Open Challenges in Relationship-Based Privacy Mechanisms for Social Network Services

Social networking services (SNSs) such as Facebook and Twitter have experienced explosive growth during the few past years. Millions of users have created their profiles on these services because they experience great benefits in terms of friendship. SNSs can help people to maintain their friendships, organize their social lives, start new friendships, and meet others who share their hobbies and interests. However, all these benefits can be eclipsed by the privacy hazards that affect people in SNSs. People expose intimate information about their lives on SNSs, and this information affects the way others think about them. It is crucial that users be able to control how their information is distributed through the SNSs and decide who can access it. This article presents a list of privacy threats that can affect SNS users and what requirements privacy mechanisms should fulfill to prevent this threats. Then the article reviews current approaches and analyzes to what extent they cover the requirements.

[1]  Eric Gilbert,et al.  Predicting tie strength with social media , 2009, CHI.

[2]  Mizuho Iwaihara,et al.  Trend Analysis and Recommendation of Users' Privacy Settings on Social Networking Services , 2011, SocInfo.

[3]  B. Buunk,et al.  The Cambridge handbook of personal relationships , 2006 .

[4]  Jennifer Neville,et al.  Modeling relationship strength in online social networks , 2010, WWW '10.

[5]  Anna Cinzia Squicciarini,et al.  PriMa: an effective privacy protection mechanism for social networks , 2010, ASIACCS '10.

[6]  Christopher Krügel,et al.  Detecting social cliques for automated privacy control in online social networks , 2012, 2012 IEEE International Conference on Pervasive Computing and Communications Workshops.

[7]  Munindar P. Singh,et al.  Platys Social: Relating Shared Places and Private Social Circles , 2012, IEEE Internet Computing.

[8]  Eric Gilbert,et al.  Predicting tie strength in a new medium , 2012, CSCW.

[9]  Siani Pearson,et al.  Sticky Policies: An Approach for Managing Privacy across Multiple Parties , 2011, Computer.

[10]  J. Rubenfeld The Right of Privacy , 1989 .

[11]  Kåre Synnes,et al.  Enriching and Simplifying Communication by Social Prioritization , 2010, 2010 International Conference on Advances in Social Networks Analysis and Mining.

[12]  Simson L. Garfinkel,et al.  Security and Usability , 2005 .

[13]  Eamonn O'Neill,et al.  Feasibility of structural network clustering for group-based privacy control in social networks , 2010, SOUPS.

[14]  M. Cooke,et al.  Web 2.0, Social Networks and the Future of Market Research , 2008 .

[15]  David M. Nicol,et al.  unFriendly: Multi-party Privacy Risks in Social Networks , 2010, Privacy Enhancing Technologies.

[16]  Gail-Joon Ahn,et al.  Multiparty Authorization Framework for Data Sharing in Online Social Networks , 2011, DBSec.

[17]  Heather Richter Lipford,et al.  Moving beyond untagging: photo privacy in a tagged world , 2010, CHI.

[18]  Brandon Dixon,et al.  A relation context oriented approach to identify strong ties in social networks , 2011, Knowl. Based Syst..

[19]  Ronald E. Rice,et al.  Predicting user concerns about online privacy , 2007, J. Assoc. Inf. Sci. Technol..

[20]  Nigel Shadbolt,et al.  Providing Access Control to Online Photo Albums Based on Tags and Linked Data , 2009, AAAI Spring Symposium: Social Semantic Web: Where Web 2.0 Meets Web 3.0.

[21]  V. Derlega,et al.  The Cambridge Handbook of Personal Relationships: Self-Disclosure in Personal Relationships , 2006 .

[22]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[23]  Hui Wang,et al.  Semantics-Enhanced Privacy Recommendation for Social Networking Sites , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[24]  Mireille Hildebrandt,et al.  Defining Profiling: A New Type of Knowledge? , 2008, Profiling the European Citizen.

[25]  Steven M. Bellovin,et al.  Facebook and privacy: it's complicated , 2012, SOUPS.

[26]  Danah Boyd,et al.  Profiles as Conversation: Networked Identity Performance on Friendster , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[27]  Heather Richter Lipford,et al.  Understanding Privacy Settings in Facebook with an Audience View , 2008, UPSEC.

[28]  Ziming Zhao,et al.  Game theoretic analysis of multiparty access control in online social networks , 2014, SACMAT '14.

[29]  Philip W. L. Fong Relationship-based access control: protection model and policy language , 2011, CODASPY '11.

[30]  Jose M. Such,et al.  BFF: A tool for eliciting tie strength and user communities in social networking services , 2013, Information Systems Frontiers.

[31]  Mohamed Shehab,et al.  Access Control Policy Misconfiguration Detection in Online Social Networks , 2013, 2013 International Conference on Social Computing.

[32]  John Zimmerman,et al.  Are you close with me? are you nearby?: investigating social groups, closeness, and willingness to share , 2011, UbiComp '11.

[33]  Thomas P. Minka,et al.  Gates , 2008, NIPS.

[34]  Mark S. Granovetter The Strength of Weak Ties , 1973, American Journal of Sociology.

[35]  Devan Rosen,et al.  The Utility of Communication Network Ties: Reconceptualizing the Social Network Tie Measure , 2011, 2011 44th Hawaii International Conference on System Sciences.

[36]  H. Arthur,et al.  Human relationships. , 1971, Midwives chronicle.

[37]  James K. Hampton,et al.  What is our mission , 2015 .

[38]  Michael Huth,et al.  Relationship-based access control: its expression and enforcement through hybrid logic , 2012, CODASPY '12.

[39]  Mohamed Shehab,et al.  Policy-by-example for online social networks , 2012, SACMAT '12.

[40]  Ilaria Liccardi,et al.  A Semantic Framework for Content-Based Access Controls , 2013, 2013 International Conference on Social Computing.

[41]  Smitha Sundareswaran,et al.  A3P: adaptive policy prediction for shared images over popular content sharing sites , 2011, HT '11.

[42]  Antonio Bolufé Röhler,et al.  European Conference on Information Systems ( ECIS ) 5-2-2012 REDUCING INFORMATION OVERLOAD : DESIGN AND EVALUATION OF FILTERING & RANKING ALGORITHMS FOR SOCIAL NETWORKING SITES , 2013 .

[43]  Scott A. Golder,et al.  Security Issues and Recommendations for Online Social Networks. , 2007 .

[44]  Yang Wang,et al.  Privacy nudges for social media: an exploratory Facebook study , 2013, WWW.

[45]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[46]  Anna Cinzia Squicciarini,et al.  WWW 2009 MADRID! Track: Security and Privacy / Session: Web Privacy Collective Privacy Management in Social Networks , 2022 .

[47]  Jean-Gabriel Ganascia,et al.  FORPS: friends-oriented reputation privacy score , 2011, IWSEC 2011.

[48]  Cliff Lampe,et al.  The Benefits of Facebook "Friends: " Social Capital and College Students' Use of Online Social Network Sites , 2007, J. Comput. Mediat. Commun..

[49]  Marika Lüders,et al.  Too Many Facebook “Friends”? Content Sharing and Sociability Versus the Need for Privacy in Social Network Sites , 2010, Int. J. Hum. Comput. Interact..

[50]  James Fogarty,et al.  Regroup: interactive machine learning for on-demand group creation in social networks , 2012, CHI.

[51]  Chris Hanson,et al.  Using Dependency Tracking to Provide Explanations for Policy Management , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[52]  Zahir Tari,et al.  On the Move to Meaningful Internet Systems. OTM 2018 Conferences , 2018, Lecture Notes in Computer Science.

[53]  Danah Boyd,et al.  Social Network Sites: Definition, History, and Scholarship , 2007, J. Comput. Mediat. Commun..

[54]  Richard G. Vedder,et al.  Privacy and security , 1996, CSOC.

[55]  Kôiti Hasida,et al.  POLYPHONET: An advanced social network extraction system from the Web , 2007, J. Web Semant..

[56]  Bhavani M. Thuraisingham,et al.  Semantic web-based social network access control , 2011, Comput. Secur..

[57]  Sriram Subramanian,et al.  Tilt techniques: investigating the dexterity of wrist-based input , 2009, CHI.

[58]  Kristen LeFevre,et al.  enList: Automatically Simplifying Privacy Policies , 2011, 2011 IEEE 11th International Conference on Data Mining Workshops.

[59]  Yuan Cheng,et al.  A User-to-User Relationship-Based Access Control Model for Online Social Networks , 2012, DBSec.

[60]  Jehad Imlawi,et al.  Engagement in Online Social Networks: The Impact of Self-Disclosure and Humor , 2014, Int. J. Hum. Comput. Interact..

[61]  Jose M. Such,et al.  Self-disclosure decision making based on intimacy and privacy , 2012, Inf. Sci..

[62]  Kristen LeFevre,et al.  Privacy wizards for social networking sites , 2010, WWW '10.

[63]  Anna Cinzia Squicciarini,et al.  PriMa: a comprehensive approach to privacy protection in social network sites , 2014, Ann. des Télécommunications.

[64]  Robert W. Reeder,et al.  Visual vs. compact: a comparison of privacy policy interfaces , 2010, CHI.

[65]  Jennifer Neville,et al.  Using Transactional Information to Predict Link Strength in Online Social Networks , 2009, ICWSM.

[66]  Philip W. L. Fong,et al.  A Privacy Preservation Model for Facebook-Style Social Network Systems , 2009, ESORICS.

[67]  Leyla Bilge,et al.  All your contacts are belong to us: automated identity theft attacks on social networks , 2009, WWW '09.

[68]  Danah Boyd,et al.  Facebook privacy settings: Who cares? , 2010, First Monday.

[69]  Anna Cinzia Squicciarini,et al.  Learning based access control in online social networks , 2010, WWW '10.

[70]  Barbara Carminati,et al.  Enforcing access control in Web-based social networks , 2009, TSEC.

[71]  Heather Richter Lipford,et al.  Strategies and struggles with privacy in an online social networking community , 2008, BCS HCI.

[72]  Qun A. Li,et al.  Security and Privacy in Online Social Networks-A Survey , 2012 .

[73]  Yvo Desmedt,et al.  Poster: preliminary analysis of Google+'s privacy , 2011, CCS '11.

[74]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[75]  Lujo Bauer,et al.  Expandable grids for visualizing and authoring computer security policies , 2008, CHI.

[76]  Ed H. Chi,et al.  Talking in circles: selective sharing in google+ , 2012, CHI.

[77]  Yuguang Fang,et al.  Privacy and security for online social networks: challenges and opportunities , 2010, IEEE Network.

[78]  Evimaria Terzi,et al.  A Framework for Computing the Privacy Scores of Users in Online Social Networks , 2009, 2009 Ninth IEEE International Conference on Data Mining.

[79]  Rob Johnson,et al.  Usable Privacy Controls for Blogs , 2009, 2009 International Conference on Computational Science and Engineering.

[80]  Luke Church,et al.  Privacy suites: shared privacy for social networks , 2009, SOUPS.

[81]  Christoph Trattner,et al.  Acquaintance or partner? Predicting partnership in online and location-based social networks , 2013, 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2013).

[82]  Eytan Adar,et al.  The PViz comprehension tool for social network privacy settings , 2012, SOUPS.

[83]  Susan B. Barnes,et al.  A privacy paradox: Social networking in the United States , 2006, First Monday.

[84]  Xiaokang Yang,et al.  A Hierarchical Diffusion Algorithm for Community Detection in Social Networks , 2010, 2010 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[85]  Srdjan Marinovic,et al.  Collaborative Privacy Policy Authoring in a Social Networking Context , 2010, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.

[86]  David J. Houghton,et al.  Privacy, Social Network Sites, and Social Relations , 2010 .

[87]  A. Felt Privacy Protection for Social Networking APIs , 2008 .

[88]  Blase Ur,et al.  Tag, you can see it!: using tags for access control in photo sharing , 2012, CHI.

[89]  David C. Yen,et al.  Exploring the Individual's Behavior on Self-Disclosure Online , 2012, Int. J. Hum. Comput. Interact..

[90]  Lise Getoor,et al.  Privacy in Social Networks: A Survey , 2011, Social Network Data Analytics.

[91]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[92]  Anna Wu,et al.  Detecting professional versus personal closeness using an enterprise social network site , 2010, CHI.

[93]  Kerstin Bischoff,et al.  We love rock 'n' roll: analyzing and predicting friendship links in Last.fm , 2012, WebSci '12.