Towards PII-based multiparty access control for photo sharing in Online Social Networks

Nishant Vishwamitra, Yifang Li, Kevin Wang, Hongxin Hu, Kelly Caine, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

14 Scopus citations

Abstract

The privacy control models of current Online Social Networks (OSNs) are biased towards the content owners' policy settings. Additionally, those privacy policy settings are too coarse-grained to allow users to control access to individual portions of information that is related to them. Especially, in a shared photo in OSNs, there can exist multiple Personally Identifiable Information (PII) items belonging to a user appearing in the photo, which can compromise the privacy of the user if viewed by others. However, current OSNs do not provide users any means to control access to their individual PII items. As a result, there exists a gap between the level of control that current OSNs can provide to their users and the privacy expectations of the users. In this paper, we propose an approach to facilitate collaborative control of individual PII items for photo sharing over OSNs, where we shift our focus from entire photo level control to the control of individual PII items within shared photos. We formulate a PII-based multiparty access control model to fulfill the need for collaborative access control of PII items, along with a policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.

Original languageEnglish (US)
Title of host publicationSACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages155-166
Number of pages12
VolumePart F128644
ISBN (Electronic)9781450347020
DOIs
StatePublished - Jun 7 2017
Event22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017 - Indianapolis, United States
Duration: Jun 21 2017Jun 23 2017

Other

Other22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017
CountryUnited States
CityIndianapolis
Period6/21/176/23/17

Keywords

  • Access control
  • Multiparty
  • Online social networks
  • PII
  • Privacy

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Fingerprint Dive into the research topics of 'Towards PII-based multiparty access control for photo sharing in Online Social Networks'. Together they form a unique fingerprint.

  • Cite this

    Vishwamitra, N., Li, Y., Wang, K., Hu, H., Caine, K., & Ahn, G-J. (2017). Towards PII-based multiparty access control for photo sharing in Online Social Networks. In SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies (Vol. Part F128644, pp. 155-166). Association for Computing Machinery. https://doi.org/10.1145/3078861.3078875