A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Computers and Intractability; A Guide to the Theory of NP-Completeness
Computers and Intractability; A Guide to the Theory of NP-Completeness
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Visualization of large networks with min-cut plots, A-plots and R-MAT
International Journal of Human-Computer Studies
PEI models towards scalable, usable and high-assurance information sharing
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
A trust based approach for protecting user data in social networks
CASCON '07 Proceedings of the 2007 conference of the center for advanced studies on Collaborative research
Toward a Usage-Based Security Framework for Collaborative Computing Systems
ACM Transactions on Information and System Security (TISSEC)
Privacy homomorphisms for social networks with private relationships
Computer Networks: The International Journal of Computer and Telecommunications Networking
Privacy-Aware Collaborative Access Control in Web-Based Social Networks
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Semantic Access Control in Web Based Communities
ICCGI '08 Proceedings of the 2008 The Third International Multi-Conference on Computing in the Global Information Technology (iccgi 2008)
Trust management for secure information flows
Proceedings of the 15th ACM conference on Computer and communications security
Proceedings of the 18th international conference on World wide web
A measurement-driven analysis of information propagation in the flickr social network
Proceedings of the 18th international conference on World wide web
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
A semantic web based framework for social network access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Private Relationships in Social Networks
ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
On the evolution of user interaction in Facebook
Proceedings of the 2nd ACM workshop on Online social networks
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
A Hybrid Enforcement Model for Group-centric Secure Information Sharing
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
A metadata calculus for secure information sharing
Proceedings of the 16th ACM conference on Computer and communications security
Lockr: better privacy for social networks
Proceedings of the 5th international conference on Emerging networking experiments and technologies
PriMa: an effective privacy protection mechanism for social networks
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Networks, Crowds, and Markets: Reasoning About a Highly Connected World
Networks, Crowds, and Markets: Reasoning About a Highly Connected World
A framework to enforce access control over data streams
ACM Transactions on Information and System Security (TISSEC)
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Models of Network Reliability: Analysis, Combinatorics, and Monte Carlo
Models of Network Reliability: Analysis, Combinatorics, and Monte Carlo
Privacy policies for shared content in social network sites
The VLDB Journal — The International Journal on Very Large Data Bases
Proceedings of the first ACM conference on Data and application security and privacy
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Privacy-Aware Knowledge Discovery: Novel Applications and New Techniques
Privacy-Aware Knowledge Discovery: Novel Applications and New Techniques
Relationship-based access control policies and their policy languages
Proceedings of the 16th ACM symposium on Access control models and technologies
Inferring privacy information from social networks
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Automatic enforcement of access control policies among dynamic coalitions
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
D-FOAF: distributed identity management with access rights delegation
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Rule-Based access control for social networks
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
Visualizing privacy implications of access control policies in social network systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
A visualization tool for evaluating access control policies in facebook-style social network systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
| Hi-index | 0.24 |
The dominant role of social networking in the web is turning human relations into conduits of information flow. This means that the way information spreads on the web is determined to a large extent by human decisions. Consequently, information security lies on the quality of the collective decisions made by the users. Recently, many access control schemes have been proposed to control unauthorized propagation of information in online social networks; however, there is still a need for mechanisms to evaluate the risk of information leakage within social networks. In this paper, we present a novel community-centric confidentiality control mechanism for information flow management on the web. We use a Monte Carlo based algorithm to determine the potential spread of a shared data object and to inform the user of the risk of information leakage associated with different sharing decisions she can make in a social network. By using the information provided by our algorithm, the user can curtail sharing decisions to reduce the risk of information leakage. Alternatively, our algorithm can provide input for a fully- or semi-automatic sharing decision maker that will determine the outcomes of sharing requests. Our scheme also provides a facility to reduce information flowing to a specific user (i.e., black listing a specific user). We used datasets from Facebook and Flickr to evaluate the performance of the proposed algorithms under different sharing conditions. The simulation results indicate that our algorithm can effectively control information sharing to reduce the risk of information leakage.