Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
XACML-based access control for decentralized online social networks
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.ORCID iD: 0000-0001-5742-5462
2014 (English)In: Proceedings - 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, UCC 2014, 2014, 671-676 p.Conference paper, Published paper (Refereed)
Abstract [en]

With the increasing popularity of Online Social Networks (OSNs), one type of Big Data, namely personal, sensitive, and behavioral information, is being collected, analyzed, and spread on the Internet. As the collection and mining of user data improves, both qualitatively and quantitatively, users' privacy is more and more at risk. Current OSNs and other web services are, at least logically, centralized and thus more vulnerable to accidental or deliberate privacy leaks as well as inference. Decentralization, taking away the control of a single service provider, can be a step toward preserving the users' privacy and giving them control over their own data. Even after removing the threats from centralized big data, the users' personal data needs to be protected from unauthorized access. In contrast to other proposals for decentralized OSNs, we aim to provide the basis for a privacy-preserving system built from light-weight and readily available components, namely the Extensible Access Control Mark up Language (XACML) and the Security Assertion Mark up Language (SAML) with secret key authentication, including simple ways of formulating access policies for users. We find that this combination provides a straightforward way of keeping and deliberately sharing personal information with other users that is robust against a range of attacks including unauthorized access at least in the case of every user's profile being stored on machines under their control. One can consider replicas on trusted servers, storage on untrusted servers, however, is left for future work.

Place, publisher, year, edition, pages
2014. 671-676 p.
Keyword [en]
Access control, Decentralized Online Social Networks (DOSN), Extensible Access Control Markup Language (XACML), Online Social Networks (OSN), Peer-to-peer, Privacy, Security Assertion Markup Language (SAML), Big data, Computational linguistics, Data privacy, Digital storage, Markup languages, Mobile security, Peer to peer networks, Web services, Extensible access control markup languages, On-line social networks, Peer to peer, Security assertion markup languages, Social networking (online)
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-167896DOI: 10.1109/UCC.2014.108Scopus ID: 2-s2.0-84923668712ISBN: 9781479978816 (print)OAI: oai:DiVA.org:kth-167896DiVA: diva2:820156
Conference
7th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2014, 8 December 2014 through 11 December 2014
Note

QC 20150611

Available from: 2015-06-11 Created: 2015-05-22 Last updated: 2015-06-11Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Authority records BETA

Buchegger, Sonja

Search in DiVA

By author/editor
Buchegger, Sonja
By organisation
Theoretical Computer Science, TCS
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 8 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf