Paper Info
Title
Access control for online social networks third party applications
Abstract
With the development of Web 2.0 technologies, online social networks are able to provide open platforms to enable the seamless sharing of profile data to enable public developers to interface and extend the social network services as applications. At the same time, these open interfaces pose serious privacy concerns as third party applications are usually given access to the user profiles. Current related research has focused on mainly user-to-user interactions in social networks, and seems to ignore the third party applications. In this paper, we present an access control framework to manage third party applications. Our framework is based on enabling the user to specify the data attributes to be shared with the application and at the same time be able to specify the degree of specificity of the shared attributes. We model applications as finite state machines, and use the required user profile attributes as conditions governing the application execution. We formulate the minimal attribute generalization problem and we propose a solution that maps the problem to the shortest path problem to find the minimum set of attribute generalization required to access the application services. We assess the feasibility of our approach by developing a proof-of-concept implementation and by conducting user studies on a widely-used social network platform.
Year
DOI
Venue
2012
10.1016/j.cose.2012.07.008
Computers & Security
Keywords
Field
DocType
finite state machine,applications,social networks,attribute generalization,access control
World Wide Web,User profile,Social network,Shortest path problem,Computer science,Computer security,Finite-state machine,Third party,Access control,User studies
Journal
Volume
Issue
ISSN
31
8
0167-4048
Citations 
PageRank 
References 
20
0.82
24
Authors
4
Name
Order
Citations
PageRank
Mohamed Shehab150634.78
Anna Cinzia Squicciarini21301106.30
Gail-Joon Ahn33012203.39
Irini Kokkinou4200.82