Change search
ReferencesLink to record
Permanent link

Direct link
XACML-based access control for decentralized online social networks
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.ORCID iD: 0000-0001-5742-5462
2014 (English)In: Proceedings - 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, UCC 2014, 2014, 671-676 p.Conference paper (Refereed)
Abstract [en]

With the increasing popularity of Online Social Networks (OSNs), one type of Big Data, namely personal, sensitive, and behavioral information, is being collected, analyzed, and spread on the Internet. As the collection and mining of user data improves, both qualitatively and quantitatively, users' privacy is more and more at risk. Current OSNs and other web services are, at least logically, centralized and thus more vulnerable to accidental or deliberate privacy leaks as well as inference. Decentralization, taking away the control of a single service provider, can be a step toward preserving the users' privacy and giving them control over their own data. Even after removing the threats from centralized big data, the users' personal data needs to be protected from unauthorized access. In contrast to other proposals for decentralized OSNs, we aim to provide the basis for a privacy-preserving system built from light-weight and readily available components, namely the Extensible Access Control Mark up Language (XACML) and the Security Assertion Mark up Language (SAML) with secret key authentication, including simple ways of formulating access policies for users. We find that this combination provides a straightforward way of keeping and deliberately sharing personal information with other users that is robust against a range of attacks including unauthorized access at least in the case of every user's profile being stored on machines under their control. One can consider replicas on trusted servers, storage on untrusted servers, however, is left for future work.

Place, publisher, year, edition, pages
2014. 671-676 p.
Keyword [en]
Access control, Decentralized Online Social Networks (DOSN), Extensible Access Control Markup Language (XACML), Online Social Networks (OSN), Peer-to-peer, Privacy, Security Assertion Markup Language (SAML), Big data, Computational linguistics, Data privacy, Digital storage, Markup languages, Mobile security, Peer to peer networks, Web services, Extensible access control markup languages, On-line social networks, Peer to peer, Security assertion markup languages, Social networking (online)
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:kth:diva-167896DOI: 10.1109/UCC.2014.108ScopusID: 2-s2.0-84923668712ISBN: 9781479978816OAI: diva2:820156
7th IEEE/ACM International Conference on Utility and Cloud Computing, UCC 2014, 8 December 2014 through 11 December 2014

QC 20150611

Available from: 2015-06-11 Created: 2015-05-22 Last updated: 2015-06-11Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Buchegger, Sonja
By organisation
Theoretical Computer Science, TCS
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 7 hits
ReferencesLink to record
Permanent link

Direct link