Trust Based Access Control for Social Networks (STBAC)

The security of our personal information and sharing that information in the digital world has always been a major challenge for the ever-growing social networks. This paper proposes a trust access control called Trust Based Access Control for Social Network, or STBAC, which allows users to share data among their friends, using a trust computation to determine which friends should be given access. This trust computation uses previous interactions among a user's friends to classify his or her peers into privileged or unprivileged zones, which determine whether that peer gains access to the user's data. Online social networks are currently one of the most popular Internet activities, recently even eclipsing email usage. More than two-thirds of the global on-line population visit and participate in social networks, confirming its worldwide popularity (9). Online social networking websites leading this trend are Facebook and MySpace, with Facebook presently leading the competitors with impressive usage statistics. The percentage of worldwide Internet users that visit Facebook is reported to be a monthly average of 32%. That amounts to almost one third of all Internet users at a given point. In comparison, MySpace attracts only a monthly average of 3%. Based on these statistics, online social networking is without question, a global phenomenon. Together with such a fast spreading activity, various concerns and risks become evident. The establishment of trust and the protection of users becomes an ongoing challenge within the online social networking environment, with the threat of misuse and privacy intrusions by malicious users illustrating this challenge.

[1]  Barbara Carminati,et al.  Rule-Based Access Control for Social Networks , 2006, OTM Workshops.

[2]  Hua Wang,et al.  Trust-Involved Access Control in Collaborative Open Social Networks , 2010, 2010 Fourth International Conference on Network and System Security.

[3]  Bernd Rudolph Messaoud Benantar,et al.  Access Control Systems , 2008 .

[4]  Anneli Folkesson,et al.  Secure Computer Systems , 2013 .

[5]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[6]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[7]  Aneta Poniszewska-Maranda Platform for Access Control Management in Information System Based on Extended RBAC Model , 2010, 2010 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing.

[8]  Chuang Lin,et al.  Trust Based Access Control in Infrastructure-Centric Environment , 2011, 2011 IEEE International Conference on Communications (ICC).

[9]  Ling Liu,et al.  PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities , 2004, IEEE Transactions on Knowledge and Data Engineering.

[10]  Messaoud Benantar,et al.  Access Control Systems: Security, Identity Management and Trust Models , 2005 .

[11]  B. Lampson,et al.  Protection 1 , 2022 .

[12]  Ralf Steinmetz,et al.  Practical security in p2p-based social networks , 2009, 2009 IEEE 34th Conference on Local Computer Networks.

[13]  Zhiyong Feng,et al.  A Trust-Based Access Control with Feedback , 2008, 2008 International Symposiums on Information Processing.

[14]  Stephen Flowerday,et al.  Social Networks : Enhancing user trust through effective controls and identity management , 2011 .