Combining access control and trust negotiations in an On-line Social Network

Protection of On-line Social Networks (OSNs) resources has become a primary need since today OSNs are the hugest repository of personal information on the Web. This has resulted in the definition of some access control models tailored to the protection of OSN resources. One of the key parameter on which access control decisions in OSNs should be based is represented by the trust between OSN users. A well-known approach for the management of trust relationships is represented by trust negotiations. In this paper, we show how access control and trust negotiation can be combined in a framework for the protection of OSN resources. Moreover, we show how the outcome of a trust negotiation can be exploited to dynamically adjust the trust level between OSN users.

[1]  Barbara Carminati,et al.  Privacy-Aware Access Control in Social Networks: Issues and Solutions , 2010 .

[2]  Ninghui Li,et al.  Safety in Automated Trust Negotiation , 2004, IEEE Symposium on Security and Privacy.

[3]  Ninghui Li,et al.  DATALOG with Constraints: A Foundation for Trust Management Languages , 2003, PADL.

[4]  Marianne Winslett,et al.  Protecting Privacy during On-Line Trust Negotiation , 2002, Privacy Enhancing Technologies.

[5]  Elena Ferrari,et al.  Privacy-Aware Knowledge Discovery: Novel Applications and New Techniques , 2010 .

[6]  Igor Nai Fovino,et al.  Advanced trust negotiations in critical infrastructures , 2010, Int. J. Crit. Infrastructures.

[7]  Barbara Carminati,et al.  Enforcing access control in Web-based social networks , 2009, TSEC.

[8]  Elisa Bertino,et al.  Supporting Robust and Secure Interactions in Open Domains through Recovery of Trust Negotiations , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[9]  Marianne Winslett,et al.  A unified scheme for resource protection in automated trust negotiation , 2003, 2003 Symposium on Security and Privacy, 2003..

[10]  Elisa Bertino,et al.  /spl Xscr/-TNL: an XML-based language for trust negotiations , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[11]  Elisa Bertino,et al.  Trust-X: A Peer-to-Peer Framework for Trust Establishment , 2004, IEEE Trans. Knowl. Data Eng..

[12]  Elisa Bertino,et al.  Privacy-Preserving Trust Negotiations , 2004, Privacy Enhancing Technologies.

[13]  Elisa Bertino,et al.  Identity-based long running negotiations , 2008, DIM '08.

[14]  Barbara Carminati,et al.  Computing Reputation for Collaborative Private Networks , 2009, 2009 33rd Annual IEEE International Computer Software and Applications Conference.

[15]  Marianne Winslett,et al.  PeerTrust: Automated Trust Negotiation for Peers on the Semantic Web , 2004, Secure Data Management.

[16]  Li Ding,et al.  How the Semantic Web is Being Used: An Analysis of FOAF Documents , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[17]  Ninghui Li,et al.  Towards practical automated trust negotiation , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[18]  Elisa Bertino,et al.  Group-Based Negotiations in P2P Systems , 2010, IEEE Transactions on Parallel and Distributed Systems.

[19]  Marianne Winslett,et al.  Limiting the Disclosure of Access Control Policies during Automated Trust Negotiation , 2001, NDSS.

[20]  Dan Brickley,et al.  FOAF Vocabulary Specification , 2004 .