面向社交网络的访问控制模型和策略研究进展

doi:10.11959/j.issn.2096-109x.2016.00086

Abstract

Abstract:

As one of the effective approach to protecting information,access control which makes the information only accessed by legitimate users and prevents information leakage,has been widely used in online social networks.The characteristics of OSN were analyzed.From two angles of access control model and access control strategy,the research of access control in online social networks were discussed deeply,the related research was counted and analyzed.

Key words: social network, access control model, access control policy, information dissemination

CLC Number:

TP393

Tian-zhu CHEN,Yun-chuan GUO,Ben NIU,Feng-hua LI. Research progress of access control model and policy in online social networks[J]. Chinese Journal of Network and Information Security, 2016, 2(8): 1-9.

Figures/Tables 4

References 55

[1]	NI M , ZHANG Y , HAN W , et al. An empirical study on user access control in online social networks[C]// The 21st ACM Symposium on Access Control Models and Technologies, Shanghai. c2016: 13-23.
[2]	HART M , JOHNSON R , STENT A . More content-less control:access control in the Web 2.0[J]. IEEE Web, 2007, 2.
[3]	ALI B , VILLEGAS W , MAHESWARAN M . A trust based approach for protecting user data in social networks[C]// The 2007 Conference on Collaborative Research, Richmond Hill. c2007: 288-293.
[4]	FONG P W L , ANWAR M , ZHAO Z . A privacy preservation model for facebook-style social network systems[C]// European Sympo-sium on Research in Computer Security, Heidelberg. c2009: 303-320.
[5]	NIN J , TORRA V . Possibilistic reasoning for trust-based access control enforcement in social networks[C]// IEEE International Conference on Fuzzy Systems, Barcelona. c2010: 1-6.
[6]	VILLEGAS W , ALI B , MAHESWARAN M . An access control scheme for protecting personal data[C]// The 6th Conference on Privacy,Security and Trust. c2008: 24-35.
[7]	CARMINATI B , FERRARI E , PEREGO A . Enforcing access control in Web-based social networks[J]. ACM Transactions on In-formation and System Security (TISSEC), 2009, 13(1): 6.
[8]	CHENG Y , PARK J , SANDHU R . Relationship-based access con-trol for online social networks:beyond user-to-user relation-ships[C]// International Conference on Privacy,Security,Risk and Trust. c2012: 646-655.
[9]	FONG P W L . Relationship-based access control:protection model and policy language[C]// ACM Conference on Data and Applica-tion Security＆Privacy. c2011: 191-202.
[10]	FONG P W L , SIAHAAN I . Relationship-based access control policies and their policy languages[C]// The 16th ACM Symposium on Access Control Models and Technologies. c2011: 51-60.
[11]	RIZVI S Z R , FONG P W L , CRAMPTON J , et al. Relation-ship-based access control for an open-source medical records sys-tem[C]// ACM Symposium on Access Control Models and Tech-nologies. c2015: 113-124.
[12]	李晓峰, 冯登国, 陈朝武 , 等. 基于属性的访问控制模型[J]. 通信学报, 2008, 29(4): 90-98.
	LI X F , FENG D G , CHEN Z W , et al. Model for attribute based access control[J]. Journal on Communications, 2008, 29(4): 90-98.
[13]	沈海波, 洪帆 . 面向 Web 服务的基于属性的访问控制研究[J]. 计算机科学, 2006, 33(4): 92-96.
	SHEN H B . Study on attribute-based access control for Web ser-vices[J]. Computer Science, 2006, 33(4): 92-96.
[14]	王小明, 付红, 张立臣 . 基于属性的访问控制研究进展[J]. 电子学报, 2010, 38(7): 1660-1667.
	WANG X M , FU H , ZHANG L C . Research progress on attrib-ute-based access control[J]. Acta Electronica Sinica, 2010, 38(7): 1660-1667.
[15]	HSU A C , RAY I . Specification and enforcement of location-aware attribute-based access control for online social networks[C]// ACM International Workshop on Attribute Based Access Control. c2016: 25-34.
[16]	CHENG Y , PARK J , SANDHU R . Attribute-aware relation-ship-based access control for online social networks[C]// IFIP An-nual Conference on Data and Applications Security and Privacy. c2014: 292-306.
[17]	CHENG Y , PARK J , SANDHU R . Attribute-aware relation-ship-based access control for online social networks[C]// IFIP An-nual Conference on Data and Applications Security and Privacy, Vienna. c2014: 292-306.
[18]	PANG J , ZHANG Y . A new access control scheme for face-book-style social networks[C]// International Conference on Avail-ability,Reliability and Security. c2013: 1-10.
[19]	BADEN R , BENDER A , SPRING N , et al. Persona:an online social network with user-defined privacy[J]. ACM Sigcomm Com-puter Communication Review, 2009, 39(4): 135-146.
[20]	JAHID S , MITTAL P , BORISOV N . EASiER:encryption-based access control in social networks with efficient revocation[C]// ACM Symposium on Information,Computer and Communications Security. c2011: 411-415.
[21]	史斌 . 面向语义网的语义搜索引擎关键技术研究[D]. 北京: 北京工业大学, 2010.
	BIN S . The research on key technology of semantic search engine in semantic Web[D]. Beijing: Beijing University of Technology, 2010.
[22]	CARMINATI B , FERRARI E , HEATHERLY R , et al. Semantic Web-based social network access control[J]. Computers and Secu-rity, 2011, 30(2).
[23]	HORROCKS I , PATEL-SCHNEIDER P F , BOLEY H , et al. SWRL:a semantic Web rule language combining OWL and rule ML[J]. W3C Member Submission, 2004, 21: 79.
[24]	CARMINATI B , FERRARI E , HEATHERLY R , et al. A semantic Web based framework for social network access control[C]// ACM on Symposium on Access Control Models and Technologies. c2009: 177-186.
[25]	文峰 . 一种面向应用的多层次数据资源描述框架[J]. 计算机应用与软件, 2013, 30(7): 221-223.
	WENG F . An application-oriented multi-level data resource de-scription frame[J]. Computer Applications＆Software, 2013, 30(7): 221-220.
[26]	JADLIWALA M , MAITI A , NAMBOODIRI V . Social puzzles:context-based access control in online social networks[C]// Annual IEEE/IFIP International Conference on Dependable Systems and Networks. c2014: 299-310.
[27]	VILLATA S , COSTABELLO L , DELAFORGE N , et al. A social semantic Web access control model[J]. Journal on Data Semantics, 2012, 2(1): 21-36.
[28]	IMRAN-DAUD M , SáNCHEZ D , VIEJO A . Privacy-driven access control in social networks by means of automatic semantic annota-tion[J]. Computer Communications, 2016, 76: 12-25.
[29]	徐仁佐, 郑红军, 陈斌 , 等. 基于角色和上下文的访问控制模型[J]. 计算机应用研究, 2004, 21(12): 140-142.
	XU R Z , ZHENG H J , CHEN B , et al. Role and context-based ac-cess control model[J]. Application Research of Computers, 2004.
[30]	ABDESSALEM T , DHIA I B . A reachability-based access control model for online social networks[C]// ACM Symposium on Data-bases and Social Networks. c2011: 31-36.
[31]	KAPADIA A , ADU-OPPONG F , GARDINER C K , et al. Social circles:tackling privacy in social networks[C]// Symposium on Usable Privacy Security. 2008.
[32]	CHEEK G P , SHEHAB M . Policy-by-example for online social networks[C]// ACM Symposium on Access Control Models and Technologies. c2012: 23-32.
[33]	RAVICHANDRAN R , BENISCH M , KELLEYP , et al. Capturing social networking privacy preferences[C]// Symposium on Usable Privacy Security, California. c2009: 1-18.
[34]	BONNEAU J , ANDERSON J , CHURCH L , et al. Privacy suites:shared privacy for social networks[C]// Symposium on Usable Privacy and Security, California. c2009.
[35]	SQUICCIARINI A C , SUNDARESWARAN S , LIN D , et al. A3P:adaptive policy prediction for shared images over popular content sharing sites[C]// ACM Conference on Hypertext and Hypermedia, Eindhoven. c2011: 261-270.
[36]	SQUICCIARINI A C , LIN D , SUNDARESWARAN S , et al. Pri-vacy policy inference of user-uploaded images on content sharing sites[J]. IEEE Transactions on Knowledge＆Data Engineering， 2015, 27(1): 193-206.
[37]	SHEHAB M , TOUATI H . Semi-supervised policy recommendation for online social networks[C]// International Conference on Ad-vances in Social Networks Analysis and Mining. c2012: 360-367.
[38]	张慧, 方旭明 . 基于价格理论和博弈论的接入控制策略[J]. 通信学报, 2008, 29(7): 94-102.
	ZHANG H , FANG X M . Pricing and game theory based admission control scheme[J]. Journal on Communications, 2008, 29(7): 94-102.
[39]	田有亮, 马建峰, 彭长根 , 等. 秘密共享体制的博弈论分析[J]. 电子学报, 2011, 39(12): 2790-2795.
	TIAN Y L , MA J F , PENG C G , et al. Game-theoretic analysis for the secret sharing scheme[J]. Acta Electronica Sinica, 2011, 39(12): 2790-2795.
[40]	SQUICCIARINI A C , SHEHAB M , PACI F . Collective privacy management in social networks[C]// International Conference on World Wide Web. c2009. 521-530.
[41]	EPHRATI E , ROSENSCHEIN J S . The clarke tax as a consensus mechanism among automated agents[C]// National Conference on Artificial Intelligence. c1991, 91: 173-178.
[42]	SQUICCIARINI A C , XU H , ZHANG X . CoPE:enabling collabo-rative privacy management in online social networks[J]. Journal of the American Society for Information Science＆Technology， 2011, 62(3): 521-534.
[43]	HU H , AHN G J , JORGENSEN J . Multiparty access control for online social networks:model and mechanisms[J]. IEEE Transac-tions on Knowledge＆Data Engineering， 2013, 25(7): 1614-1627.
[44]	HU H , AHN G J , ZHAO Z , et al. Game theoretic analysis of multi-party access control in online social networks[C]// ACM Sympo-sium on Access Control Models and Technologies. c2014: 93-102.
[45]	XIAO Q , TAN K L . Peer-aware collaborative access control in social networks[C]// International Conference on Collaborative Computing:Networking,Applications and Worksharing. c2012: 30-39.
[46]	MEHREGAN P , FONG P W L . Policy negotiation for co-owned resources in relationship-based access control[C]// ACM on Sympo-sium on Access Control Models and Technologies. c2016: 125-136.
[47]	ILIA P , POLAKIS I , ATHANASOPOULOS E , et al. Face/off:preventing privacy leakage from photos in social networks[C]// The 22nd ACM Sigsac Conference on Computer and Communications Security. c2015: 781-792.
[48]	ZHANG C , ZHANG Z . A survey of recent advances in face detec-tion[EB/OL].
[49]	包义保, 殷丽华, 方滨兴 , 等. 基于良基语义的安全策略表达与验证方法[J]. 软件学报, 2012, 23(4): 912-927.
	BAO Y B , YIN L H , FANG B X , et al. Approach of security policy expression and verification based on well-founded semantic[J]. Journal of Software, 2012 23(4): 912-927.
[50]	包义保, 殷丽华, 方滨兴 , 等. 动态安全策略逻辑语言及安全属性验证问题的研究[J]. 计算机研究与发展, 2010, 50(5): 932-941.
	BAO Y B , YIN L H , FANG B X , et al. Logic-based dynamical security policy language and verification[J]. Journal of Computer Research＆Development, 2013, 50(5): 932-941.
[51]	BONATTI P , SHAHMEHRI N , DUMA C , et al. Rule-based policy specification:state of the art and future work[EB/OL]. .
[52]	JAKOB M , MOLER Z , PECHOUCEK M , et al. Intelligent con-tent-based privacy assistant for facebook[C]// The IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology. c2011: 499-500.
[53]	RATHORE N C , TRIPATHY S . Topology management in ad hoc networks[A]. Collaborative access control model for online social networks[C]// ICDCIT. c2016.
[54]	LIFSCHITZ V . Answer set programming and plan generation[J]. Collaborative access control model for online social networks[C]// Artificial Intelligence, 2002, 138(1): 39-54.
[55]	LIFSCHITZ V . Answer set planning[C]// International Conference on Logic Programming and Nonmonotonic Reasoning. c1999: 373-374.

Metrics

Recommended 0

No Suggested Reading articles found!

发展历程	控制因素	适用情况	访问控制粒度	存在冲突消解	分散式管理	具有动态性
文献[2,3]	拥有者和访问者的深度（1 跳数）	社交网络	不灵活	否	否	否
文献[4]	拥有者和访问者的深度（多跳数）	社交网络	不灵活	否	是	是
文献[5,6]	拥有者和访问者的可信级别	社交网络	比较灵活	否	是	是
文献[7]	拥有者和访问者的关系类别、深度（多跳数）、可信级别	社交网络	比较灵活	否	是	是
文献[8]	拥有者和访问者的关系类别、深度（多跳数）、可信级别，资源间的关系	社交网络	灵活	否	是	是
文献 [9,10]	拥有者和访问者的深度（多跳数）	和社交网络相似的情景	比较灵活	否	否	是
文献[11]	拥有者和访问者的深度（1跳数）	医疗系统	灵活	否	否	是

文献	分布式管理	细粒度	基于密码学	动态性	安全性
文献[19]	是	否	是	弱	强
文献[20]	是	否	是	强	强
文献[15]	否	否	否	弱	强
文献[16]	是	是	否	强	弱
文献[17]	是	是	否	强	弱
文献[18]	是	否	否	强	弱
文献[5]	是	是	否	强	弱

Research progress of access control model and policy in online social networks

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 55

Related Articles 14

Metrics

Recommended 0

[1]	Wenqi SHI, Xiangyang LUO, Jiashan GUO. Social network user geolocating method based on weighted least squares [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 41-52.
[2]	Rongna XIE, Xiaonan FAN, Lin YUAN, Zichen GUO, Jiayu ZHU, Guozhen SHI. Research on extended access control mechanism in online social network [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 123-131.
[3]	Zhongyuan JIANG, Xianyu CHEN, Jianfeng MA. Survey of community privacy in social network [J]. Chinese Journal of Network and Information Security, 2021, 7(2): 10-21.
[4]	Tianyi ZHU, Fenghua LI, Lin CHENG, Yunchuan GUO. Research on cross-domain access control technology [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 20-27.
[5]	Xin ZHANG,Weizhong QIANG,Yueming WU,Deqing ZOU,Hai JIN. Mining behavior pattern of mobile malware with convolutional neural network [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 35-44.
[6]	Pei WANG,Yan JIA,Aiping LI,Qianyue JIANG. De-anonymiation method for networks based on DeepLink [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 104-108.
[7]	Qiang QU,Hongtao YU,Ruiyang HUANG. Attention-based approach of detecting spam in social networks [J]. Chinese Journal of Network and Information Security, 2020, 6(1): 54-61.
[8]	Qiang QU, Hongtao YU, Ruiyang HUANG. Research progress of abnormal user detection technology in social network [J]. Chinese Journal of Network and Information Security, 2018, 4(3): 13-23.
[9]	Jian-qiong HE,You-liang TIAN,Kai ZHOU. Provably secure social network privacy-preserving scheme [J]. Chinese Journal of Network and Information Security, 2016, 2(8): 62-67.
[10]	Rui-xin YAO,Hui LI,Jin CAO. Overview of privacy preserving in social network [J]. Chinese Journal of Network and Information Security, 2016, 2(4): 33-43.
[11]	Jian-ming ZHU,Bo GAO. Social financial information security risk analysis and prevention [J]. Chinese Journal of Network and Information Security, 2016, 2(3): 46-51.
[12]	Zheng YAN,Chen-zi WU,Wei FENG,Zi-long WANG. Survey of trustworthy pervasive social networking [J]. Chinese Journal of Network and Information Security, 2016, 2(2): 30-40.
[13]	Ya-ping TIAN,Li YANG,Xiao-qin WANG,Ya-feng QIAO. Suppress the diffusion of rumors with nodes closeness mining [J]. Chinese Journal of Network and Information Security, 2016, 2(11): 61-69.
[14]	Zhi-kai XU,Hong-li ZHANG,Jian-tao SHI,Zhi-hong TIAN. Location privacy protection for mobile social network [J]. Chinese Journal of Network and Information Security, 2015, 1(1): 50-57.