论文信息 - Tie-RBAC: An application of RBAC to Social Networks

Tie-RBAC: An application of RBAC to Social Networks

This paper explores the application of role-based access control to social networks, from the perspective of social network analysis. Each tie, composed of a relation, a sender and a receiver, involves the sender's assignation of the receiver to a role with permissions. The model is not constrained to system-defined relations and lets users define them unilaterally. It benefits of RBAC's advantages, such as policy neutrality, simplification of security administration and permissions on other roles. Tie-RBAC has been implemented in a core for building social network sites, Social Stream.

[1] Anna Cinzia Squicciarini,et al. PriMa: an effective privacy protection mechanism for social networks , 2010, ASIACCS '10.

[2] Anna Cinzia Squicciarini,et al. Web-Traveler Policies for Images on Social Networks , 2009, World Wide Web.

[3] Muthucumaru Maheswaran,et al. A trust based approach for protecting user data in social networks , 2007, CASCON.

[4] Anna Cinzia Squicciarini,et al. Privacy policies for shared content in social network sites , 2010, The VLDB Journal.

[5] Walid G. Aref,et al. Security models for web-based applications , 2001, CACM.

[6] Rob Johnson,et al. More Content - Less Control: Access Control in the Web 2.0 , 2006 .

[7] Barbara Carminati,et al. Access control and privacy in web-based social networks , 2008, Int. J. Web Inf. Syst..

[8] Philip W. L. Fong,et al. A Privacy Preservation Model for Facebook-Style Social Network Systems , 2009, ESORICS.

[9] Barbara Carminati,et al. Enforcing access control in Web-based social networks , 2009, TSEC.

[10] Stanley Wasserman,et al. Social Network Analysis: Methods and Applications , 1994, Structural analysis in the social sciences.

[11] Ramaswamy Chandramouli,et al. The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..