Towards PII-based multiparty access control for photo sharing in Online Social Networks

Nishant Vishwamitra, Yifang Li, Kevin Wang, Hongxin Hu, Kelly Caine, Gail-Joon Ahn

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

The privacy control models of current Online Social Networks (OSNs) are biased towards the content owners' policy settings. Additionally, those privacy policy settings are too coarse-grained to allow users to control access to individual portions of information that is related to them. Especially, in a shared photo in OSNs, there can exist multiple Personally Identifiable Information (PII) items belonging to a user appearing in the photo, which can compromise the privacy of the user if viewed by others. However, current OSNs do not provide users any means to control access to their individual PII items. As a result, there exists a gap between the level of control that current OSNs can provide to their users and the privacy expectations of the users. In this paper, we propose an approach to facilitate collaborative control of individual PII items for photo sharing over OSNs, where we shift our focus from entire photo level control to the control of individual PII items within shared photos. We formulate a PII-based multiparty access control model to fulfill the need for collaborative access control of PII items, along with a policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.

Original languageEnglish (US)
Title of host publicationSACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages155-166
Number of pages12
VolumePart F128644
ISBN (Electronic)9781450347020
DOIs
StatePublished - Jun 7 2017
Event22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017 - Indianapolis, United States
Duration: Jun 21 2017Jun 23 2017

Other

Other22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017
CountryUnited States
CityIndianapolis
Period6/21/176/23/17

Fingerprint

Access control
Level control
Electric current control
Specifications

Keywords

  • Access control
  • Multiparty
  • Online social networks
  • PII
  • Privacy

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Cite this

Vishwamitra, N., Li, Y., Wang, K., Hu, H., Caine, K., & Ahn, G-J. (2017). Towards PII-based multiparty access control for photo sharing in Online Social Networks. In SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies (Vol. Part F128644, pp. 155-166). Association for Computing Machinery. https://doi.org/10.1145/3078861.3078875

Towards PII-based multiparty access control for photo sharing in Online Social Networks. / Vishwamitra, Nishant; Li, Yifang; Wang, Kevin; Hu, Hongxin; Caine, Kelly; Ahn, Gail-Joon.

SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. Vol. Part F128644 Association for Computing Machinery, 2017. p. 155-166.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Vishwamitra, N, Li, Y, Wang, K, Hu, H, Caine, K & Ahn, G-J 2017, Towards PII-based multiparty access control for photo sharing in Online Social Networks. in SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. vol. Part F128644, Association for Computing Machinery, pp. 155-166, 22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017, Indianapolis, United States, 6/21/17. https://doi.org/10.1145/3078861.3078875
Vishwamitra N, Li Y, Wang K, Hu H, Caine K, Ahn G-J. Towards PII-based multiparty access control for photo sharing in Online Social Networks. In SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. Vol. Part F128644. Association for Computing Machinery. 2017. p. 155-166 https://doi.org/10.1145/3078861.3078875
Vishwamitra, Nishant ; Li, Yifang ; Wang, Kevin ; Hu, Hongxin ; Caine, Kelly ; Ahn, Gail-Joon. / Towards PII-based multiparty access control for photo sharing in Online Social Networks. SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. Vol. Part F128644 Association for Computing Machinery, 2017. pp. 155-166
@inproceedings{e92d8865d17440ecad0dde60524d5886,
title = "Towards PII-based multiparty access control for photo sharing in Online Social Networks",
abstract = "The privacy control models of current Online Social Networks (OSNs) are biased towards the content owners' policy settings. Additionally, those privacy policy settings are too coarse-grained to allow users to control access to individual portions of information that is related to them. Especially, in a shared photo in OSNs, there can exist multiple Personally Identifiable Information (PII) items belonging to a user appearing in the photo, which can compromise the privacy of the user if viewed by others. However, current OSNs do not provide users any means to control access to their individual PII items. As a result, there exists a gap between the level of control that current OSNs can provide to their users and the privacy expectations of the users. In this paper, we propose an approach to facilitate collaborative control of individual PII items for photo sharing over OSNs, where we shift our focus from entire photo level control to the control of individual PII items within shared photos. We formulate a PII-based multiparty access control model to fulfill the need for collaborative access control of PII items, along with a policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.",
keywords = "Access control, Multiparty, Online social networks, PII, Privacy",
author = "Nishant Vishwamitra and Yifang Li and Kevin Wang and Hongxin Hu and Kelly Caine and Gail-Joon Ahn",
year = "2017",
month = "6",
day = "7",
doi = "10.1145/3078861.3078875",
language = "English (US)",
volume = "Part F128644",
pages = "155--166",
booktitle = "SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies",
publisher = "Association for Computing Machinery",

}

TY - GEN

T1 - Towards PII-based multiparty access control for photo sharing in Online Social Networks

AU - Vishwamitra, Nishant

AU - Li, Yifang

AU - Wang, Kevin

AU - Hu, Hongxin

AU - Caine, Kelly

AU - Ahn, Gail-Joon

PY - 2017/6/7

Y1 - 2017/6/7

N2 - The privacy control models of current Online Social Networks (OSNs) are biased towards the content owners' policy settings. Additionally, those privacy policy settings are too coarse-grained to allow users to control access to individual portions of information that is related to them. Especially, in a shared photo in OSNs, there can exist multiple Personally Identifiable Information (PII) items belonging to a user appearing in the photo, which can compromise the privacy of the user if viewed by others. However, current OSNs do not provide users any means to control access to their individual PII items. As a result, there exists a gap between the level of control that current OSNs can provide to their users and the privacy expectations of the users. In this paper, we propose an approach to facilitate collaborative control of individual PII items for photo sharing over OSNs, where we shift our focus from entire photo level control to the control of individual PII items within shared photos. We formulate a PII-based multiparty access control model to fulfill the need for collaborative access control of PII items, along with a policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.

AB - The privacy control models of current Online Social Networks (OSNs) are biased towards the content owners' policy settings. Additionally, those privacy policy settings are too coarse-grained to allow users to control access to individual portions of information that is related to them. Especially, in a shared photo in OSNs, there can exist multiple Personally Identifiable Information (PII) items belonging to a user appearing in the photo, which can compromise the privacy of the user if viewed by others. However, current OSNs do not provide users any means to control access to their individual PII items. As a result, there exists a gap between the level of control that current OSNs can provide to their users and the privacy expectations of the users. In this paper, we propose an approach to facilitate collaborative control of individual PII items for photo sharing over OSNs, where we shift our focus from entire photo level control to the control of individual PII items within shared photos. We formulate a PII-based multiparty access control model to fulfill the need for collaborative access control of PII items, along with a policy specification scheme and a policy enforcement mechanism. We also discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.

KW - Access control

KW - Multiparty

KW - Online social networks

KW - PII

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=85025453731&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85025453731&partnerID=8YFLogxK

U2 - 10.1145/3078861.3078875

DO - 10.1145/3078861.3078875

M3 - Conference contribution

VL - Part F128644

SP - 155

EP - 166

BT - SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies

PB - Association for Computing Machinery

ER -