Title :
Distributed access control for social networks
Author :
Ahmad, Adnan ; Whitworth, Brian
Author_Institution :
Inst. of Inf. & Math. Sci., Massey Univ., Auckland, New Zealand
Abstract :
Access control is the process by which access to information is granted to users for certain actions based on their identity. Traditional access control models that map every system resource directly to every system user work for organizations with thousands of users but struggle for social network sites like Facebook with millions of users. The problems faced are firstly the technical complexity of mapping millions of users to billions of resources and secondly the social need of users to own the items they post and to control their access, so access policies beyond just public/private are needed. And finally, that if ordinary users are to manage their own access control, they need software support. This paper argues that only distributed access control can meet these challenges and proposes a model based on the socio-technical design paradigm: first define the social requirements then design a technical solution to fulfill them.
Keywords :
authorisation; social networking (online); Facebook; access policy; distributed access control; information access; social network sites; social networks; social requirements; socio-technical design paradigm; software support; system resource; Authorization; Complexity theory; Permission; Privacy; Social network services; access control; complexity; social networking; socio-technical;
Conference_Titel :
Information Assurance and Security (IAS), 2011 7th International Conference on
Conference_Location :
Melaka
Print_ISBN :
978-1-4577-2154-0
DOI :
10.1109/ISIAS.2011.6122797
