The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
Role-Based Access Control Models
Computer
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
ACM Transactions on Information and System Security (TISSEC)
Protection in operating systems
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Types and programming languages
Types and programming languages
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
On Safety in Discretionary Access Control
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Real-world oriented information sharing using social networks
GROUP '05 Proceedings of the 2005 international ACM SIGGROUP conference on Supporting group work
A trust based approach for protecting user data in social networks
CASCON '07 Proceedings of the 2007 conference of the center for advanced studies on Collaborative research
Delegation in role-based access control
International Journal of Information Security
Motivations for social networking at work
Proceedings of the 2008 ACM conference on Computer supported cooperative work
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
The union-split algorithm and cluster-based anonymization of social networks
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
De-anonymizing Social Networks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
D-FOAF: distributed identity management with access rights delegation
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Privacy and security for online social networks: challenges and opportunities
IEEE Network: The Magazine of Global Internetworking
The challenge of data and application security and privacy (DASPY): are we up to it
Proceedings of the first ACM conference on Data and application security and privacy
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Content-based filtering in on-line social networks
PSDML'10 Proceedings of the international ECML/PKDD conference on Privacy and security issues in data mining and machine learning
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
Multiparty authorization framework for data sharing in online social networks
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Analyzing facebook privacy settings: user expectations vs. reality
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
Detecting and resolving privacy conflicts for collaborative data sharing in online social networks
Proceedings of the 27th Annual Computer Security Applications Conference
Relationship-based access control: its expression and enforcement through hybrid logic
Proceedings of the second ACM conference on Data and Application Security and Privacy
Privacy streamliner: a two-stage approach to improving algorithm efficiency
Proceedings of the second ACM conference on Data and Application Security and Privacy
Boundary regulation in social media
Proceedings of the ACM 2012 conference on Computer Supported Cooperative Work
Guarding a walled garden — semantic privacy preferences for the social web
ESWC'10 Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part II
Visualizing privacy implications of access control policies in social network systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Online social network platforms: toward a model-backed security evaluation
Proceedings of the 1st Workshop on Privacy and Security in Online Social Media
A visualization tool for evaluating access control policies in facebook-style social network systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A user-to-user relationship-based access control model for online social networks
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Towards provenance and risk-awareness in social computing
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
On protection in federated social computing systems
Proceedings of the 4th ACM conference on Data and application security and privacy
Using community structure to control information sharing in online social networks
Computer Communications
| Hi-index | 0.00 |
Recent years have seen unprecedented growth in the popularity of social network systems, with Facebook being an archetypical example. The access control paradigm behind the privacy preservation mechanism of Facebook is distinctly different from such existing access control paradigms as Discretionary Access Control, Role-Based Access Control, Capability Systems, and TrustManagement Systems. This work takes a first step in deepening the understanding of this access control paradigm, by proposing an access control model that formalizes and generalizes the privacy preservation mechanism of Facebook. The model can be instantiated into a family of Facebook-style social network systems, each with a recognizably different access control mechanism, so that Facebook is but one instantiation of the model. We also demonstrate that the model can be instantiated to express policies that are not currently supported by Facebook but possess rich and natural social significance. This work thus delineates the design space of privacy preservation mechanisms for Facebook-style social network systems, and lays out a formal framework for policy analysis in these systems.