Advertisement

Security Requirements for Social Networks in Web 2.0

  • Eduardo B. FernandezEmail author
  • Carolina Marin
  • Maria M. Larrondo Petrie
Chapter

Abstract

A social network is a structure of individuals or organizations, which are connected by one or more types of interdependency, such as friendship, affinity, common interests or knowledge. Social networks use now web 2.0 technology and the users may need to follow a series of restrictions or conditions to join or add contents. We look here at their context and threats, in order to ascertain their needs for security. We propose the use of patterns to specify these requirements in a precise way and we present two specific patterns. A pattern is an encapsulated solution to a software problem in a given context. We present here the Participation-Collaboration Pattern, which describes the functionality of the collaboration between users in applications and the Collaborative Tagging Pattern, which is useful to share content using keywords to tag bookmarks, photographs and other contents. We also discuss possible improvements to the current situation.

References

  1. 1.
    A.C. Weaver and B.B. Morrison, “Social networking”, Computer IEEE, Feb 2008, 97–100.Google Scholar
  2. 2.
    E.B. Fernandez, “Security patterns”, Proceedings of the Eigth International Symposium on System and Information Security – SSI’2006, Keynote talk, Sao Jose dos Campos, Brazil, Nov 08–10, 2006.Google Scholar
  3. 3.
    E.M. Maximilien, T. Grandison, T. Sun, D. Richardson, S. Guo, and K. Liu, “Privacy-as-a-Service: Models, algorithms, and results on the Facebook platform”, Proceedings of Web 2.0 Security and Privacy, 2009.Google Scholar
  4. 4.
    N. Bilton, “Price of Facebook privacy? Start clicking”, The New York Times, May 13, 2010.Google Scholar
  5. 5.
    M. Brandel, “Baited and duped on Facebook”, Computerworld, Oct 19, 2009, 28–35.Google Scholar
  6. 6.
    R. Westervelt, “Facebook attacks prompt investments in social networking security”, SearchSecurity.com, Jan 11, 2010.Google Scholar
  7. 7.
    “Elgg–Open Source Social Networking Platform”, http://www.elgg.org/
  8. 8.
    E.M. Maximilien, “Mobile mashups: Thoughts, directions, and challenges”, Proceedings of the 2nd IEEE Internaional Conference on Semantic Computing, 2008.Google Scholar
  9. 9.
    J. Wortham and N. Bilton, “Big web attack on Twitter is third assault this year”, The New York Times, Dec 19, 2009.Google Scholar
  10. 10.
    D. Hinchcliffe, N. Nickull, and J. Governor, “Web 2.0 Architectures”, O’Reilly Media, 2009.Google Scholar
  11. 11.
    F.L. Brown, J. DeVietri, G. Diaz, and E.B. Fernandez, “The Authenticator pattern”, Proceedings of Pattern Language of Programs (PloP’99), 2009.Google Scholar
  12. 12.
    Facebook Wiki, 2009, November 5, Wiki, http://wiki.developers.facebook.com/index.php/Main_Page
  13. 13.
    E.B. Fernandez and R. Pan, “A pattern language for security models”, Proceedings of PLoP, 2001.Google Scholar
  14. 14.
  15. 15.
  16. 16.
  17. 17.
    Wikipedia, “OpenSocial”, http://en.wikipedia.org/wiki/OpenSocial
  18. 18.
    L.A. Cutillo, R. Molva, and T. Strufe, “Safebook: A privacy-preserving online social network leveraging on real-life trust”, IEEE Communications, Dec 2009, 94–101.Google Scholar
  19. 19.
    E.B. Fernandez and J. Munoz-Arteaga, “Extending a secure software methodology with usability aspects”, position paper for the 3rd Workshop on Software Patterns and Quality (SPAQu’09), in conjunction with OOPSLA, 2009.Google Scholar
  20. 20.
    E.B. Fernandez, K. Hashizume, I. Buckley, M.M. Larrondo-Petrie, and M. VanHilst, “Web services security: standards and products”, Chapter 8 in “Web services security development and architecture: theoretical and practical issues”, Carlos A. Gutierrez, Eduardo F. Medina, and M. Piattini (Eds.), IGI Global Group, 2010, 152–177.Google Scholar
  21. 21.
    A. Ennai and S. Bose, “MobileSOA: A service oriented Web 2.0 framework for context-aware, lightweight and flexible mobile applications”, Proceedings of EDOC, 2008.Google Scholar
  22. 22.
    E.B. Fernandez, M.M. Larrondo-Petrie, T. Sorgente, and M. VanHilst, “A methodology to develop secure systems using patterns”, Chapter 5 in “Integrating security and software engineering: Advances and future vision”, H. Mouratidis and P. Giorgini (Eds.), IDEA Press, 2006, 107–126.Google Scholar
  23. 23.
    M. Gotta, “Reference architecture for social network sites, in perceptions on collaboration and social software”, 2008, http://mikeg.typepad.com/perceptions/2008/07/reference-archi.html
  24. 24.
    B. Stone, “Too much information? Hah! Sharing all online is the point”, The New York Times, Apr 23, 2010.Google Scholar
  25. 25.

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  • Eduardo B. Fernandez
    • 1
    Email author
  • Carolina Marin
  • Maria M. Larrondo Petrie
  1. 1.Department of Electrical and Computer Engineering and Computer ScienceFlorida Atlantic UniversityBoca RatonUSA

Personalised recommendations