IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

A Sophisticated Mechanism to Manage Access Controls in Online Social Networks D. Kalyani #1, A.K. Puneeth Kumar *2 1#

Post-Graduate Student, Department of Computer Science and Engineering, SEAT, TIRUPATI, India [email protected] 2*

Assistant Professor, Department of Computer Science and Engineering, SEAT, TIRUPATI, India

Abstract In recent years people go for online social networks (OSNs) to share their personal information using popular social networking sites like Facebook, Myspace and Mylife. These OSNs allow user to enforce privacy concerns over shared data with single user only without providing any model and mechanism to enforce privacy concerns over data associated with multiple users. To overcome this we come across an approach [1] to enable the protection of shared data associated with multiple users by proposing a multiparty authorization framework that allows collaborative management of shared data in OSNs. In OSNs, users manage their profile, interact with other users, and selforganize into different communities. Users profiles usually include information such as the user’s name, address, birthdate, contact information, emails, education, interests, photos, music, videos, blogs and many other attributes The explosive growth of private or sensitive user data that are readily available in OSNs has raised an urgent expectation for effective access control that can protect these data from unauthorized users in OSNs. This paper presents an access control model for the protection of shared data associated with multiple users in online social networks.

Keywords: Online Social Network, Multiparty Access Control, Collaboration, OSN, Privacy. I.

INTRODUCTION

Now a day’s OSNs like Face book, My space and My life are in born designed to permit individuals to share their personal and public information and even have social connections with our friends, coworkers, family and conjointly with strangers [3]. Therefore Access management has become a central feature of OSNs [2, 4].Even though OSNs presently give straightforward access management techniques permitting users to regulate access to info contained in their own areas. Users, by unhealthy luck don't have any management on information existing outside their areas. Full participation in OSNs requires users to register a (pseudo) identity with the network, though some sites do allow browsing public data without explicit sign-on. Users may volunteer information about themselves, for example their birthday, place of residence, interests, etc., all of which constitutes the user’s profile. The online social network itself is composed of links between users. Some sites allow users to link

D. Kalyani, IJRIT- 208

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212

to any other user, without consent from the link recipient, while other sites follow a two-phase procedure that only allows a link to be established when both parties agree. Certain sites, such as Flickr, have social networks with directed links- meaning a link from A to B does not imply the presence of a reverse link, whereas others, such as Orkut, have social networks with undirected links. Most sites also enable users to create special interest groups, which are akin to Usenet [2] newsgroups. Users can post messages to groups (visible to all group members) and even upload shared content to that group. Certain groups are moderated, and admission to the group is controlled by a single group administrator, while other groups are open for any member to join. All sites today require explicit group declaration by the users; users must manually create groups, appoint administrators (if necessary), and declare which groups they are a member of. Once an identity is built, users of content sharing sites can upload content onto their account. Many such online sites enable users to mark content as public (visible to anyone) or private (visible only to their immediate “friends”), and to tag content with labels. Many sites, such as YouTube, allow users to upload an unlimited amount of video content, while other sites, such as Flickr, require that users either pay a subscription fee or be subject to an upload limit. All of the content uploaded by a given user is listed in their user’s profile, allowing other users to browse through the social network to discover new content. Typically, the content is automatically indexed, and, if publicly available, made accessible though a textual search. An example is Flickr’s photo search, which allows the users to locate photos by searching based on tags and comments. II. RELATED WORK Relationship sharing is another characteristic of social networks which client contributes to associations through former members. For supervision and directions, associations may be based on confidence relations, other may be a freely association based on a general awareness, and finally may be dedicated to entirely socializing with associates within the workplace, may be based on the responsibilities of present job. Summary contribution is an interesting characteristic concerning several social networks towards holding up community submission through creators of third-party towards generating extra functionalities put up on the profile of user for social networks [8]. For maintaining the networks there should be a possibility for necessary function about network, and should maintain a balance between the completeness of being with in a network and the superiority of being an outsider. Social networks comprise a significant feature permitting consumer prearranged in assemblage and raise concerns concerning the fortification about confidentiality within the circumstance of increasing support of client. Each group contain an exceptional agreed name which permits customer of online social network towards effortlessly discovering former customer in distributing detailed comfort [1]. Several schemes of access control have been introduced to maintain specifications of fine-grained authorization intended for online social networks. By achieving systems of access control in addition to models for social networks, depiction of multiparty access is put together for confining interior description of the needs of mutual approval which were not up to the indication [11]. Several studies have examined the interface design to support user awareness of the privacy risks and algorithms for relationship-based access-control scheme. In [3], the authors presented a social-networkingbased access-control scheme for online information sharing by considering identities as key pairs and identifying the social relationship based on social attestations. Under this approach, a simple access-control list is employed to manage user access. A more sophisticated mechanism to manage access controls in [4], is rule- based and follows complex policies that are expressed as constraints on the type, depth, and trust level of existing relationships. This control methods is further extended by making access-control decisions completely decentralized and collaborative [5].

D. Kalyani, IJRIT- 209

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212

In [6], the authors introduced a conceptually-similar but more comprehensive trust-based access control model. This model allows the specification of access rules for online resources, where legitimate users are denoted in terms of the relationship type, depth, and trust level between users in OSNs. In [6,7], the authors proposed an access control model that formalizes and generalizes the access control mechanism implemented in Facebook, admitting arbitrary policy vocabularies that are based on theoretical graph properties. In [8], the authors described relationship-based access control as one of new security paradigms that addresses unique requirements of Web 2.0. In [9], the authors provided a solution for collective privacy management in OSNs. Their work considered access control policies of a data content that is co-owned by multiple users in an OSN, such that each co-owner may separately specify her/his own privacy preference for the shared content. III. PROPOSED METHODOLOGY 3.1 MULTIPARTY ACCESS CONTROL MODEL FOR OSNS A. Multi party Access Control Model A social network can be represented by a relationship network, a set of user groups and a collection of user data (Figure 1). The relationship network of a social network is a directed labeled graph, where each node denotes a user and each edge represents a relationship between two users. The label associated with each edge represents the type of the relationship. Edge direction denotes that the initial node of an edge establishes the relationship and the terminal node of the edge accepts that relationship. The number and type of supported relationships rely on the specific social network and its purposes. Social network should allow multiple controllers, who are associated with the shared data, to specify access control policies. In addition to the owner of data, other controllers, including the stakeholder, contributor and disseminator of data, need to regulate the access of the shared data as well.

Figure 1: An Example of Multiparty Social Network Representation

3.2 MULTIPARTY AUTHORIZATION SPECIFICATION To change a cooperative authorization management of information sharing in OSNs, it's essential for multiparty access management policies to be in situ to control access over shared data, representing authorization needs from multiple associated users. Our policy specification theme is constructed upon the

D. Kalyani, IJRIT- 210

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212

above-named OSN model (Section three.2). Recently, many access management schemes (e.g., [7, 11, and 12]) are projected to support fine-grained authorization specifications for OSNs. Sadly, these schemes will solely enable one manager (the resource owner) to specify access control policies. Indeed, a versatile access management mechanism in a very multi-user setting like OSNs is important to permit multiple managers related to the shared data item to specify access control policies. As we have a tendency to mention in Section three.1, additionally to the owner of information, different controllers, together with the contributor, neutral and propagator of information, conjointly need to control access to the shared data.

3.3 MULTIPARTY POLICY ANALYSIS In our projected multiparty authorization model, every controller will specify a collection of policies, which can contains each positive and negative policies, to control access of the shared information.

Fig. 2. Multiparty Policy Evaluation Two steps should be performed to evaluate associate access request over multiparty access management policies. The primary step checks the access request against policies of every controller and yields a choice for the controller. Conveyance in each positive and negative policy within the policy set of a controller raises potential policy conflicts. Within the second step, decisions from all controllers responding to the access request square measure aggregated to create a final decision for the access request. Since those controllers could generate totally different choices (permit and deny) for the access request, conflicts could happens once more. Figure 4 illustrates potential conflicts such as policy conflict resolution in one party, conflict resolution for disseminated data that are present throughout the analysis of multiparty access management policies. So as to create associate unambiguous final decision for every access request, it's crucial to adopt a scientific conflict resolution mechanism to resolve those known conflicts throughout multiparty policy analysis. IV.CONCLUSION Although social networks attempt to improve security and privacy, they have not achieved the complete or ideal access control mechanisms that users actually demand. In current social networks, individual users can choose different preferences, causing privacy conflicts in shared information that multiple users co- own. In this paper, we have proposed an optimal solution for collaborative management of shared data in OSNs. A multi- party access control model was formulated, along with a multi- party policy specification scheme and corresponding policy evaluation method. In addition, we have introduced

D. Kalyani, IJRIT- 211

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 11, November 2014, Pg. 208-212

an approach for representing and reasoning about our proposed method. A proof-of-concept implementation of our solution called “MController” has been discussed as well, followed by the usability study and system evaluation of our proposed method.

References [1].J. Choi, W. De Neve, K. Plataniotis, and Y. Rio. Collaborative face recognition for improved face annotation in personal photo collections shared on online social networks. Multimedia, IEEE Transactions on,13(1):14–28, 2011. [2] P. Fong. Relationship-based access control: Protection model and policy language. In Proceedings of the first ACM conference on Data and application security and privacy, pages 191–202. ACM, 2011. [3] B. Qureshi, G. Min, and D. Kouvatsos. Collusion detection and prevention with fire+ trust and reputation model. In Computer and Information Technology (CIT), 2010 IEEE 10th InternationalConference on, pages 2548–2555. IEEE, 2010. [4] G. Ahn, H. Hu, J. Lee, and Y. Meng. Representing and reasoning about web access control policies. At Computer Software and Applications Conference (COMPSAC), 2010 IEEE 34th Annual, pages 137– 146.IEEE, 2010. [5] G. Wondracek, T. Holz, E. Kirda, and C. Kruegel. A practical attack to die anonymous social network users. In 2010 IEEE Symposium on Security and Privacy, pages 223–238. IEEE, 2010. [6] Ch. Aruna, G. Mine, International Journal of Modern Engineering Research (IJMER) Vol. 3, Issue. 5, Sep - Oct. 2013 pp-2808-2812. [7] A. k. Rachel Praveena, B. Dr. S. Durga Bhavani,C.k.Suresh Babu,International journal of computer science & Network Solutions December.2013-Volume 1. No4 ISSN 2345-3397. [8]. Liu, D., Li, N., Wang, X., Camp, L.J.: Beyond risk-based access control: towards incentive-based access control. In: Proc. 15th Conference on Financial Cryptography and Data Security (FC). Volume 7035 of LNCS., Springer (2012) [9]. Gates, C.E.: Access control requirements for Web 2.0 security and privacy. In: Proc. IEEE Workshop on Web 2.0 Security and Privacy (W2SP). (2007) [10]. Carminati, B., Ferrari, E., Perego, A.: Enforcing access control in web-based social networks. ACM Transactions on Information & System Security 13(1) (2009) Article No. 6 [11]. Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proc. 14th ACM Symposium on Access Control Models and Technologies (SACMAT), ACM (2009) 177{186

D. Kalyani, IJRIT- 212

A Sophisticated Mechanism to Manage Access Controls in ... - IJRIT

In recent years people go for online social networks (OSNs) to share their personal information using popular social ... Keywords: Online Social Network, Multiparty Access Control, Collaboration, OSN, Privacy. .... party, conflict resolution for disseminated data that are present throughout the analysis of multiparty access.

115KB Sizes 1 Downloads 202 Views

Recommend Documents

A Sophisticated Mechanism to Manage Access Controls in ... - IJRIT
This paper presents an access control model for the protection of shared data associated with multiple users in online social networks. Keywords: Online Social ...

Access Mechanism Control in Wireless ATM Network ...
speed infrastructure for integrated broadband communication i.e. voice, video, data and etc. ... success for commercial cellular and paging services. Hence the ...

Optical Code Division Multiple Access System - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 2, ..... IEEE symposium on wireless technology and applications, September 2011, ...

Optical Code Division Multiple Access System - IJRIT
The main advantages of Optical CDMA system are soft capacity and network ..... IEEE symposium on wireless technology and applications, September 2011, ...

A Novel Technique to Control Congestion in MANET using ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 1, Issue .... Tech degree in from DAV, Jalandhar and completed B-Tech in 2005 with ...

A Novel Technique to Control Congestion in MANET using ... - IJRIT
IJRIT International Journal of Research in Information Technology, Volume 1, Issue 7, ... topology. 2. Congestion Control in MANET. To maintain and allocate network .... Tech degree in from DAV, Jalandhar and completed B-Tech in 2005 with honours fro

Towards an Access Control Mechanism for Wide-area ...
We call these filters access ..... vices can specify the conditions for principals to activate the role. .... tional Conference on System Sciences (HICSS-35), Big Is-.

Sincere and sophisticated players in an equal-income ...
Mar 12, 2015 - Department of Economics, Texas A&M University, College Station, TX 77843 ... Fax: (979) 847-8757; email: [email protected]; web page ..... determined by an scf as in the standard mechanism design framework.

Access Policy Consolidation for Event-based Applications - IJRIT
C. Security Goal let attold →ω attnew be the sign of that ..... on High Performance Computing and Communications(HPCC), 2011, pp. 355–364. [9] M. A. Tariq, B.

Sigma-F Protocol Access Control for Real Time System - IJRIT
Key Words- Access control protocol; Scheduling; Real Time System; Response Time. 1. Introduction. The Real Time ... database locks etc. A job may need some ...

Sigma-F Protocol Access Control for Real Time System - IJRIT
Key Words- Access control protocol; Scheduling; Real Time System; Response Time. 1. Introduction. The Real Time ... database locks etc. A job may need some ...

Access Policy Consolidation for Event-based Applications - IJRIT
on High Performance Computing and Communications(HPCC), 2011, pp. 355–364. [9] M. A. Tariq, B. Koldehofe, A. Altaweel, and K. Rothermel, “Providing basic ...

How to Manage Knowledge in the Software ...
Process", Lecture Notes in Computer Science, Springer, Vol. .... they will require some kind of knowledge without their request. ... accomplishment of his job. .... makes the work of maintainers easier and to what degree costs and effort are.

How to Manage Knowledge in the Software Maintenance Process
very few software companies use knowledge management techniques to ... identifies which parts of the system should be modified, which modules could be.

How to Manage Knowledge in the Software Maintenance Process
Process", Lecture Notes in Computer Science, Springer, Vol. 3096: p. 78-87. ... Keywords: Knowledge management, software maintenance, agents. 1. Introduction ... year 2004 the cost of knowledge management is expected to reach USD ..... makes the work

How to Create, Manage, and Measure Brand Influencers in Social ...
Apr 29, 2013 - You know looking Influence Marketing: How to Create, Manage, and Measure Brand Influencers in Social Media Marketing at least skimming ...

Excitation mechanism in the photoisomerization of a ...
Received 23 July 2008; accepted 16 September 2008; published online 22 October 2008 ... compared to the corresponding process for the free molecule. ... 56234. FAX: 49-30-838-56059. Electronic mail: [email protected].