Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Privacy-Enhancing Access Control Mechanism in Distributed Online Social Network.
KTH, School of Computer Science and Communication (CSC).
2011 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Dramatic growth in the number of subscribers in Online Social Networks (OSNs), such as Facebook, MySpace, Orkut, etc. shows their increasing popularity among people from different ages and sectors. However, currently, the users need to put complete trust on OSN service providers, to protect their sensitive information because of centralized access control at the providers. Taking advantage of this infrastructure, OSN service providers can expose their subscribers' personal information for targeted advertisements, or anything that is mentioned in the terms of the privacy agreement, including to change the terms. To give complete access control to the users over their data, there must be an alternative infrastructure, which removes dependence on OSN service providers. In order to address this privacy issue, Sonja Buchegger and Anwitaman Datta proposed 2-tier peer-to-peer architecture for social networks, called PeerSoN.

The goal of this master's thesis is to evaluate the suitability of eXtensible Markup Language (XACML) for Distributed Online Social Network (DOSN) access control and privacy preservation. To do that, at the beginning, we determine the requirements for access control in DOSN, and present a structure for users' profiles. Due to the wide ranges of requirements, we propose to use rule-based access control for the users in OSN, where the rules are based on both static and dynamic constraints. Secondly, to investigate whether these policies can be expressed in XACML or not, we implement some common authorization policies using SunXACML, an open source implementation of standard XACML version 2.0. Moreover, to enhance privacy, regarding authentication and enforcement, we offer to use secret key based authentication of SAML, and one of the XACML supported web or application servers, such as JBoss Application server, Fedora server, in conjunction with XACML. Finally, we evaluate our architecture against three types of attackers; namely, users from social links, users form outside of social links, and random person, and claim that our mechanism is well protected against different threats, such as unauthorized access, impersonation attacks, identity theft, information leakage via friendship links, etc., specifically, when each user's profile is stored on his own machine.

Place, publisher, year, edition, pages
2011.
Series
Trita-CSC-E, ISSN 1653-5715 ; 2011:051
National Category
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-130755OAI: oai:DiVA.org:kth-130755DiVA: diva2:654202
Educational program
Master of Science - Software Engineering of Distributed Systems
Uppsok
Technology
Supervisors
Examiners
Available from: 2013-10-07 Created: 2013-10-07

Open Access in DiVA

No full text

Other links

http://www.nada.kth.se/utbildning/grukth/exjobb/rapportlistor/2011/rapporter11/nasim_robayet_11051.pdf
By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 35 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf