Browse > Article
http://dx.doi.org/10.13089/JKIISC.2013.23.6.1025

Study on Dynamic Trust-based Access Control in Online Social Network Environment  

Baek, Seungsoo (Department of Electronic Engineering & Information Science, Korea Military Academy)
Kim, Seungjoo (CIST(Center for Information Security Technologies), Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.23, no.6, 2013 , pp. 1025-1035 More about this Journal
Abstract
There has been an explosive increase in the population of OSN(online social network) for 10 years. OSN provides users with many opportunities to have communication among friends, families and goes so far as to make relationships among unknown people having similar belief or interest. However, OSN also produced adverse effects such as privacy breaches, leaking uncontrolled information or disseminating false information. Access control models such as MAC, DAC, RBAC are applied to the OSN to control those problems but those models in OSN are not fit in dynamic OSN environment because user's acts in OSN are unpredictable and static access control imposes burden on users to change access control rules one by one. This paper proposes the dynamic trust-based access control to solve the problems of traditional static access control in OSN.
Keywords
Online Social Network; Dynamic Trust; Access Control; Trust Evaluation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Gambetta, "Conspiracy among the many: the mafia in legitimate industries," The economics of organized crime, Cambridge: Cambridge University Press, pp. 116-136, 1995.
2 Qian, Xiaolei, and Teresa F. Lunt, "A MAC policy framework for multilevel relational database," IEEE Transactions on Knowledge and Data Engineering, Vol.8, No.1, pp. 1-14, 1996.
3 L.Snyder, "Formal models of capability-based protection systems," IEEE Trans. Computers, vol 30, pp. 172-181, 1981
4 R. S. Sandhu, E. J. Coyne, H. L . Feinstein, and C. E. Youman, "Role-based access control models," IEEE Trans. Computers, Vol. 29, pp. 38-47, 1996.
5 L. Miu, M. Mohtashemi, and A. Halbertstadt, "A computational model of trust and reputation," 35th Annual Hawaii International Conference on System Sciences, IEEE, pp. 2431-2439, 2002.
6 Felix Gomez Marmol , Gregorio Martinez Perez, "Security threats scenarios in trust and reputation models for distributed systems," Computers & Security, Vol. 28, Issue. 7, pp. 545-556, Elsevier, 2009.   DOI   ScienceOn
7 J. Golbeck, "Computing and Applying Trust in Web-based Social Network," Ph.D Dissseration, Univ of Maryland, College Park, 2005
8 SS.D. Kamvar, M. T. Schlosser, and H. Garcia-Molina, "The EigenTrust algorithm for reputation management in P2P network," the 12th ACM international WWW conference, pp. 640-651, 2003.
9 L.Xiong and L.Li, "Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities," IEEE Transactions on Knowledge and Data Engineering, vol. 16, no. 7, pp. 843-857, 2004.   DOI   ScienceOn
10 Y.Feng and W.Ying, "A reputation-based Dynamic trust Model for Large Scale Distributed Environment," Journal of Computational Information Systems, vol 9, no 3, pp. 1209-1215, 2013.
11 Barbara Carminati , Elena Ferrari and Andrea Perego, "Enforcing access control in Web-based social networks," ACM Transactions on Information and System Security (TISSEC), vol.13, no.1, pp.1-38, 2009.
12 B. Carminati, E. Ferrari, and A. Perego. "Rule-based access control for social networks," In On the Move to Meaningful Internet Systems 2006 Workshops, p 1734-1744. Springer, 2006.
13 H. Hu and G. Ahn. "Multiparty authorization framework for data sharing in online social networks," Data and Applications Security and Privacy XXV. Springer Berlin Heidelberg, pp. 29-43, 2011.
14 Cheng, Yuan, Jaehong Park, and Ravi Sandhu. "A user-to-user relationship-based access control model for online social networks," Data and Applications Security and Privacy XXVI, pp. 8-24, Springer Berlin Heidelberg, 2012.
15 Josang, Audun, Roslan Ismail, and Colin Boyd. "A survey of trust and reputation systems for online service provision," Decision support systems,Vol. 43,No. 2 pp. 618-644, 2007.
16 http://en.wikipedia.org/wiki/Breadth-first_search
17 Das, Anupam, and Mohammad Mahfuzul Islam. "Securedtrust: A dynamic trust computation model for secured communication in multiagent systems." Dependable and Secure Computing, IEEE Transactions on, vol 9. no2, pp 261-274, 2012   DOI   ScienceOn
18 http://www.oracle.com/technetwork/java/javase/downloads/index.html
19 http://algs4.cs.princeton.edu/home/
20 http://algs4.cs.princeton.edu/43mst/mediumEWG.txt
21 Vincent C. Hu, David Ferraiolo and Rick Kuhn"Guide to Attribute Based Access Control (ABAC) Definition and Considerations (Draft)", NIST Special Publication 800-162, pp. 12-18, 2013.
22 J. R. Douceur, "The Sybil Attack," Proc. Revised Papers from 1st International Workshop Peer-to-peer Systems(IPTPS 02), LNCS 2329, pp.215-260, Springer, 2002.
23 M. Castro, "Secure Routing for Structured Peer-to-Peer Overlay Networks," ACM SIGOPS Operating Systems Review, pp.299-314, Winter. 2002.
24 Mayer, R. C., Davis, J. H., and Shoorman, F. D., "An intergration model of organizational trust,"The Academy of Management Review, Vol. 20, No. 3, pp. 709-734, 1995.
25 L.Wen, P.Lingdi, L.Kuijin, and C. Xiaoping, "Trust model of users' behavior in trustworthy internet," in Proceedings of IEEE WASE International Conference on Information Engineering, pp. 403-406, 2009.
26 http://en.wikipedia.org/wiki/Euclidean_distance