4,561 research outputs found
A New Access Control Scheme for Facebook-style Social Networks
The popularity of online social networks (OSNs) makes the protection of
users' private information an important but scientifically challenging problem.
In the literature, relationship-based access control schemes have been proposed
to address this problem. However, with the dynamic developments of OSNs, we
identify new access control requirements which cannot be fully captured by the
current schemes. In this paper, we focus on public information in OSNs and
treat it as a new dimension which users can use to regulate access to their
resources. We define a new OSN model containing users and their relationships
as well as public information. Based on this model, we introduce a variant of
hybrid logic for formulating access control policies. We exploit a type of
category information and relationship hierarchy to further extend our logic for
its usage in practice. In the end, we propose a few solutions to address the
problem of information reliability in OSNs, and formally model collaborative
access control in our access control scheme.Comment: Computers & Security, 54, 201
A Collaborative Access Control Model for Shared Items in Online Social Networks
The recent emergence of online social networks (OSNs) has changed the communication behaviors of thousand of millions of users. OSNs have become significant platforms for connecting users, sharing information, and a valuable source of private and sensitive data about individuals. While OSNs insert constantly new social features to increase the interaction between users, they, unfortunately, offer primitive access control mechanisms that place the burden of privacy policy configuration solely on the holder who has shared data in her/his profile regardless of other associated users, who may have different privacy preferences. Therefore, current OSN privacy mechanisms violate the privacy of all stakeholders by giving one user full authority over another’s privacy settings, which is extremely ineffective. Based on such considerations, it is essential to develop an effective and flexible access control model for OSNs, accommodating the special administration requirements coming from multiple users having a variety of privacy policies over shared items.
In order to solve the identified problems, we begin by analyzing OSN scenarios where at least two users should be involved in the access control process. Afterward, we propose collaborative access control framework that enables multiple controllers of the shared item to collaboratively specify their privacy settings and to resolve the conflicts among co-controllers with different requirements and desires. We establish our conflict resolution strategy’s rules to achieve the desired equilibrium between the privacy of online users and the utility of sharing data in OSNs. We present a policy specification scheme for collaborative access control and authorization administration. Based on these considerations, we devise algorithms to achieve a collaborative access control policy over who can access or disseminate the shared item and who cannot. In our dissertation, we also present the implementation details of a proof-of-concept prototype of our approach to demonstrate the effectiveness of such an approach. With our approach, sharing and interconnection among users in OSNs will be promoted in a more trustworthy environment
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
In Things We Trust? Towards trustability in the Internet of Things
This essay discusses the main privacy, security and trustability issues with
the Internet of Things
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
- …