Title: Decentralised privacy preservation in social networks

Authors: Amir H. Chinaei; Rosa Karimi Adl; Chenen Liang; Ken Barker

Addresses: Department of Electrical and Computer Engineering, University of Puerto Rico at Mayagüez, Mayagüez, Puerto Rico 00680, USA. ' Department of Computer Science, University of Calgary, 2500 University Dr. NW, Calgary, Alberta T2N 1N4, Canada. ' School of Computer Science, University of Waterloo, 200 University Ave. W, Waterloo, Ontario N2L 3G1, Canada. ' Department of Computer Science, University of Calgary, 2500 University Dr. NW, Calgary, Alberta T2N 1N4, Canada

Abstract: Social networks have become increasingly popular over the past decade, almost in all user communities. Users, in such networks, post a variety of their (personal) information on electronic profiles – initially accessible by their friends, yet ultimately accessible by strangers, no matter transitively or directly. This is a very convenient mechanism to facilitate information sharing but it is highly susceptible to privacy violations. Most social network infrastructures do not have a privacy management component and even when they do, it lacks expressiveness and is difficult to use. No social network provides a flexible user-centric privacy management component. This paper proposes a decentralised privacy management component for social networks, based on an existing flexible access control administration model. It allows users to customise access to each piece of their information for every group in their user hierarchy. Furthermore, users can control transitive (i.e., indirect) access to their information. Users can define any policies as long as they comply with system policies. The result is a uniform model capturing both data security needs and user privacy concerns.

Keywords: user privacy; database security; social networks; decentralised access control; information systems; e-commerce; electronic commerce; web services; privacy preservation; privacy protection; user-centric privacy management.

DOI: 10.1504/IJBIS.2012.046292

International Journal of Business Information Systems, 2012 Vol.9 No.4, pp.402 - 414

Published online: 16 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article