Skip to main content
SpringerLink
Log in

Privacy and Access Control in Federated Social Networks

  • Chapter
Engineering Secure Future Internet Services and Systems

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8431))

Abstract

Online social networks (OSNs) are increasingly turning mobile and further calling for decentralized social data management. This trend is only going to increase in the near future, based on the increased activity, both by established players like Facebook and new players in the domain such as Google, Instagram, and Pinterest. The increasing adoption of social networks in the workplace has further led to the development of corporate social networks such as those provided by Yammer, which was recently acquired by Microsoft. As individuals from different companies will need to interact as part of joint teams in these federated social networks, questions of privacy and access control arise. This chapter identifies the challenges concerning the above aspects, surveys the state of the art, and identifies directions of future research.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. European Commission: Commission proposes a comprehensive reform of the data protection rules, http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm (accessed January 2014)

  2. Microsoft: Microsoft to Acquire Yammer, http://www.microsoft.com/en-us/news/press/2012/jun12/06-25msyammerpr.aspx (accessed January 2014)

  3. Ho, R.: Google+ is now available for Google Apps, http://googleenterprise.blogspot.it/2011/10/google-is-now-available-with-google.html (accessed January 2014)

  4. Hinchcliffe, D.: Today’s Collaboration Platforms for Large Enterprises, http://www.zdnet.com/the-major-enterprise-collaboration-platforms-and-their-mobile-clients-7000018519/ (accessed January 2014)

  5. Narayanan, A., Toubiana, V., Barocas, S., Nissenbaum, H., Boneh, D.: A critical look at decentralized personal data architectures. CoRR abs/1202.4503 (2012)

    Google Scholar 

  6. Esguerra, R.: An introduction to the federated social network, https://www.eff.org/deeplinks/2011/03/introduction-distributed-social-network (accessed January 2014)

  7. Facebook: Online Social Networking Platform, https://www.facebook.com/ (accessed January 2014)

  8. OAuth: Secure authorization open protocol, http://oauth.net/ (accessed January 2014)

  9. Twitter: Online Social Networking and Microblogging Service, https://twitter.com/ (accessed January 2014)

  10. Redis: Open source advanced key-value store, http://redis.io/ (accessed January 2014)

  11. Tuan Anh, D.T., Ganjoo, M., Braghin, S., Datta, A.: Mosco: A privacy-aware middleware for mobile social computing. Journal of Systems and Software (2013)

    Google Scholar 

  12. XACML: eXtensible Access Control Markup Language (XACML) Version 3.0, http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html (accessed January 2014)

  13. Ning: Build and cultivate your own community, http://www.ning.com/ (accessed January 2014)

  14. Foundation, O.: OpenSocial protocol, http://opensocial.org/ (accessed January 2014)

  15. Yammer: Enterprise Social Network, https://www.yammer.com/ (accessed January 2014)

  16. SAML: Security Assertion Markup Language (SAML) v2.0, https://www.oasis-open.org/standards#samlv2.0 (accessed January 2014)

  17. Status.net: Free and open source social software, http://status.net/ (accessed January 2014)

  18. Identi.ca: Open source social networking service, https://identi.ca/ (accessed January 2014)

  19. pump.io: Open source social stream server, http://pump.io/ (accessed January 2014)

  20. WebFinger: Personal web discovery protocol, https://code.google.com/p/webfinger/wiki/WebFingerProtocol (accessed January 2014)

  21. Appcelerator: Portable software development platform, http://www.appcelerator.com/ (accessed January 2014)

  22. OpenID Foundation: The Internet Identity Layer, http://openid.net/ (accessed January 2014)

  23. Macgirvin, M.: DFRN - The Distributed Friends and Relations Network, https://macgirvin.com/spec/dfrn2.pdf (accessed January 2014)

  24. Zot: Secure decentralised communications framework, https://github.com/friendica/red/wiki/zot (accessed January 2014)

  25. Wahl, M., Howes, T., Kille, S.: Lightweight Directory Access Protocol, https://www.ietf.org/rfc/rfc2251.txt

  26. Friendica: Red design documentation, https://github.com/friendica/red/wiki/red (accessed January 2014)

  27. Diaspora: The Community-run, Distributed Social Network, http://www.joindiaspora.com/ (accessed January 2014)

  28. Salmon: Real-time Commenting Protocol, http://www.salmon-protocol.org/ (accessed January 2014)

  29. OneSocialWeb: Creating a free, open, and decentralized social networking platform, http://onesocialweb.org/ (accessed January 2014)

  30. buddycloud: Federated social network, http://buddycloud.com/ (accessed January 2014)

  31. XMPP: XMPP standards foundation, http://xmpp.org/about-xmpp/xsf/ (accessed January 2014)

  32. XMPP: XMPP extension protocols, http://xmpp.org/extensions/xep-0001.html (accessed January 2014)

  33. Elgg: Open Source Social Networking Engine, http://elgg.org/ (accessed January 2014)

  34. Dodson, B., Vo, I., Purtell, T., Cannon, A., Lam, M.: Musubi: Disintermediated interactive social feeds for mobile devices. In: Proceedings of the 21st International Conference on World Wide Web, pp. 211–220. ACM (2012)

    Google Scholar 

  35. Toninelli, A., Pathak, A., Issarny, V.: Yarta: A Middleware for Managing Mobile Social Ecosystems. In: Riekki, J., Ylianttila, M., Guo, M. (eds.) GPC 2011. LNCS, vol. 6646, pp. 209–220. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  36. Hachem, S., Toninelli, A., Pathak, A., Issarny, V.: Policy-based Access Control in Mobile Social Ecosystems. In: Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks, Pisa, Italy. IEEE computer society (June 2011)

    Google Scholar 

  37. W3C: Federated social web community group, http://www.w3.org/2005/Incubator/federatedsocialweb/wiki/Main_Page (accessed January 2014)

  38. Parliament: High-performance triple store, http://parliament.semwebcentral.org/ (accessed January 2014)

  39. AllegroGraph: RDFStore Web 3.0’s Database, http://franz.com/agraph/allegrograph/ (accessed January 2014)

  40. Mulgara: Open source scalable rdf database, http://www.mulgara.org/ (accessed January 2014)

  41. Tummarello, G., Morbidoni, C., Bachmann-Gmür, R., Erling, O.: RDFSync: Efficient remote synchronization of rdf models. In: Aberer, K., et al. (eds.) ASWC 2007 and ISWC 2007. LNCS, vol. 4825, pp. 537–551. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  42. eXo: Open Source Enterprise Social Network, http://www.exoplatform.com/ (accessed January 2014)

  43. Shibboleth: Federated identity solutions, http://shibboleth.net/ (accessed January 2014)

  44. Gluu: Open source access management, http://www.gluu.org/ (accessed January 2014)

  45. Decat, M., Lagaisse, B., Van Landuyt, D., Crispo, B., Joosen, W.: Federated authorization for software-as-a-service applications. In: Meersman, R., Panetto, H., Dillon, T., Eder, J., Bellahsene, Z., Ritter, N., De Leenheer, P., Dou, D. (eds.) ODBASE 2013. LNCS, vol. 8185, pp. 342–359. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  46. Mont, M.C., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In: IEEE Proceedings of the 14th International Workshop on Database and Expert Systems Applications, pp. 377–382 (2003)

    Google Scholar 

  47. Fatema, K., Chadwick, D.W., Lievens, S.: A multi-privacy policy enforcement system. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds.) Privacy and Identity 2010. IFIP AICT, vol. 352, pp. 297–310. Springer, Heidelberg (2011)

    Google Scholar 

  48. MQTT: Machine to machine connectivity protocol, http://mqtt.org/ (accessed January 2014)

  49. Bennaceur, A., Singh, P., Raverdy, P.G., Issarny, V.: The iBICOOP middleware: Enablers and services for emerging pervasive computing environments. In: IEEE International Conference on Pervasive Computing and Communications, PerCom 2009, pp. 1–6. IEEE (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Inria Paris-Rocquencourt, France

    Animesh Pathak, George Rosca & Valerie Issarny

  2. iMinds-DistriNet, KU Leuven, 3001, Leuven, Belgium

    Maarten Decat & Bert Lagaisse

Authors
  1. Animesh Pathak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. George Rosca
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Valerie Issarny
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Maarten Decat
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bert Lagaisse
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. INKO, Software Engineering, Universität Duisburg-Essen, 47048, Duisburg, Germany

    Maritta Heisel

  2. Department of Computer Science, KU Leuven, Celestijnenlaan 200A, 3001, Heverlee, Belgium

    Wouter Joosen

  3. Computer Science Department, Network, Information and Computer Security Lab, University of Malaga, 29071, Malaga, Spain

    Javier Lopez

  4. Istituto di Informatica e Telematica (IIT), Consiglio Nazionale delle Ricerche (CNR), Via G. Moruzzi 1, 56124, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Pathak, A., Rosca, G., Issarny, V., Decat, M., Lagaisse, B. (2014). Privacy and Access Control in Federated Social Networks. In: Heisel, M., Joosen, W., Lopez, J., Martinelli, F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, vol 8431. Springer, Cham. https://doi.org/10.1007/978-3-319-07452-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-07452-8_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07451-1

  • Online ISBN: 978-3-319-07452-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation