A New Access Control Scheme for Facebook-style Social Networks

TL;DR

This paper introduces a novel access control scheme for OSNs that incorporates public information and relationship hierarchies, addressing limitations of existing schemes in dynamic social network environments.

Contribution

It proposes a new OSN model with public info and relationships, and develops a hybrid logic-based policy framework for improved access control.

Findings

Enhanced access control policies for public information

Formal modeling of collaborative access control

Extensions using category information and relationship hierarchy

Abstract

The popularity of online social networks (OSNs) makes the protection of users' private information an important but scientifically challenging problem. In the literature, relationship-based access control schemes have been proposed to address this problem. However, with the dynamic developments of OSNs, we identify new access control requirements which cannot be fully captured by the current schemes. In this paper, we focus on public information in OSNs and treat it as a new dimension which users can use to regulate access to their resources. We define a new OSN model containing users and their relationships as well as public information. Based on this model, we introduce a variant of hybrid logic for formulating access control policies. We exploit a type of category information and relationship hierarchy to further extend our logic for its usage in practice. In the end, we propose a few solutions to address the problem of information reliability in OSNs, and formally model collaborative access control in our access control scheme.