Browse > Article
http://dx.doi.org/10.13089/JKIISC.2011.21.1.53

Implementation of Privacy Protection Policy Language and Module For Social Network Services  

Kim, Ji-Hye (Chonnam National University)
Lee, Hyung-Hyo (Wonkwang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.21, no.1, 2011 , pp. 53-63 More about this Journal
Abstract
An SNS(Social Network Service) enables people to form a social network on online as in the real world. With the rising popularity of the service, side effects of SNSs were issued. Therefore we propose and implement a policy-based privacy protection module and access control policy language for ensuring the right of control of personal information and sharing data among SNSs. The policy language for protecting privacy is based on an attribute-based access control model which grants an access to personal information based on a user's attributes. The policy language and the privacy protection module proposed to give the right of control of personal information to the owner, they can be adopted to other application domains in which privacy protection is needed as well as secure sharing data among SNSs.
Keywords
Privacy Protection; SNS; Attribute-based access control policy;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Shindig, http://www.truveo.com/Google-IO-2008-Apache-Shindig/id/3310752665
2 E. Yuan and J. Tong, "Attributed based access control (ABAC) for Web services", ICWS 2005 Proceedings, 2005 IEEE International Conference.
3 T. Priebe, E.B. Fernandez, J.I. Mehlau, and G. Pernul, "A Pattern System for Access Control," Research Directions In Data And Applications Security XVIII: IFIP TC 11/WG 11.3 Eighteenth Annual Conference On Data And Applications Security, Jul. 2004.
4 Qun Ni, "Privacy-aware Role Based Access Control," SACMAT'07, Jun. 2007.
5 Shindig, http://incubator.apache.org/ shindig/
6 Maria Aspan, "How Sticky Is Membership on Facebook? Just Try Breaking Free," The New York Times, Feb. 2008.
7 OASIS, "eXtensible Access Control Markup Language(XACML) V2.0," Committee draft 04, Dec. 2004.
8 C. Shankar and R. Campbell, "A policy-based management framework for pervasive systems using axiomatized rule-actions," Proceedings of the Fourth IEEE International Symposium on Network Computing and Applications, pp. 255-258, 2005.
9 IBM, EPAL v1.2, http://www.zurich.ibm. com/security/enterprise-privacy/epal/Specification/index.html
10 W3C, "The Platform for Privacy Preferences 1.0 (P3P1.0) Specification," http://www.w3.org/TR/P3P/, April 2002.
11 Kevin Poulsen, "Pillaged MySpace Photos Show Up in Massive BitTorrent Download," Wired, Jan. 2008.
12 Jeremiah Owyang, "The Many Challenges of Social Network Sites," Web Strategy blog, Feb. 2008.
13 Ching-man Au Yeung, "Decentralization: The Future of Online Social Networking," W3C Workshop on the Future of Social Networking, Position Papers, Jan. 2009.