A lattice model of secure information flow
Communications of the ACM
Introduction to algorithms
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Automatic multimedia cross-modal correlation discovery
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
The author-topic model for authors and documents
UAI '04 Proceedings of the 20th conference on Uncertainty in artificial intelligence
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Proceedings of the 16th international conference on World Wide Web
Towards identity anonymization on graphs
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Resisting structural re-identification in anonymized social networks
Proceedings of the VLDB Endowment
SmallBlue: Social Network Analysis for Expertise Search and Collective Intelligence
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
De-anonymizing Social Networks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Scalable proximity estimation and link prediction in online social networks
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
A Framework for Computing the Privacy Scores of Users in Online Social Networks
ICDM '09 Proceedings of the 2009 Ninth IEEE International Conference on Data Mining
Class-based graph anonymization for social network data
Proceedings of the VLDB Endowment
k-automorphism: a general framework for privacy preserving network publication
Proceedings of the VLDB Endowment
Privacy wizards for social networking sites
Proceedings of the 19th international conference on World wide web
A Practical Attack to De-anonymize Social Network Users
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
xBook: redesigning privacy control in social networking platforms
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Proceedings of the 2013 ACM international symposium on New ideas, new paradigms, and reflections on programming & software
| Hi-index | 0.00 |
The immensity and variety of personal information (e.g., profile, photo, and microblog) on social sites require access control policies tailored to individuals' privacy needs. Today such policies are still mainly specified manually by ordinary users, which is usually coarse-grained, tedious, and error-prone. This paper presents the design, implementation, and evaluation of an automated access control policy specification tool, XACCESS, that helps non-expert users effectively specify who should have access to which part of their data. A series of key features distinguish XACCESS from prior work: 1) it adopts a role-based access control model (instead of the conventional rule-based paradigm) to capture the implicit privacy/interest preference of social site users; 2) it employs a novel hybrid mining method to extract a set of semantically interpretable, functional "social roles", from both static network structures and dynamic historical activities; 3) based on the identified social roles, confidentiality setting of personal data, and (optional and possibly inconsistent) predefined user-permission assignments, it recommends a set of high-quality privacy settings; 4) it allows user feedback in every phase of the process to further improve the quality of the suggested privacy policies. A comprehensive experimental evaluation is conducted over real social network and user study data to validate the efficacy of XACCESS.