Extending social networks with delegation

Abstract Despite their enormous growth, current social networks lack a systematic approach to delegate rights – when an entity authorizes another to access the resources on its behalf. This paper proposes a delegation model based on socio-technical design and theory of cooperation and collaboration that best suits the requirements of social networks. The model is formulated through formal methods, designed using ontologies and implemented through Facebook APIs. The model's expressiveness is examined for overlapping policies of multiple users, its consistency is analyzed for conflicting and redundant policies and user acceptance testing is performed for acceptability. For social validity, the model is also compared with 27 previous delegation models with respect to socio-technical validity parameters derived from social principles already accepted in the human society.

[1]  I. Jahnke Socio-Technical Communities: From Informal to Formal? , 2009 .

[2]  Muthucumaru Maheswaran,et al.  A trust based approach for protecting user data in social networks , 2007, CASCON.

[3]  Michael Huth,et al.  Relationship-based access control: its expression and enforcement through hybrid logic , 2012, CODASPY '12.

[4]  Ravi S. Sandhu,et al.  Framework for role-based delegation models , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[5]  D. A. Kenny,et al.  The Social Relations Model: How to Understand Dyadic Processes , 2010 .

[6]  Rino Falcone,et al.  Towards a theory of delegation for agent-based systems , 1998, Robotics Auton. Syst..

[7]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[8]  Jason Crampton,et al.  Delegation and satisfiability in workflow systems , 2008, SACMAT '08.

[9]  Sandeep K. Shukla,et al.  XFM: extreme formal method for capturing formal specification into abstract models , 2004 .

[10]  Timothy W. Finin,et al.  Enabling Technology for Knowledge Sharing , 1991, AI Mag..

[11]  Akhil Kumar,et al.  DW-RBAC: A formal security model of delegation and revocation in workflow systems , 2007, Inf. Syst..

[12]  Xinwen Zhang,et al.  xDAuth: a scalable and lightweight framework for cross domain access control and delegation , 2011, SACMAT '11.

[13]  Marianne Winslett,et al.  Please Permit Me: Stateless Delegated Authorization in Mashups , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[14]  Michael Uschold,et al.  Ontologies: principles, methods and applications , 1996, The Knowledge Engineering Review.

[15]  Ravi S. Sandhu,et al.  Role-based delegation model/hierarchical roles (RBDM1) , 2004, 20th Annual Computer Security Applications Conference.

[16]  P. Oscar Boykin,et al.  Leveraging social networks to fight spam , 2005, Computer.

[17]  Yutaka Matsuo,et al.  Community gravity: measuring bidirectional effects by trust and rating on online social networks , 2009, WWW '09.

[18]  Rob Johnson,et al.  More Content - Less Control: Access Control in the Web 2.0 , 2006 .

[19]  Yuan Cheng,et al.  An Access Control Model for Online Social Networks Using User-to-User Relationships , 2016, IEEE Transactions on Dependable and Secure Computing.

[20]  Ravi S. Sandhu,et al.  PBDM: a flexible delegation model in RBAC , 2003, SACMAT '03.

[21]  Jennifer Golbeck,et al.  Trust and nuanced profile similarity in online social networks , 2009, TWEB.

[22]  Yaowadee Temtanapat,et al.  Detection of access control flaws in a distributed database system with local site autonomy , 1997, Proceedings of the 1997 International Database Engineering and Applications Symposium (Cat. No.97TB100166).

[23]  Barbara Carminati,et al.  Content-Based Filtering in On-Line Social Networks , 2010, PSDML.

[24]  Andreas Schaad,et al.  A Secure Task Delegation Model for Workflows , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[25]  Elisa Bertino,et al.  Supporting multiple access control policies in database systems , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[26]  R. Ryan,et al.  Relation of reward contingency and interpersonal context to intrinsic motivation: A review and test using cognitive evaluation theory. , 1983 .

[27]  Jason Crampton,et al.  Delegation in role-based access control , 2007, International Journal of Information Security.

[28]  Philip W. L. Fong,et al.  A Privacy Preservation Model for Facebook-Style Social Network Systems , 2009, ESORICS.

[29]  Somchart Fugkeaw,et al.  A-COLD: Access Control of Web OLAP over Multi-data Warehouse , 2009, 2009 International Conference on Availability, Reliability and Security.

[30]  Joanne M. McInnerney,et al.  Online Learning: Social Interaction and the Creation of a Sense of Community , 2004, J. Educ. Technol. Soc..

[31]  Ed Dawson,et al.  On a taxonomy of delegation , 2010, Comput. Secur..

[32]  Philipp Frischmuth,et al.  Extending the WebID Protocol with Access Delegation , 2012, COLD.

[33]  Ken Sakamura,et al.  A secure and flexible e-Health access control system with provisions for emergency access overrides and delegation of access privileges , 2016, 2016 18th International Conference on Advanced Communication Technology (ICACT).

[34]  Akira Matsushita,et al.  Capability-based delegation model in RBAC , 2010, SACMAT '10.

[35]  Afsaneh Haddadi,et al.  Communication and Cooperation in Agent Systems , 1995, Lecture Notes in Computer Science.

[36]  Roberto Tamassia,et al.  Role-based cascaded delegation , 2004, SACMAT '04.

[37]  Elisa Bertino,et al.  Secure interoperation in a multidomain environment employing RBAC policies , 2005, IEEE Transactions on Knowledge and Data Engineering.

[38]  Qin Zhang,et al.  Online trust forming mechanism: approaches and an integrated model , 2005, ICEC '05.

[39]  Barbara Carminati,et al.  Enforcing access control in Web-based social networks , 2009, TSEC.

[40]  Xinwen Zhang,et al.  DAuth: Fine-Grained Authorization Delegation for Distributed Web Application Consumers , 2010, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.

[41]  Bhavani M. Thuraisingham,et al.  Semantic web-based social network access control , 2011, Comput. Secur..

[42]  Sebastian Ryszard Kruk,et al.  D-FOAF: Distributed Identity Management with Access Rights Delegation , 2006, ASWC.

[43]  Asunción Gómez-Pérez,et al.  METHONTOLOGY: From Ontological Art Towards Ontological Engineering , 1997, AAAI 1997.

[44]  Zhongfu Wu,et al.  An Attribute-Based Delegation Model and Its Extension , 2006, J. Res. Pract. Inf. Technol..

[45]  D. Polajnar,et al.  A multiagent architecture for semantic access to legacy relational databases , 2012, 2012 IEEE International Systems Conference SysCon 2012.

[46]  Benjamin N. Grosof,et al.  A practically implementable and tractable delegation logic , 2000, S&P 2000.

[47]  Yang Zhang,et al.  A New Access Control Scheme for Facebook-Style Social Networks , 2014, ARES.

[48]  Seungjoo Kim,et al.  Trust-Based Access Control Model from Sociological Approach in Dynamic Online Social Network Environment , 2014, TheScientificWorldJournal.

[49]  Roberto Tamassia,et al.  On Improving the Performance of Role-Based Cascaded Delegation in Ubiquitous Computing , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[50]  Brian Whitworth,et al.  The Social Design of Technical Systems: Building Technologies for Communities , 2013 .

[51]  Marcos Cramer,et al.  A Logic of Trust for Reasoning about Delegation and Revocation , 2015, SACMAT.

[52]  Vijay Varadharajan,et al.  A Comparative Analysis of the Social Graph Model and Multiparty Access Control Model for Online Social Networks , 2015 .

[53]  Philip W. L. Fong Relationship-based access control: protection model and policy language , 2011, CODASPY '11.

[54]  SangYeob Na,et al.  Role delegation in role-based access control , 2000, RBAC '00.

[55]  Sylvia L. Osborn,et al.  A new approach for delegation in usage control , 2013, CODASPY '13.

[56]  Dong-Gue Park,et al.  A Flexible Role-Based Delegation Model Using Characteristics of Permissions , 2005, DEXA.

[57]  Ravi Sandhu,et al.  A Role-Based Delegation Model and Some Extensions , 2000 .

[58]  Morrie Gasser,et al.  An architecture for practical delegation in a distributed system , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[59]  Vijayalakshmi Atluri,et al.  Supporting conditional delegation in secure workflow management systems , 2005, SACMAT '05.

[60]  J. Noll,et al.  Semantic Access Control in Web Based Communities , 2008, 2008 The Third International Multi-Conference on Computing in the Global Information Technology (iccgi 2008).

[61]  Eduardo B. Fernández,et al.  Decentralized Authorization In A Database System , 1979, Fifth International Conference on Very Large Data Bases, 1979..

[62]  Role Based Access Control for social network sites , 2009, 2009 Joint Conferences on Pervasive Computing (JCPC).

[63]  Amirreza Masoumzadeh,et al.  Ontology-based access control for social network systems , 2011, Int. J. Inf. Priv. Secur. Integr..

[64]  Joaquín Salvachúa,et al.  Tie-RBAC: An application of RBAC to Social Networks , 2012, ArXiv.

[65]  Katinka Waelbers,et al.  Technological Delegation: Responsibility for the Unintended , 2009, Sci. Eng. Ethics.