More Web Proxy on the site http://driver.im/

Article

Attribute-Aware Relationship-Based Access Control for Online Social Networks

Authors:

Ravi SandhuAuthors Info & Claims

DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Pages 292 - 306

https://doi.org/10.1007/978-3-662-43936-4_19

Published: 14 July 2014 Publication History

Abstract

Relationship-based access control ReBAC has been adopted as themost prominent approach for access control in online social networks OSNs, where authorization policies are typically specified in terms of relationships of certain types and/or depth between the access requester and the target. However, using relationships alone is often not sufficient to enforce various security and privacy requirements that meet the expectation fromtoday'sOSN users. In thiswork, we integrate attribute-based policies into relationship-based access control. The proposed attribute-aware Re- BAC enhances access control capability and allows finer-grained controls that are not available in ReBAC. The policy specification language for the user-to-user relationship-based access control UURAC model proposed in [6] is extended to enable such attribute-aware access control. We also present an enhanced path-checking algorithm to determine the existence of the required attributes and relationships in order to grant access.

References

[1]

Bruns, G., Fong, P.W., Siahaan, I., Huth, M.: Relationship-based access control: its expression and enforcement through hybrid logic. In: Proceedings of the Second CODASPY, pp. 117---124. ACM 2012

Digital Library

[2]

Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.: A semantic web based framework for social network access control. In: Proceedings of the 14th SACMAT, pp. 177---186. ACM 2009

Digital Library

[3]

Carminati, B., Ferrari, E., Perego, A.: Rule-based access control for social networks. In: Meersman, R., Tari, Z., Herrero, P. eds. OTM 2006 Workshops. LNCS, vol. 4278, pp. 1734---1744. Springer, Heidelberg 2006

Digital Library

[4]

Carminati, B., Ferrari, E., Perego, A.: Enforcing access control in web-based social networks. ACM TISSEC 131, 6 2009

Digital Library

[5]

Cheng, Y., Park, J., Sandhu, R.: Relationship-based access control for online social networks: beyond user-to-user relationships. In: PASSAT 2012, pp. 646---655. IEEE 2012

Digital Library

[6]

Cheng, Y., Park, J., Sandhu, R.: A user-to-user relationship-based access control model for online social networks. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. eds. DBSec 2012. LNCS, vol. 7371, pp. 8---24. Springer, Heidelberg 2012

Digital Library

[7]

Fong, P.W.: Relationship-based access control: protection model and policy language. In: Proceedings of the First CODASPY, pp. 191---202. ACM 2011

Digital Library

[8]

Fong, P.W.L., Anwar, M., Zhao, Z.: A privacy preservation model for facebook-style social network systems. In: Backes, M., Ning, P. eds. ESORICS 2009. LNCS, vol. 5789, pp. 303---320. Springer, Heidelberg 2009

Digital Library

[9]

Fong, P.W., Siahaan, I.: Relationship-based access control policies and their policy languages. In: Proceedings of the 16th SACMAT, pp. 51---60. ACM 2011

Digital Library

[10]

Gates, C.: Access control requirements for Web 2.0 security and privacy. IEEE Web 2.0 2007

[11]

Golbeck, J., Hendler, J.: Inferring binary trust relationships in web-based social networks. ACM Transactions on Internet Technology TOIT 64, 497---529 2006

Digital Library

[12]

Golbeck, J.A.: Computing and Applying Trust in Web-based Social Networks. PhD thesis, University of Maryland at College Park, College Park, MD, USA 2005

Digital Library

[13]

Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. eds. DBSec 2012. LNCS, vol. 7371, pp. 41---55. Springer, Heidelberg 2012

Digital Library

[14]

Kruk, S.R., Grzonkowski, S., Gzella, A., Woroniecki, T., Choi, H.-C.: D-FOAF: Distributed identity management with access rights delegation. In: Mizoguchi, R., Shi, Z.-Z., Giunchiglia, F. eds. ASWC 2006. LNCS, vol. 4185, pp. 140---154. Springer, Heidelberg 2006

Digital Library

[15]

Masoumzadeh, A., Joshi, J.: OSNAC: an ontology-based access control model for social networking systems. In: SocialCom 2010, pp. 751---759. IEEE 2010

Digital Library

[16]

Park, J., Sandhu, R., Cheng, Y.: ACON: activity-centric access control for social computing. In: 2011 Sixth International Conference on Availability, Reliability and Security ARES, pp. 242---247. IEEE 2011

Digital Library

[17]

Park, J., Sandhu, R., Cheng, Y.: A user-activity-centric framework for access control in online social networks. IEEE Internet Computing 155, 62---65 2011

Digital Library

[18]

Shen, H., Hong, F.: An attribute-based access control model for web services. In: PDCAT 2006, pp. 74---79. IEEE 2006

Digital Library

[19]

Yuan, E., Tong, J.: Attributed based access control ABAC for web services. In: Proceedings of the IEEE ICWS, pp. 561---569. IEEE 2005

Digital Library

Cited By

Ruiz JNarendran PMasoumzadeh AIyer PNiu JVaidya J(2024)Converting Rule-Based Access Control Policies: From Complemented Conditions to Deny RulesProceedings of the 29th ACM Symposium on Access Control Models and Technologies10.1145/3649158.3657040(159-169)Online publication date: 24-Jun-2024
https://dl.acm.org/doi/10.1145/3649158.3657040
Chakraborty SSandhu R(2021)On Feasibility of Attribute-Aware Relationship-Based Access Control Policy MiningData and Applications Security and Privacy XXXV10.1007/978-3-030-81242-3_23(393-405)Online publication date: 19-Jul-2021
https://dl.acm.org/doi/10.1007/978-3-030-81242-3_23
Rizvi SFong P(2020)Efficient Authorization of Graph-database Queries in an Attribute-supporting ReBAC ModelACM Transactions on Privacy and Security10.1145/340102723:4(1-33)Online publication date: 6-Jul-2020
https://dl.acm.org/doi/10.1145/3401027
Show More Cited By

Attribute-Aware Relationship-Based Access Control for Online Social Networks
1. Security and privacy
  1. Security services

Recommendations

Classifying and Comparing Attribute-Based and Relationship-Based Access Control
CODASPY '17: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy

Attribute-based access control (ABAC) expresses authorization policy via attributes while relationship-based access control (ReBAC) does so via relationships. While ABAC concepts have been around for a long time, ReBAC is relatively recent emerging with ...
Towards Attribute-Centric Access Control: an ABAC versus RBAC argument

Recent developments in attribute-based access control have fueled the conventional debate regarding the pros and cons of Attributes-based access control ABAC versus Role-based access control RBAC. However, existing arguments have been primarily focused ...
Relationship-Based Access Control for Online Social Networks: Beyond User-to-User Relationships
SOCIALCOM-PASSAT '12: Proceedings of the 2012 ASE/IEEE International Conference on Social Computing and 2012 ASE/IEEE International Conference on Privacy, Security, Risk and Trust

User-to-user (U2U) relationship-based access control has become the most prevalent approach for modeling access control in online social networks (OSNs), where authorization is typically made by tracking the existence of a U2U relationship of particular ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

July 2014

389 pages

ISBN:9783662439357

Editors:
Vijay Atluri
Rutgers University, Newark, USA
,
Günther Pernul
Universität Regensburg, Regensburg, Germany

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 14 July 2014

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ruiz JNarendran PMasoumzadeh AIyer PNiu JVaidya J(2024)Converting Rule-Based Access Control Policies: From Complemented Conditions to Deny RulesProceedings of the 29th ACM Symposium on Access Control Models and Technologies10.1145/3649158.3657040(159-169)Online publication date: 24-Jun-2024
https://dl.acm.org/doi/10.1145/3649158.3657040
Chakraborty SSandhu R(2021)On Feasibility of Attribute-Aware Relationship-Based Access Control Policy MiningData and Applications Security and Privacy XXXV10.1007/978-3-030-81242-3_23(393-405)Online publication date: 19-Jul-2021
https://dl.acm.org/doi/10.1007/978-3-030-81242-3_23
Rizvi SFong P(2020)Efficient Authorization of Graph-database Queries in an Attribute-supporting ReBAC ModelACM Transactions on Privacy and Security10.1145/340102723:4(1-33)Online publication date: 6-Jul-2020
https://dl.acm.org/doi/10.1145/3401027
Rizvi SFong PZhao ZAhn GKrishnan RGhinita G(2018)Efficient Authorization of Graph Database Queries in an Attribute-Supporting ReBAC ModelProceedings of the Eighth ACM Conference on Data and Application Security and Privacy10.1145/3176258.3176331(204-211)Online publication date: 13-Mar-2018
https://dl.acm.org/doi/10.1145/3176258.3176331
Ahmed TSandhu RPark JAhn GPretschner AGhinita G(2017)Classifying and Comparing Attribute-Based and Relationship-Based Access ControlProceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029828(59-70)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029828
Servos DOsborn S(2017)Current Research and Open Problems in Attribute-Based Access ControlACM Computing Surveys10.1145/300720449:4(1-45)Online publication date: 2-Jan-2017
https://dl.acm.org/doi/10.1145/3007204
Cheng YBijon KSandhu RWang XBauer LKerschbaum F(2016)Extended ReBAC Administrative Models with Cascading Revocation and Provenance SupportProceedings of the 21st ACM on Symposium on Access Control Models and Technologies10.1145/2914642.2914655(161-170)Online publication date: 6-Jun-2016
https://dl.acm.org/doi/10.1145/2914642.2914655

View Options

View options

Figures

Tables

Media

View Table of Conten