Setting Access Permission through Transitive Relationship in Web-based Social Networks

The rising popularity of various social networking websites has created a huge problem on Internet privacy. Although it is easy to post photos, comments, opinions on some events, etc. on the Web, some of these data (such as a person’s location at a particular time, criticisms of a politician, etc.) are private and should not be accessed by unauthorized users. Although social networks facilitate sharing, the fear of sending sensitive data to a third party without knowledge or permission of the data owners discourages people from taking full advantage of some social networking applications. We exploit the existing relationships on social networks and build a ‘‘trust network’’ with transitive relationship to allow controlled data sharing so that the privacy and preferences of data owners are respected. The trust network linking private data owners, private data requesters, and intermediary users is a directed weighted graph. The permission value for each private data requester can be automatically assigned in this network based on the transitive relationship. Experiments were conducted to confirm the feasibility of constructing the trust network from existing social networks, and to assess the validity of permission value assignments in the query process. Since the data owners only need to define the access rights of their closest contacts once, this privacy scheme can make private data sharing easily manageable by social network participants.

[1]  John Scott What is social network analysis , 2010 .

[2]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[3]  Caroline Haythornthwaite,et al.  Studying Online Social Networks , 2006, J. Comput. Mediat. Commun..

[4]  Sergey Brin,et al.  The Anatomy of a Large-Scale Hypertextual Web Search Engine , 1998, Comput. Networks.

[5]  D. Richard Kuhn,et al.  A role-based access control model and reference implementation within a corporate intranet , 1999, TSEC.

[6]  B. Esfandiari,et al.  On How Agents Make Friends: Mechanisms for Trust Acquisition , 2000 .

[7]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[8]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[9]  Matthew Richardson,et al.  Trust Management for the Semantic Web , 2003, SEMWEB.

[10]  Georg Lausen,et al.  Spreading activation models for trust propagation , 2004, IEEE International Conference on e-Technology, e-Commerce and e-Service, 2004. EEE '04. 2004.

[11]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[12]  Georg Lausen,et al.  Analyzing Correlation between Trust and User Similarity in Online Communities , 2004, iTrust.

[13]  Li Ding,et al.  Enhancing Web privacy protection through declarative policies , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[14]  Elisa Bertino,et al.  Purpose based access control of complex data for privacy protection , 2005, SACMAT '05.

[15]  Peter Mika,et al.  Ontologies are us: A unified model of social networks and semantics , 2005, J. Web Semant..

[16]  Mingxuan Yuan,et al.  Dynamic privacy management: a plug-in service for the middleware in pervasive computing , 2005, Mobile HCI.

[17]  Joann J. Ordille,et al.  Data integration: the teenage years , 2006, VLDB.

[18]  Yarden Katz,et al.  Using Social Network-based Trust For Default Reasoning On The Web , 2006 .

[19]  Wei Huang,et al.  A lightweight model of trust propagation in a multi-client network environment: to what extent does experience matter? , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[20]  Christopher Ré,et al.  Managing Uncertainty in Social Networks , 2007, IEEE Data Eng. Bull..

[21]  Robert E. Tarjan,et al.  Clustering Social Networks , 2007, WAW.

[22]  Beatrice Gralton,et al.  Washington DC - USA , 2008 .

[23]  Walid G. Aref,et al.  Casper*: Query processing for location services without compromising privacy , 2006, TODS.

[24]  Azadeh Iranmehr,et al.  Trust Management for Semantic Web , 2009, 2009 Second International Conference on Computer and Electrical Engineering.