Rule-Based Access Control for Social Networks

  • Barbara Carminati
  • Elena Ferrari
  • Andrea Perego
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4278)

Abstract

Web-based social networks (WBSNs) are online communities where participants can establish relationships and share resources across the Web with other users. In recent years, several WBSNs have been adopting Semantic Web technologies, such as FOAF, for representing users’ data and relationships, making it possible to enforce information interchange across multiple WBSNs. Despite its advantages in terms of information diffusion, this raised the need of giving content owners more control on the distribution of their resources, which may be accessed by a community far wider than they expected.

In this paper, we present an access control model for WBSNs, where policies are expressed as constraints on the type, depth, and trust level of existing relationships. Relevant features of our model are the use of certificates for granting relationships’ authenticity, and the client-side enforcement of access control according to a rule-based approach, where a subject requesting to access an object must demonstrate that it has the rights of doing that.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Golbeck, J.A.: Computing and Applying Trust in Web-based Social Networks. PhD thesis, Graduate School of the University of Maryland, College Park (2005), http://trust.mindswap.org/papers/GolbeckDissertation.pdf
  2. 2.
    Brickley, D., Miller, L.: FOAF vocabulary specification. RDF Vocabulary Specification (2005), http://xmlns.com/foaf/0.1
  3. 3.
    Ding, L., Zhou, L., Finin, T.W., Joshi, A.: How the Semantic Web is being used: An analysis of FOAF documents. In: HICSS 2005 Proc. (2005)Google Scholar
  4. 4.
    Finin, T.W., Ding, L., Zhou, L., Joshi, A.: Social networking on the Semantic Web. The Learning Organization 12(5), 418–435 (2005)CrossRefGoogle Scholar
  5. 5.
    Fitzpatrick, B.: OpenID 1.1. Technical Specification, OpenID (2005) http://www.openid.net/specs.bml
  6. 6.
    Weitzner, D.J., Hendler, J., Berners-Lee, T., Connolly, D.: Creating a policy-aware Web: Discretionary, rule-based access for the World Wide Web. In: Ferrari, E., Thuraisingham, B. (eds.) Web & Information Security, pp. 1–31. IDEA Group (2006)Google Scholar
  7. 7.
    Carminati, B., Ferrari, E., Perego, A.: The REL-X vocabulary. OWL Vocabulary (2006), http://www.dicom.uninsubria.it/~andrea.perego/vocs/relx.owl
  8. 8.
    Berners-Lee, T.: Notation 3 logic: An RDF language for the Semantic Web. W3C Draft, W3C (2005), http://www.w3.org/DesignIssues/N3Logic
  9. 9.
    Berners-Lee, T.: Cwm – A general purpose data processor for the Semantic Web. Project Web site, W3C (2006), http://www.w3.org/2000/10/swap/doc/cwm.html
  10. 10.
    Davis, I., Vitiello Jr., E.: RELATIONSHIP: A vocabulary for describing relationships between people. RDF Vocabulary Specification (2005), http://purl.org/vocab/relationship
  11. 11.
    Golbeck, J.A.: The trust ontology. OWL Vocabulary (2006), http://trust.mindswap.org/ont/trust.owl
  12. 12.
    REI: The rule markup initiative (2006) Project Web site, http://www.ruleml.org
  13. 13.
    Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A Semantic Web rule language combining OWL and RuleML. W3C Member Submission, W3C (2004), http://www.w3.org/Submission/SWRL

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Barbara Carminati
    • 1
  • Elena Ferrari
    • 1
  • Andrea Perego
    • 1
  1. 1.DICOMUniversità degli Studi dell’InsubriaVareseItaly

Personalised recommendations