333 - A Privacy Preservation Model for Facebook-Style...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: A Privacy Preservation Model for Facebook-Style Social Network Systems Philip W.L. Fong 1 , Mohd Anwar 1 , and Zhen Zhao 2 1 Department of Computer Science, University of Calgary, Alberta, Canada { pwlfong,manwar } @ucalgary.ca 2 Department of Computer Science, University of Regina, Saskatchewan, Canada [email protected] Abstract. Recent years have seen unprecedented growth in the popularity of so- cial network systems, with Facebook being an archetypical example. The access control paradigm behind the privacy preservation mechanism of Facebook is dis- tinctly different from such existing access control paradigms as Discretionary Access Control, Role-Based Access Control, Capability Systems, and Trust Man- agement Systems. This work takes a first step in deepening the understanding of this access control paradigm, by proposing an access control model that formal- izes and generalizes the privacy preservation mechanism of Facebook. The model can be instantiated into a family of Facebook-style social network systems, each with a recognizably different access control mechanism, so that Facebook is but one instantiation of the model. We also demonstrate that the model can be instan- tiated to express policies that are not currently supported by Facebook but possess rich and natural social significance. This work thus delineates the design space of privacy preservation mechanisms for Facebook-style social network systems, and lays out a formal framework for policy analysis in these systems. 1 Introduction Recent years have seen unprecedented growth in the popularity of Social Network Sys- tems (SNSs) , with stories concerning the privacy and security of such household names as Facebook and MySpace appearing repeatedly in mainstream media. According to boyd and Ellison [1], a “social network site” is characterized by three functions (our paraphrase): (1) these web applications allow users to construct public or semi-public representation of themselves, usually known as user profiles, in a mediated environ- ment; (2) such a site provides formal means for users to articulate their relationships with other users (e.g., friend lists), such that the formal articulation typically reflects existing social connections; (3) users may examine and “traverse” the articulated re- lationships in order to explore the space of user profiles (i.e., social graph). Identity representation, distributed relationship articulation, and traversal-driven access are thus the defining characteristics of SNSs. As a user profile contains a constructed representation of the underlying user, the latter must carefully control what contents are visible to whom in her profile in order to preserve privacy. Many existing SNSs offer access control mechanisms that are at best rudimentary, typically permitting coarse-grained, binary visibility control. A pleasant M. Backes and P. Ning (Eds.): ESORICS 2009, LNCS 5789, pp. 303–320, 2009....
View Full Document

{[ snackBarMessage ]}

Page1 / 18

333 - A Privacy Preservation Model for Facebook-Style...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online