Generalizing data to provide anonymity when disclosing information (abstract)
PODS '98 Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Describing and Reasoning on Web Services using Process Algebra
ICWS '04 Proceedings of the IEEE International Conference on Web Services
Using a Rigorous Approach for Engineering Web Service Compositions: A Case Study
SCC '05 Proceedings of the 2005 IEEE International Conference on Services Computing - Volume 01
LTSA-WS: a tool for model-based verification of web service compositions and choreography
Proceedings of the 28th international conference on Software engineering
Access control enforcement for conversation-based web services
Proceedings of the 15th international conference on World Wide Web
Inferring binary trust relationships in Web-based social networks
ACM Transactions on Internet Technology (TOIT)
Homeviews: peer-to-peer middleware for personal data sharing applications
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Rule-Based access control for social networks
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
Imagined communities: awareness, information sharing, and privacy on the facebook
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Users' (mis)conceptions of social applications
Proceedings of Graphics Interface 2010
Annotation-based access control for collaborative information spaces
Computers in Human Behavior
PoX: Protecting users from malicious Facebook applications
Computer Communications
My profile is my password, verify me!: the privacy/convenience tradeoff of facebook connect
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Preserving user privacy from third-party applications in online social networks
Proceedings of the 22nd international conference on World Wide Web companion
Hi-index | 0.00 |
With the development of Web 2.0 technologies, online social networks are able to provide open platforms to enable the seamless sharing of profile data to enable public developers to interface and extend the social network services as applications (or APIs). At the same time, these open interfaces pose serious privacy concerns as third party applications are usually given full read access to the user profiles. Current related research has focused on mainly user-to-user interactions in social networks, and seems to ignore the third party applications. In this paper, we present an access control framework to manage the third party to user interactions. Our framework is based on enabling the user to specify the data attributes to be shared with the application and at the same time be able to specify the degree of specificity of the shared attributes. We model applications as finite state machines, and use the required user profile attributes as conditions governing the application execution. We formulate the minimal attribute generalization problem and we propose a solution that maps the problem to the shortest path problem to find the minimum set of attribute generalization required to access the application services.