An Access Control Model for Facebook-Style Social Network Systems

dc.contributor.authorAnwar, Mohdeng
dc.contributor.authorZhao, Zheneng
dc.contributor.authorFong, Philip W.L.eng
dc.date.accessioned2010-07-02T20:08:24Z
dc.date.available2010-07-02T20:08:24Z
dc.date.issued2010-07-02T20:08:24Z
dc.description.abstractRecent years have seen unprecedented growth in the popularity of social network systems, with Facebook being an archetypical example. The access control paradigm behind the privacy preservation mechanism of Facebook is distinctly different from such existing access control paradigms as Discretionary Access Control, Role-Based Access Control, Capability Systems, and TrustManagement Systems. This work takes a first step in deepening the understanding of this access control paradigm, by proposing an access control model that formalizes and generalizes the access control mechanism of Facebook. The model can be instantiated into a family of Facebook-style social network systems, each with a recognizably different access control mechanism, so that Facebook is but one instantiation of the model. We also demonstrate that the model can be instantiated to express policies that are not currently supported by Facebook, and yet these policies possess rich and natural social significance. Among these policies, we formally identify and characterize a special family of policies known as relational policies, which base their authorization decisions on the dynamic relationship between the resource owner and accessor. We believe the family of relational policies is a unique feature of social network systems. An executable encoding of this model has been developed to support experimentation with various instantiation of our access control model. This work thus delineates the design space of access control mechanisms for Facebook-style social network systems, and lays out a formal framework for policy analysis in these systems.eng
dc.description.refereedNoeng
dc.identifier.department2010-959-08eng
dc.identifier.doihttp://dx.doi.org/10.11575/PRISM/30598
dc.identifier.urihttp://hdl.handle.net/1880/47933
dc.language.isoengeng
dc.publisher.corporateUniversity of Calgaryeng
dc.publisher.facultyScienceeng
dc.subjectAccess controleng
dc.subjectsocial network systemeng
dc.subject.otherFacebook, relational policy, formal modeling of protection systemseng
dc.titleAn Access Control Model for Facebook-Style Social Network Systemseng
dc.typetechnical reporteng
thesis.degree.disciplineComputer Scienceeng
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
2010-959-08.pdf
Size:
386.08 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.86 KB
Format:
Item-specific license agreed upon to submission
Description: