research-article

Detecting and resolving privacy conflicts for collaborative data sharing in online social networks

Authors:

Jan JorgensenAuthors Info & Claims

ACSAC '11: Proceedings of the 27th Annual Computer Security Applications Conference

Pages 103 - 112

https://doi.org/10.1145/2076732.2076747

Published: 05 December 2011 Publication History

Abstract

We have seen tremendous growth in online social networks (OSNs) in recent years. These OSNs not only offer attractive means for virtual social interactions and information sharing, but also raise a number of security and privacy issues. Although OSNs allow a single user to govern access to her/his data, they currently do not provide any mechanism to enforce privacy concerns over data associated with multiple users, remaining privacy violations largely unresolved and leading to the potential disclosure of information that at least one user intended to keep private. In this paper, we propose an approach to enable collaborative privacy management of shared data in OSNs. In particular, we provide a systematic mechanism to identify and resolve privacy conflicts for collaborative data sharing. Our conflict resolution indicates a tradeoff between privacy protection and data sharing by quantifying privacy risk and sharing loss. We also discuss a proof-of-concept prototype implementation of our approach as part of an application in Facebook and provide system evaluation and usability study of our methodology.

References

[1]

Facebook Places. http://www.facebook.com/places/.

[2]

Facebook Privacy Policy. http://www.facebook.com/policy.php/.

[3]

Facebook Statistics. http://http://www.facebook.com/press/info.php?statistics.

[4]

Google+ Privacy Policy. http://http://www.google.com/intl/en/+/policy/.

[5]

The Google+ Project. https://plus.google.com.

[6]

J. Becker and H. Chen. Measuring privacy risk in online social networks. In Proceedings of the 2009 Workshop on Web, volume 2. Citeseer.

[7]

A. Besmer and H. Richter Lipford. Moving beyond untagging: Photo privacy in a tagged world. In Proceedings of the 28th international conference on Human factors in computing systems, pages 1563--1572. ACM, 2010.

Digital Library

[8]

J. Brickell and V. Shmatikov. The cost of privacy: destruction of data-mining utility in anonymized data publishing. In Proceeding of the 14th ACM SIGKDD, pages 70--78. ACM, 2008.

Digital Library

[9]

B. Carminati, E. Ferrari, and A. Perego. Rule-based access control for social networks. In On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, pages 1734--1744. Springer, 2006.

Digital Library

[10]

B. Carminati, E. Ferrari, and A. Perego. Enforcing access control in web-based social networks. ACM Transactions on Information and System Security (TISSEC), 13(1):1--38, 2009.

Digital Library

[11]

E. Carrie. Access Control Requirements for Web 2.0 Security and Privacy. In Proc. of Workshop on Web 2.0 Security & Privacy (W2SP). Citeseer, 2007.

[12]

P. Fong. Relationship-Based Access Control: Protection Model and Policy Language. In Proceedings of the First ACM Conference on Data and Application Security and Privacy. ACM, 2011.

Digital Library

[13]

P. Fong, M. Anwar, and Z. Zhao. A privacy preservation model for facebook-style social network systems. In Proceedings of the 14th European conference on Research in computer security, pages 303--320. Springer-Verlag, 2009.

Digital Library

[14]

J. Golbeck. Computing and applying trust in web-based social networks. Ph.D. thesis, University of Maryland at College Park College Park, MD, USA. 2005.

Digital Library

[15]

H. Hu and G. Ahn. Multiparty authorization framework for data sharing in online social networks. In Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy, DBSec'11, pages 29--43. Springer, 2011.

Digital Library

[16]

H. Hu, G. Ahn, and K. Kulkarni. Anomaly discovery and resolution in web access control policies. In Proceedings of the 16th ACM symposium on Access control models and technologies, pages 165--174. ACM, 2011.

Digital Library

[17]

S. Kruk, S. Grzonkowski, A. Gzella, T. Woroniecki, and H. Choi. D-FOAF: Distributed identity management with access rights delegation. The Semantic Web-ASWC 2006, pages 140--154, 2006.

Digital Library

[18]

A. Lampinen, V. Lehtinen, A. Lehmuskallio, and S. Tamminen. We're in it together: interpersonal management of disclosure in social network services. In Proceedings of the 2011 annual conference on Human factors in computing systems, pages 3217--3226. ACM, 2011.

Digital Library

[19]

T. Li and N. Li. On the tradeoff between privacy and utility in data publishing. In Proceedings of the 15th ACM SIGKDD, pages 517--526. ACM, 2009.

Digital Library

[20]

K. Liu and E. Terzi. A framework for computing the privacy scores of users in online social networks. ACM Transactions on Knowledge Discovery from Data (TKDD), 5(1):6, 2010.

Digital Library

[21]

M. Madejski, M. Johnson, and S. Bellovin. The Failure of Online Social Network Privacy Settings. Technical Report CUCS-010-11, Columbia University, NY, USA. 2011.

[22]

A. Squicciarini, M. Shehab, and F. Paci. Collective privacy management in social networks. In Proceedings of the 18th international conference on World wide web, pages 521--530. ACM, 2009.

Digital Library

[23]

N. Talukder, M. Ouzzani, A. Elmagarmid, H. Elmeleegy, and M. Yakout. Privometer: Privacy protection in social networks. In Proceedings of 26th International Conference on Data Engineering Workshops (ICDEW), pages 266--269. IEEE, 2010.

[24]

K. Thomas, C. Grier, and D. Nicol. unFriendly: Multi-party Privacy Risks in Social Networks. In Privacy Enhancing Technologies, pages 236--252. Springer, 2010.

Digital Library

[25]

G. Wondracek, T. Holz, E. Kirda, and C. Kruegel. A practical attack to de-anonymize social network users. In 2010 IEEE Symposium on Security and Privacy, pages 223--238. IEEE, 2010.

Digital Library

[26]

E. Zheleva and L. Getoor. To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In Proceedings of the 18th international conference on World wide web, pages 531--540. ACM, 2009.

Digital Library

Cited By

Sharma SSingh GSharma RJones PKraus SDwivedi Y(2024)Digital Health Innovation: Exploring Adoption of COVID-19 Digital Contact Tracing AppsIEEE Transactions on Engineering Management10.1109/TEM.2020.301903371(12272-12288)Online publication date: 2024
https://doi.org/10.1109/TEM.2020.3019033
ERBİL MSÜZEN ABAYRAKÇI H(2023)Otonom mobi̇l robotların güvenli̇ veri̇ i̇leti̇mi̇ içi̇n hi̇bri̇t şi̇freleme yaklaşımıA Hybrid encryption approach for secure data transmission of autonomous mobile robotsUluslararası Teknolojik Bilimler Dergisi10.55974/utbd.131122915:2(64-72)Online publication date: 13-Sep-2023
https://doi.org/10.55974/utbd.1311229
Salgado AHung PFortes R(2023)Six usable privacy heuristicsProceedings of the XXII Brazilian Symposium on Human Factors in Computing Systems10.1145/3638067.3638111(1-11)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3638067.3638111
Show More Cited By

Index Terms

Detecting and resolving privacy conflicts for collaborative data sharing in online social networks
1. Security and privacy
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

Privacy-preserving data sharing in cloud computing

Storing and sharing databases in the cloud of computers raise serious concern of individual privacy. We consider two kinds of privacy risk: presence leakage, by which the attackers can explicitly identify individuals in (or not in) the database, and ...
Collaborative privacy management: mobile privacy beyond your own devices
SPME '14: Proceedings of the ACM MobiCom workshop on Security and privacy in mobile environments

As the development of mobile devices and applications, mobile privacy has become a very important issue. Current researches on mobile privacy mainly focus on potential leakages on a particular device. However, leakage of sensitive data on a mobile ...
Privacy protection in data sharing: towards feedback based solutions
ICEGOV '14: Proceedings of the 8th International Conference on Theory and Practice of Electronic Governance

Sharing data is gaining importance in recent years due to proliferation of social media and a growing tendency of governments to gain citizens' trust through being transparent. Data dissemination, however, increases chance of compromising privacy ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '11: Proceedings of the 27th Annual Computer Security Applications Conference

December 2011

432 pages

ISBN:9781450306720

DOI:10.1145/2076732

Conference Chair:
Robert H'obbes' Zakon
Zakon Group LLC
,
Program Chairs:
John McDermott
Naval Research Lab
,
Michael Locasto
University of Calgary

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACSA: Applied Computing Security Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ACSAC '11

Sponsor:

ACSA

ACSAC '11: Annual Computer Security Applications Conference

December 5 - 9, 2011

Florida, Orlando, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

79
Total Citations
View Citations
1,281
Total Downloads

Downloads (Last 12 months)53
Downloads (Last 6 weeks)5

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Sharma SSingh GSharma RJones PKraus SDwivedi Y(2024)Digital Health Innovation: Exploring Adoption of COVID-19 Digital Contact Tracing AppsIEEE Transactions on Engineering Management10.1109/TEM.2020.301903371(12272-12288)Online publication date: 2024
https://doi.org/10.1109/TEM.2020.3019033
ERBİL MSÜZEN ABAYRAKÇI H(2023)Otonom mobi̇l robotların güvenli̇ veri̇ i̇leti̇mi̇ içi̇n hi̇bri̇t şi̇freleme yaklaşımıA Hybrid encryption approach for secure data transmission of autonomous mobile robotsUluslararası Teknolojik Bilimler Dergisi10.55974/utbd.131122915:2(64-72)Online publication date: 13-Sep-2023
https://doi.org/10.55974/utbd.1311229
Salgado AHung PFortes R(2023)Six usable privacy heuristicsProceedings of the XXII Brazilian Symposium on Human Factors in Computing Systems10.1145/3638067.3638111(1-11)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3638067.3638111
Mondal MPunuru ACheng TVargas KGundry CDriggs NSchill NCarlson NBedwell JLorenc JGhosh ILi YFulda NPage X(2023)A Tale of Two Cultures: Comparing Interpersonal Information Disclosure Norms on TwitterProceedings of the ACM on Human-Computer Interaction10.1145/36100457:CSCW2(1-40)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610045
Edwards EGilbert MBlank EBranham S(2023)How the Alt Text Gets Made: What Roles and Processes of Alt Text Creation Can Teach Us About Inclusive ImageryACM Transactions on Accessible Computing10.1145/358746916:2(1-28)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3587469
Momotaz FEhtesham-Ul-Haque MBillah S(2023)Understanding the Usages, Lifecycle, and Opportunities of Screen Readers’ PluginsACM Transactions on Accessible Computing10.1145/358269716:2(1-35)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3582697
Salehzadeh Niksirat KKorka DHarkous HHuguenin KCherubini M(2023)On the Potential of Mediation Chatbots for Mitigating Multiparty Privacy Conflicts - A Wizard-of-Oz StudyProceedings of the ACM on Human-Computer Interaction10.1145/35796187:CSCW1(1-33)Online publication date: 16-Apr-2023
https://dl.acm.org/doi/10.1145/3579618
Wu YGui XWisniewski PLi Y(2023)Do Streamers Care about Bystanders' Privacy? An Examination of Live Streamers' Considerations and Strategies for Bystanders' Privacy ManagementProceedings of the ACM on Human-Computer Interaction10.1145/35796037:CSCW1(1-29)Online publication date: 16-Apr-2023
https://dl.acm.org/doi/10.1145/3579603
Venkatasubramanian KRanalli TLanoie JSinapi ALama ASkorinko JFreark MAlterio N(2023)The Design and Prototyping of an App to Teach Adults with Intellectual and Developmental Disabilities to Empower Them Against AbuseACM Transactions on Accessible Computing10.1145/356958516:2(1-31)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3569585
Alhelali ERamokapane KSuch J(2023)Multiuser Privacy and Security Conflicts in the CloudProceedings of the 2023 CHI Conference on Human Factors in Computing Systems10.1145/3544548.3581307(1-16)Online publication date: 19-Apr-2023
https://dl.acm.org/doi/10.1145/3544548.3581307
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents