A Supporting Automatically Mechanism for Data Owner Preventing Personal Privacy from Colluding Attack on Online Social Networks

  • Nguyen Hoang Nam PhamEmail author
  • Thanh Tien Nguyen
  • Thi Kim Tuyen Le
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10018)


Worldwide, there are over 1.65 billion monthly active Facebook users (MAUs) which is a 15 % increase year over year. What this means for you: in case you meet any lingering doubts, Facebook is too big to be ignored. Online social networks (OSNs) offer a useful environment for our social purposes such as sharing information and communicating to with each other. However, OSNs suffer also high risk of leakage private user information. In this paper, we present a mechanism for data owner preventing automatically personal privacy from colluding attack. We approach supporting automatically making approval for new relationship to shared data basing on historical data.


Access control Online social network Colluding attack 


  1. 1.
  2. 2.
    Boyd, D.M., Ellison, N.B.: Social network sites: definition, history, and scholarship. J. Comput. Mediated Commun. 13, 210–230 (2007)CrossRefGoogle Scholar
  3. 3.
    Thomas, R.K., Sandhu, R.S.: Conceptual foundations for a model of task-based authorizations. In: 7th IEEE Computer Security Foundations Workshop, pp. 66–79. IEEE Computer Society Press (1994)Google Scholar
  4. 4.
    Thomas, R.K., Sandhu, R.S.: Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management. In: Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Security XI: Status and Prospects, pp. 166–181. Chapman & Hall, Ltd., London. ISBN 0-412-82090-0 (1998)Google Scholar
  5. 5.
    Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: Second ACM Workshop on Role-Based Access Control, pp. 13–19. ACM (1997). ISBN 0897919858Google Scholar
  6. 6.
    Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on Privacy in the Electronic Society (WPES 2005), pp. 71–80 (2005). ISBN 1-59593-228-3Google Scholar
  7. 7.
    Li, Y., Li, Y., Yan, Q., Deng, R.H.: Privacy leakage analysis in online social networks. Comput. Secur. 49, 239–254 (2015). CrossRefGoogle Scholar
  8. 8.
    González-Manzano, L., González-Tablas, A.I., de Fuentes, J.M., Ribagorda, A.: SoNeUCONABC, an expressive usage control model for Web-Based Social Networks. Comput. Secur. 43, 159–187 (2014). CrossRefGoogle Scholar
  9. 9.
    Li, J., Tang, Y., Mao, C., Lai, H., Zhu, J.: Role based access control for social network sites. In: Joint Conferences on Pervasive Computing (JCPC) 2009, Tamsui, Taipei, pp. 389–394 (2009)Google Scholar
  10. 10.
    Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social networks. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006. LNCS, vol. 4278, pp. 1734–1744. Springer, Heidelberg (2006). doi: 10.1007/11915072_80 CrossRefGoogle Scholar
  11. 11.
    Golbeck, J.: Computing and applying trust in web-based social network. Ph.D. thesis, University of Maryland, College Park, Md, USA (2005)Google Scholar
  12. 12.
    Fong, P.W.L.: Relationship-based access control: protection model and policy language. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, pp. 191–202. ACM, New York (2011). ISBN 978-1-4503-0466-5Google Scholar
  13. 13.
    Masoumzadeh, A., Joshi, J.: Osnac: an ontology-based access control model for social networking systems. In: Proceedings of the 2010 IEEE Second International Conference on Social Computing, SOCIALCOM 2010, pp. 751–759. IEEE Computer Society, Washington (2010). ISBN 978-0-7695-4211-9Google Scholar
  14. 14.
    Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, pp. 177–186. ACM, New York (2009). ISBN 978-1-60558-537-6Google Scholar
  15. 15.
    Cheng, Y., Park, J., Sandhu, R.: Attribute-aware relationship-based access control for online social networks. In: Data and Applications Security and Privacy XXVIII (2014)Google Scholar
  16. 16.
    Bruns, G., Fong, P.W.L., Siahaan, I., Huth, M.: Relationship-based access control: its expression and enforcement through hybrid logic. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy (CODASPY 2012), pp. 117–124. ACM, New York (2012)Google Scholar
  17. 17.
    Fong, P.W.L.: Relationship-based access control: protection model and policy language. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, pp. 191–202. ACM, New York (2011). ISBN 978-1-4503-0466-5Google Scholar
  18. 18.
    Hu, H., Ahn, G.J., Jorgensen, J.: Multiparty access control for online social networks: model and mechanisms. IEEE Trans. Knowl. Data Eng. 25(7), 1614–1627 (2013)CrossRefGoogle Scholar
  19. 19.
    Stanford Large Network Dataset Collection.

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Nguyen Hoang Nam Pham
    • 1
    Email author
  • Thanh Tien Nguyen
    • 2
  • Thi Kim Tuyen Le
    • 3
  1. 1.Department of Information TechnologyUniversity of Economic Ho Chi Minh CityHo Chi Minh CityVietnam
  2. 2.IT and Data Management DepartmentOxford University Clinical Research UnitHo Chi Minh CityVietnam
  3. 3.Faculty of Computer Science and EngineeringHCMC University of TechnologyHo Chi Minh CityVietnam

Personalised recommendations