provenance Translucency},
        doi={10.1007/978-3-319-78816-6_17}
    }
    
  • Lorena González-Manzano
    Mark Slaymaker
    Jose Fuentes
    Dimitris Vayenas
    Year: 2018
    : An Access Control Model for Social Networks with Translucent User Provenance
    SECURECOMM & ATCS & SEPRIOT
    Springer
    DOI: 10.1007/978-3-319-78816-6_17
Lorena González-Manzano1,*, Mark Slaymaker2,*, Jose Fuentes1,*, Dimitris Vayenas3,*
  • 1: Universidad Carlos III de Madrid
  • 2: The Open University
  • 3: Oxford University Computing Laboratory
*Contact email: lgmanzan@inf.uc3m.es, mark.slaymaker@open.ac.uk, jfuentes@inf.uc3m.es, dimitris.vayenas@exeter.ox.ac.uk

Abstract

Web-Based Social Networks (WBSNs) are used by millions of people worldwide. While WBSNs provide many benefits, privacy preservation is a concern. The management of access control can help to assure data is accessed by authorized users. However, it is critical to provide sufficient flexibility so that a rich set of conditions may be imposed by users. In this paper we coin the term to refer to tracing users actions to supplement the authorisation decision when users request access. For example restricting access to a particular photograph to those which have “liked” the owners profile. However, such a tracing of actions has the potential to impact the privacy of users requesting access. To mitigate this potential privacy loss the concept of is applied. This paper extends model and presents , an access control model which includes translucent user provenance. Entities and access control policies along with their enforcement procedure are formally defined. The evaluation demonstrates that the system satisfies the imposed goals and supports the feasibility of this model in different scenarios.