Preserving Privacy in Social Networking Systems: Policy-Based Control and Anonymity

Social Networking Systems (SNSs), such as Facebook, are complex information systems involving a huge number of active entities that provide and consume enormous amounts of information. Such information can be mainly attributed to the users of SNSs and hence, can be considered privacy-sensitive. Therefore, in contrast to traditional systems where access control is governed by system policies, enabling individual users to specify their privacy control policies becomes a natural requirement. The intricate semantic relationships among data objects, users, and between data objects and users further add to the complexity of privacy control needs. Moreover, there is immense interest in studying social network data that is collected by SNSs for various research purposes. Anonymization is a solution to preserve user privacy in this case. However, anonymizing social network datasets effectively and efficiently is a much more challenging task than anonymizing tabular datasets due to the connectedness of the users in a social network graph. In this dissertation, we propose approaches and methods that facilitate preserving user privacy in terms of providing both fine-grained control of information and utility-preserving anonymization. In particular, we propose an ontology-based privacy control framework that enables fine-grained specification and enforcement of privacy control policies by both users and SNS providers. Our framework allows an SNS provider to determine privacy control policy authorities for SNS information, and allows users to specify advanced policies, that in addition to fine-grained policy specification, enables sharing of authority over protected resources. Based on such an ontology-based foundation, we also propose a framework to support novel privacy policy analysis tasks in SNSs. Furthermore, we propose a framework to enhance anonymization algorithms for social network datasets in terms of preserving their structural properties without sacrificing privacy requirements set for the algorithms. The proposed approaches direct the behavior of anonymization algorithms based on concepts in social network theory. We evaluate our proposed methods and approaches by implementing a prototype of the privacy control framework, carrying out a policy analysis case study for a real-world SNS, and performing an extensive set of experiments on improving social network anonymization in terms of preserving data utility

Ontology-based access control for social network systems

As the information flowing around in social network systems is mainly related or can be attributed to their users, controlling access to such information by individual users becomes a crucial requirement. The intricate semantic relations among data objects, different users, and between data objects and users further add to the complexity of access control needs. In this paper, we propose an access control model based on semantic web technologies that takes into account the above mentioned complex relations. The proposed model enables expressing much more fine-grained access control policies on a social network knowledge base than the existing models. We demonstrate the applicability of our approach by implementing a proof-of-concept prototype of the proposed access control framework and evaluating its performance

A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents' automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges. © Springer Science+Business Media B.V 2011

HELPP Zone: Towards protecting college students from dating violence

Dating violence is a type of Intimate Partner Violence (IPV) which is a serious, preventable public health and social justice issue. If dating violence is left unchecked, it can bring short term and long term negative effects to survivors, especially college students who are developing emotionally. We built a mobile application called HELPP Zone (Health, Education on safety, and Legal Participant Preferred) for college students to protect them against potential dating violence. In the HELPP Zone, a user can set a list of trusted contacts and her schedule, and reach them for help based on the context (user’s location, schedule and status) when potential violence occurs. The HELLP Zone is our first step towards creating a platform to end dating violence.published or submitted for publicationis peer reviewe