面向社交网络的访问控制模型和策略研究进展

doi:10.11959/j.issn.2096-109x.2016.00086

网络与信息安全学报 ›› 2016, Vol. 2 ›› Issue (8): 1-9.doi: 10.11959/j.issn.2096-109x.2016.00086

• 综述 • 下一篇

面向社交网络的访问控制模型和策略研究进展

陈天柱,郭云川,牛犇,李凤华()

中国科学院信息工程研究所信息安全国家重点实验室，北京100093

修回日期:2016-07-12 出版日期:2016-08-01 发布日期:2017-06-04
作者简介:陈天柱（1987-），男，河北秦皇岛人，中国科学院信息工程研究所博士生，主要研究方向为信息安全。|郭云川（1977-），男，四川营山人，博士，中国科学院信息工程研究所副研究员，主要研究方向为物联网安全、形式化方法。|牛犇（1984-），男，陕西西安人，博士，中国科学院信息工程研究所助理研究员，主要研究方向为网络安全、信息保护。|李凤华（1966-），男，湖北浠水人，博士，中国科学院信息工程研究所副总工、研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算。
基金资助:
国家高技术研究发展计划（“863”计划）基金资助项目(2015AA016007);国家自然科学基金委—广东联合基金资助项目(U1401251);国家科技重大专项基金资助项目(2015ZX01029101)

Research progress of access control model and policy in online social networks

Tian-zhu CHEN,Yun-chuan GUO,Ben NIU,Feng-hua LI()

State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China

Revised:2016-07-12 Online:2016-08-01 Published:2017-06-04
Supported by:
The National High Technology R＆D Program of China (863 Program)(2015AA016007);The National Natural Science Foundation of China-Guangdong Union Foundation(U1401251);The National Science and Technology Major Project of China(2015ZX01029101)

摘要/Abstract

摘要：

作为信息保护有效手段之一的访问控制技术，可以保障信息仅能被合法用户访问，防止信息的泄露，势必成为在线社交网络中信息保护方法的重要组成部分。通过分析在线社交网络的特点，从访问控制模型与访问控制策略2个角度出发，对目前在线社交网络中的访问控制研究进行深入探讨，并对相关研究进行整理与分析。

关键词: 社交网络, 访问控制模型, 访问控制策略, 信息传播

Abstract:

As one of the effective approach to protecting information,access control which makes the information only accessed by legitimate users and prevents information leakage,has been widely used in online social networks.The characteristics of OSN were analyzed.From two angles of access control model and access control strategy,the research of access control in online social networks were discussed deeply,the related research was counted and analyzed.

Key words: social network, access control model, access control policy, information dissemination

中图分类号:

TP393

陈天柱,郭云川,牛犇,李凤华. 面向社交网络的访问控制模型和策略研究进展[J]. 网络与信息安全学报, 2016, 2(8): 1-9.

Tian-zhu CHEN,Yun-chuan GUO,Ben NIU,Feng-hua LI. Research progress of access control model and policy in online social networks[J]. Chinese Journal of Network and Information Security, 2016, 2(8): 1-9.

图/表 4

图1

表1

表2

图2

参考文献 55

[1]	NI M , ZHANG Y , HAN W , et al. An empirical study on user access control in online social networks[C]// The 21st ACM Symposium on Access Control Models and Technologies, Shanghai. c2016: 13-23.
[2]	HART M , JOHNSON R , STENT A . More content-less control:access control in the Web 2.0[J]. IEEE Web, 2007, 2.
[3]	ALI B , VILLEGAS W , MAHESWARAN M . A trust based approach for protecting user data in social networks[C]// The 2007 Conference on Collaborative Research, Richmond Hill. c2007: 288-293.
[4]	FONG P W L , ANWAR M , ZHAO Z . A privacy preservation model for facebook-style social network systems[C]// European Sympo-sium on Research in Computer Security, Heidelberg. c2009: 303-320.
[5]	NIN J , TORRA V . Possibilistic reasoning for trust-based access control enforcement in social networks[C]// IEEE International Conference on Fuzzy Systems, Barcelona. c2010: 1-6.
[6]	VILLEGAS W , ALI B , MAHESWARAN M . An access control scheme for protecting personal data[C]// The 6th Conference on Privacy,Security and Trust. c2008: 24-35.
[7]	CARMINATI B , FERRARI E , PEREGO A . Enforcing access control in Web-based social networks[J]. ACM Transactions on In-formation and System Security (TISSEC), 2009, 13(1): 6.
[8]	CHENG Y , PARK J , SANDHU R . Relationship-based access con-trol for online social networks:beyond user-to-user relation-ships[C]// International Conference on Privacy,Security,Risk and Trust. c2012: 646-655.
[9]	FONG P W L . Relationship-based access control:protection model and policy language[C]// ACM Conference on Data and Applica-tion Security＆Privacy. c2011: 191-202.
[10]	FONG P W L , SIAHAAN I . Relationship-based access control policies and their policy languages[C]// The 16th ACM Symposium on Access Control Models and Technologies. c2011: 51-60.
[11]	RIZVI S Z R , FONG P W L , CRAMPTON J , et al. Relation-ship-based access control for an open-source medical records sys-tem[C]// ACM Symposium on Access Control Models and Tech-nologies. c2015: 113-124.
[12]	李晓峰, 冯登国, 陈朝武 , 等. 基于属性的访问控制模型[J]. 通信学报, 2008, 29(4): 90-98.
	LI X F , FENG D G , CHEN Z W , et al. Model for attribute based access control[J]. Journal on Communications, 2008, 29(4): 90-98.
[13]	沈海波, 洪帆 . 面向 Web 服务的基于属性的访问控制研究[J]. 计算机科学, 2006, 33(4): 92-96.
	SHEN H B . Study on attribute-based access control for Web ser-vices[J]. Computer Science, 2006, 33(4): 92-96.
[14]	王小明, 付红, 张立臣 . 基于属性的访问控制研究进展[J]. 电子学报, 2010, 38(7): 1660-1667.
	WANG X M , FU H , ZHANG L C . Research progress on attrib-ute-based access control[J]. Acta Electronica Sinica, 2010, 38(7): 1660-1667.
[15]	HSU A C , RAY I . Specification and enforcement of location-aware attribute-based access control for online social networks[C]// ACM International Workshop on Attribute Based Access Control. c2016: 25-34.
[16]	CHENG Y , PARK J , SANDHU R . Attribute-aware relation-ship-based access control for online social networks[C]// IFIP An-nual Conference on Data and Applications Security and Privacy. c2014: 292-306.
[17]	CHENG Y , PARK J , SANDHU R . Attribute-aware relation-ship-based access control for online social networks[C]// IFIP An-nual Conference on Data and Applications Security and Privacy, Vienna. c2014: 292-306.
[18]	PANG J , ZHANG Y . A new access control scheme for face-book-style social networks[C]// International Conference on Avail-ability,Reliability and Security. c2013: 1-10.
[19]	BADEN R , BENDER A , SPRING N , et al. Persona:an online social network with user-defined privacy[J]. ACM Sigcomm Com-puter Communication Review, 2009, 39(4): 135-146.
[20]	JAHID S , MITTAL P , BORISOV N . EASiER:encryption-based access control in social networks with efficient revocation[C]// ACM Symposium on Information,Computer and Communications Security. c2011: 411-415.
[21]	史斌 . 面向语义网的语义搜索引擎关键技术研究[D]. 北京: 北京工业大学, 2010.
	BIN S . The research on key technology of semantic search engine in semantic Web[D]. Beijing: Beijing University of Technology, 2010.
[22]	CARMINATI B , FERRARI E , HEATHERLY R , et al. Semantic Web-based social network access control[J]. Computers and Secu-rity, 2011, 30(2).
[23]	HORROCKS I , PATEL-SCHNEIDER P F , BOLEY H , et al. SWRL:a semantic Web rule language combining OWL and rule ML[J]. W3C Member Submission, 2004, 21: 79.
[24]	CARMINATI B , FERRARI E , HEATHERLY R , et al. A semantic Web based framework for social network access control[C]// ACM on Symposium on Access Control Models and Technologies. c2009: 177-186.
[25]	文峰 . 一种面向应用的多层次数据资源描述框架[J]. 计算机应用与软件, 2013, 30(7): 221-223.
	WENG F . An application-oriented multi-level data resource de-scription frame[J]. Computer Applications＆Software, 2013, 30(7): 221-220.
[26]	JADLIWALA M , MAITI A , NAMBOODIRI V . Social puzzles:context-based access control in online social networks[C]// Annual IEEE/IFIP International Conference on Dependable Systems and Networks. c2014: 299-310.
[27]	VILLATA S , COSTABELLO L , DELAFORGE N , et al. A social semantic Web access control model[J]. Journal on Data Semantics, 2012, 2(1): 21-36.
[28]	IMRAN-DAUD M , SáNCHEZ D , VIEJO A . Privacy-driven access control in social networks by means of automatic semantic annota-tion[J]. Computer Communications, 2016, 76: 12-25.
[29]	徐仁佐, 郑红军, 陈斌 , 等. 基于角色和上下文的访问控制模型[J]. 计算机应用研究, 2004, 21(12): 140-142.
	XU R Z , ZHENG H J , CHEN B , et al. Role and context-based ac-cess control model[J]. Application Research of Computers, 2004.
[30]	ABDESSALEM T , DHIA I B . A reachability-based access control model for online social networks[C]// ACM Symposium on Data-bases and Social Networks. c2011: 31-36.
[31]	KAPADIA A , ADU-OPPONG F , GARDINER C K , et al. Social circles:tackling privacy in social networks[C]// Symposium on Usable Privacy Security. 2008.
[32]	CHEEK G P , SHEHAB M . Policy-by-example for online social networks[C]// ACM Symposium on Access Control Models and Technologies. c2012: 23-32.
[33]	RAVICHANDRAN R , BENISCH M , KELLEYP , et al. Capturing social networking privacy preferences[C]// Symposium on Usable Privacy Security, California. c2009: 1-18.
[34]	BONNEAU J , ANDERSON J , CHURCH L , et al. Privacy suites:shared privacy for social networks[C]// Symposium on Usable Privacy and Security, California. c2009.
[35]	SQUICCIARINI A C , SUNDARESWARAN S , LIN D , et al. A3P:adaptive policy prediction for shared images over popular content sharing sites[C]// ACM Conference on Hypertext and Hypermedia, Eindhoven. c2011: 261-270.
[36]	SQUICCIARINI A C , LIN D , SUNDARESWARAN S , et al. Pri-vacy policy inference of user-uploaded images on content sharing sites[J]. IEEE Transactions on Knowledge＆Data Engineering， 2015, 27(1): 193-206.
[37]	SHEHAB M , TOUATI H . Semi-supervised policy recommendation for online social networks[C]// International Conference on Ad-vances in Social Networks Analysis and Mining. c2012: 360-367.
[38]	张慧, 方旭明 . 基于价格理论和博弈论的接入控制策略[J]. 通信学报, 2008, 29(7): 94-102.
	ZHANG H , FANG X M . Pricing and game theory based admission control scheme[J]. Journal on Communications, 2008, 29(7): 94-102.
[39]	田有亮, 马建峰, 彭长根 , 等. 秘密共享体制的博弈论分析[J]. 电子学报, 2011, 39(12): 2790-2795.
	TIAN Y L , MA J F , PENG C G , et al. Game-theoretic analysis for the secret sharing scheme[J]. Acta Electronica Sinica, 2011, 39(12): 2790-2795.
[40]	SQUICCIARINI A C , SHEHAB M , PACI F . Collective privacy management in social networks[C]// International Conference on World Wide Web. c2009. 521-530.
[41]	EPHRATI E , ROSENSCHEIN J S . The clarke tax as a consensus mechanism among automated agents[C]// National Conference on Artificial Intelligence. c1991, 91: 173-178.
[42]	SQUICCIARINI A C , XU H , ZHANG X . CoPE:enabling collabo-rative privacy management in online social networks[J]. Journal of the American Society for Information Science＆Technology， 2011, 62(3): 521-534.
[43]	HU H , AHN G J , JORGENSEN J . Multiparty access control for online social networks:model and mechanisms[J]. IEEE Transac-tions on Knowledge＆Data Engineering， 2013, 25(7): 1614-1627.
[44]	HU H , AHN G J , ZHAO Z , et al. Game theoretic analysis of multi-party access control in online social networks[C]// ACM Sympo-sium on Access Control Models and Technologies. c2014: 93-102.
[45]	XIAO Q , TAN K L . Peer-aware collaborative access control in social networks[C]// International Conference on Collaborative Computing:Networking,Applications and Worksharing. c2012: 30-39.
[46]	MEHREGAN P , FONG P W L . Policy negotiation for co-owned resources in relationship-based access control[C]// ACM on Sympo-sium on Access Control Models and Technologies. c2016: 125-136.
[47]	ILIA P , POLAKIS I , ATHANASOPOULOS E , et al. Face/off:preventing privacy leakage from photos in social networks[C]// The 22nd ACM Sigsac Conference on Computer and Communications Security. c2015: 781-792.
[48]	ZHANG C , ZHANG Z . A survey of recent advances in face detec-tion[EB/OL].
[49]	包义保, 殷丽华, 方滨兴 , 等. 基于良基语义的安全策略表达与验证方法[J]. 软件学报, 2012, 23(4): 912-927.
	BAO Y B , YIN L H , FANG B X , et al. Approach of security policy expression and verification based on well-founded semantic[J]. Journal of Software, 2012 23(4): 912-927.
[50]	包义保, 殷丽华, 方滨兴 , 等. 动态安全策略逻辑语言及安全属性验证问题的研究[J]. 计算机研究与发展, 2010, 50(5): 932-941.
	BAO Y B , YIN L H , FANG B X , et al. Logic-based dynamical security policy language and verification[J]. Journal of Computer Research＆Development, 2013, 50(5): 932-941.
[51]	BONATTI P , SHAHMEHRI N , DUMA C , et al. Rule-based policy specification:state of the art and future work[EB/OL]. .
[52]	JAKOB M , MOLER Z , PECHOUCEK M , et al. Intelligent con-tent-based privacy assistant for facebook[C]// The IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology. c2011: 499-500.
[53]	RATHORE N C , TRIPATHY S . Topology management in ad hoc networks[A]. Collaborative access control model for online social networks[C]// ICDCIT. c2016.
[54]	LIFSCHITZ V . Answer set programming and plan generation[J]. Collaborative access control model for online social networks[C]// Artificial Intelligence, 2002, 138(1): 39-54.
[55]	LIFSCHITZ V . Answer set planning[C]// International Conference on Logic Programming and Nonmonotonic Reasoning. c1999: 373-374.

发展历程	控制因素	适用情况	访问控制粒度	存在冲突消解	分散式管理	具有动态性
文献[2,3]	拥有者和访问者的深度（1 跳数）	社交网络	不灵活	否	否	否
文献[4]	拥有者和访问者的深度（多跳数）	社交网络	不灵活	否	是	是
文献[5,6]	拥有者和访问者的可信级别	社交网络	比较灵活	否	是	是
文献[7]	拥有者和访问者的关系类别、深度（多跳数）、可信级别	社交网络	比较灵活	否	是	是
文献[8]	拥有者和访问者的关系类别、深度（多跳数）、可信级别，资源间的关系	社交网络	灵活	否	是	是
文献 [9,10]	拥有者和访问者的深度（多跳数）	和社交网络相似的情景	比较灵活	否	否	是
文献[11]	拥有者和访问者的深度（1跳数）	医疗系统	灵活	否	否	是

文献	分布式管理	细粒度	基于密码学	动态性	安全性
文献[19]	是	否	是	弱	强
文献[20]	是	否	是	强	强
文献[15]	否	否	否	弱	强
文献[16]	是	是	否	强	弱
文献[17]	是	是	否	强	弱
文献[18]	是	否	否	强	弱
文献[5]	是	是	否	强	弱

面向社交网络的访问控制模型和策略研究进展

Research progress of access control model and policy in online social networks

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 55

相关文章 15

Metrics

推荐阅读 0

[1]	时文旗, 罗向阳, 郭家山. 基于加权最小二乘的社交网络用户定位方法[J]. 网络与信息安全学报, 2022, 8(3): 41-52.
[2]	谢绒娜, 范晓楠, 袁琳, 郭子晨, 朱家玉, 史国振. 在线社交网络中延伸访问控制机制研究[J]. 网络与信息安全学报, 2021, 7(5): 123-131.
[3]	蒋忠元, 陈贤宇, 马建峰. 社交网络中的社团隐私研究综述[J]. 网络与信息安全学报, 2021, 7(2): 10-21.
[4]	诸天逸, 李凤华, 成林, 郭云川. 跨域访问控制技术研究[J]. 网络与信息安全学报, 2021, 7(1): 20-27.
[5]	张鑫,羌卫中,吴月明,邹德清,金海. 基于卷积神经网络恶意安卓应用行为模式挖掘[J]. 网络与信息安全学报, 2020, 6(6): 35-44.
[6]	王培,贾焰,李爱平,蒋千越. 基于DeepLink的社交网络去匿名方法[J]. 网络与信息安全学报, 2020, 6(4): 104-108.
[7]	曲强,于洪涛,黄瑞阳. 基于注意力机制的社交垃圾文本检测方法[J]. 网络与信息安全学报, 2020, 6(1): 54-61.
[8]	曲强, 于洪涛, 黄瑞阳. 社交网络异常用户检测技术研究进展[J]. 网络与信息安全学报, 2018, 4(3): 13-23.
[9]	李洋,刘江华,伍玮. 支持丰富访问控制策略的群组协作密文策略属性基加密[J]. 网络与信息安全学报, 2017, 3(5): 54-61.
[10]	何建琼,田有亮,周凯. 可证明安全的社交网络隐私保护方案[J]. 网络与信息安全学报, 2016, 2(8): 62-67.
[11]	姚瑞欣,李晖,曹进. 社交网络中的隐私保护研究综述[J]. 网络与信息安全学报, 2016, 2(4): 33-43.
[12]	朱建明,高博. 社交金融的信息安全风险分析与防范[J]. 网络与信息安全学报, 2016, 2(3): 46-51.
[13]	闫峥,吴宸梓,冯伟,王子龙. 可信普适社交网络研究综述和展望[J]. 网络与信息安全学报, 2016, 2(2): 30-40.
[14]	田亚平,杨力,王小琴,乔雅峰. 基于节点亲密度挖掘的谣言抑制算法[J]. 网络与信息安全学报, 2016, 2(11): 61-69.
[15]	许志凯,张宏莉,史建焘,田志宏. 面向移动社交网络的位置隐私保护方法[J]. 网络与信息安全学报, 2015, 1(1): 50-57.