Access control in Online Social Networks (OSNs) is generally approached with a relationship-based model. This limits the options in expressing privacy preferences to only the types of relationships users establish in the OSN. Moreover, current proposals do not address the privacy of dependent information types, such as comments or likes, at their atomic levels of ownership. Rather, the privacy of these data elements is holistically dependent on the aggregate object they belong to. To overcome this, we propose LAMP, a model that deploys fine grained labelbased access control for information sharing in OSNs. Users in LAMP assign customized labels to their friends and to all types of their information; whereas access requests are evaluated by security properties carefully designed to establish orders between requestor’s and information’s labels. We prove the correctness of the suggested model, and we perform performance experiments based on different access scenarios simulated on a real OSN graph. We also performed a preliminary usability study that compared LAMP to Facebook privacy settings.

LAMP - Label-based access-control for more privacy in online social networks

BAHRI, LEILA;CARMINATI, BARBARA;FERRARI, ELENA;LUCIA, WILLIAM
2016-01-01

Abstract

Access control in Online Social Networks (OSNs) is generally approached with a relationship-based model. This limits the options in expressing privacy preferences to only the types of relationships users establish in the OSN. Moreover, current proposals do not address the privacy of dependent information types, such as comments or likes, at their atomic levels of ownership. Rather, the privacy of these data elements is holistically dependent on the aggregate object they belong to. To overcome this, we propose LAMP, a model that deploys fine grained labelbased access control for information sharing in OSNs. Users in LAMP assign customized labels to their friends and to all types of their information; whereas access requests are evaluated by security properties carefully designed to establish orders between requestor’s and information’s labels. We prove the correctness of the suggested model, and we perform performance experiments based on different access scenarios simulated on a real OSN graph. We also performed a preliminary usability study that compared LAMP to Facebook privacy settings.
2016
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
9783319459301
10th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2016
grc
2016
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11383/2062600
 Attenzione

L'Ateneo sottopone a validazione solo i file PDF allegati

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 0
social impact