An Authorization Access Of Shared Content Associated

Published Date: 02 Nov 2017

INTRODUCTION :

Social networks like facebook, orkut, twitter, google+ etc are placing a vital role in the real world. A typical OSN provides each user with a virtual space containing profile information, a list of the user’s friends and web pages, such as wall in Facebook. A user profile usually includes information with respect to the user’s birthday, gender, interests, education and work history, and contact information. In addition, users can not only upload a content into their own or others’ spaces but also tag other users who appear in the content. OSNs often use user relationship and group membership to distinguish between trusted and untrusted users. For example, in Facebook, users can allow friends, friends of friends, groups or public to access their data, depending on their personal authorization and privacy requirements. if a user posts a comment in a friend’s space, s/he cannot specify which users can view the comment. In another case, when a user uploads a photo and tags friends who appear in the photo, the tagged friends cannot restrict who can see this photo, even though the tagged friends may have different privacy concerns about the photo. So it is essential to develop an effective and flexible access control mechanism for OSNs, accommodating the special authorization requirements coming from multiple associated users for managing the shared data collaboratively. In this paper, we proposed a systematic solution to facilitate collaborative management of shared data in OSNs.

REQUIREMENTS AND PATTERNS :

We specifically analyze three scenarios profile sharing, relationship sharing and content sharing to understand the risks posted by the lack of collaborative control in OSNs.

Profile sharing:

In the social networks every user have the profile. The profile contains the name, birthday, gender, mobile number, address, email id etc. Such confidential information may have the access rides he/she can miss use that information. The users who are using the applications may also want to control what information of their friends is available to the applications since it is possible for the applications to infer their private profile attributes through their friends’ profile attributes. This means that when an application accesses the profile attributes of a user’s friend, both the user and her friend want to gain control over the profile attributes. If we consider the application is an accessor, the user is a disseminator and the user’s friend is the owner of shared profile attributes in this scenario, Figure (a) demonstrates a profile sharing pattern where a disseminator can share others’ profile attributes to an accessor. Both the owner and the disseminator can specify access control policies to restrict the sharing of profile attributes.

Profile sharing

Relationship sharing:

Every user have the relationship with others. However, B, one of A’s friends, specifies a weaker policy that permits his friend list visible to anyone. In this case, if OSNs can solely enforce one party’s policy, the relationship between A and B can still be learned through Bob’s friend list. Figure (b) shows a relationship sharing pattern where a user called owner, who has a relationship with another user called stakeholder, shares the relationship with an accessor. In this scenario, authorization requirements from both the owner and the stakeholder should be considered. Otherwise, the stakeholder’s privacy concern may be violated.

Relationship sharing

Content sharing:

The content may be in the form of shared data, images, audio, video etc. shared contents may be connected with multiple users. Consider an example where a photograph contains three users, A, B and C. If A uploads it to her own space and tags both B and C in the photo, we call A is the owner of the photo, and B and C stakeholders of the photo. All of them may specify access control policies to control over who can see this photo. Figure (a) depicts a content sharing pattern where the owner of a content shares the content with other OSN members, and the content has multiple stakeholders who may also want to involve in the control of content sharing. In another case, when A posts a note stating "I how are u" to B’s space, we call A the contributor of the note and she may want to make the control over her notes.

Content sharing

MPAC MODEL :

In MPAC model we specify access control policies. A flexible access control mechanism in a multi-user environment like OSNs should allow multiple controllers, who are associated with the shared data, to specify access control policies. As we identified previously in the sharing patterns, in addition to the owner of data, other controllers, including the contributor, stakeholder and disseminator of data, need to regulate the access of the shared data as well. We define these controllers as follows:

Owner : Let d be a data item in the space of a user u in the social network. The user u is called the owner of d.

Contributor : Let d be a data item published by a user u in someone else’s space in the social network. The user u is called the contributor of d.

Stakeholder : Let d be a data item in the space of a user in the social network. Let T be the set of tagged users associated with d. A user u is called a stakeholder of d, if u 2 T.

Disseminator : Let d be a data item shared by a user u from someone else’s space to his/her space in the social network. The user u is called a disseminator of d.

MPAC Policy Specification :

Accessor Specification: Accessors are a set of users who are granted to access the shared data. Accessors can be represented with a set of user names, a set of relationship names or a set of group names in OSNs.

Data Specification: In OSNs, user data is composed of three types of information, user profile, user relationship and user content. To facilitate effective privacy conflictre solution for multiparty access control, we introduce sensitivity levels for data specification, which are assigned by the controllers to the shared data items. A user’s judgment of the sensitivity level of the data is not binary (private/public),but multi-dimensional with varying degrees of sensitivity.

Administrator :

Algorithm :

First register into the any social networking site and create your profile.

Then Log on to the account by using the user name and password. For this we use the method login(uid,pass).

Upload any shared content on his own space by using method photo(photoid) and give the access rides to accessors.

Partner :

Algorithm :

First Log on to the account by using the user name and password. For this we use the method login(uid,pass).

Upload any shared content on other space in any social networking site by using method photo(photoid) and give the access rides to accessor.

Then the contributor have the some access ride to that content.

Tagged partners :

Algorithm :

First Log on to the account by using the user name and password. For this we use the method login(uid,pass).

Upload any shared content in his own space and tagged to others in any social networking site by using method photo(photoid) and give the access rides to accessor.

The tagged user are the stakeholder of that shared content.

The tagged user have some access ride to that shared content.

Shared partner :

Algorithm :

First Log on to the account by using the user name and password. For this we use the method login(uid,pass).

Upload any shared content in his own space and tagged to others in any social networking site by using method photo(photoid) and give the access rides to accessor.

The tagged user are the stakeholder of that shared content.

Some access permissions give to the tagged user by using the accessor.

Access control :

Algorithm :

First send the request to the facebook server by using facebook application.

The request is forword to the application server by using the request(req) method.

The decision can be made by using the methods decision(permit) or decision(deny).

Photo can be uploaded by using the method photo(photoid).

The decision making is done by using the condition if(dv>sc).

If it is true it permits otherwise deny.

The access rides give to the accessors by using accessor(permit,deny) method.

MULTIPARTY POLICY EVALUATION :

First take the access request from the user. Then checks theaccess request against the policy specified by each controllerand yields a decision for the controller.

The accessor element in a policy decides whether the policy is applicable to a request. If the user who sends the request belongs to the user set derived from the accessor of a policy, the policy is applicable and the evaluation process returns a response with the decision (either permit or deny) indicated by the effect element in the policy. Otherwise, the response yields deny decision if the policy is not applicable to the request. In the second step, decisions from all controllers responding to the access request are aggregated to make a final decision for the access request. Figure illustrates the evaluation process of multiparty access control policies. Since data controllers may generate different decisions(permit and deny) for an access request, conflicts may occur. In order to make an unambiguous decision for eachaccess request, it is essential to adopt a systematic conflictresolution mechanism to resolve those conflicts duringmultiparty policy evaluation.

IMPLEMENTATION AND EVALUATION :

Prototype Implementation :

There are two steps to perform evaluation process first is facebook server and second is application server. The Facebook server provides an entry point via the Facebook application page, and provides references to photos, friendships, and feed data through API calls. Facebook server accepts inputs from users, then forwards them to the application server. The application server is responsible for the input processing and collaborative management of shared data. Information related to user data such as user identifiers, friend lists, user groups, and user contents are stored in the application database. Users can access the MController application through Facebook, which serves the application in an iFrame. When access requests are made to the decision making portion in the application server, results are returned in the form of access to photos or proper information about access to photos. In addition, when privacy changes are made, the decision making portion returns change-impact information to the interface to alert the user.

Overall Architecture of MController Application

Decision Making in Mcontroller

A concept of MController is the decision making module, which processes access requests and returns responses (either permit or deny) for the requests. A system architecture of the decision making module in MController. To evaluate an access request, the policies of each controller of the targeted content are enforced first to generate a decision for the controller. Then, the decisions of all controllers are aggregated to yield a final decision as the response of the request. Multiparty privacy conflicts are resolved based on the configured conflict resolution mechanism when aggregating the decisions of controllers. If the owner of the content chooses automatic conflict resolution, the aggregated sensitivity value is utilized as a threshold for decision making. Otherwise, multiparty privacy conflicts are resolved by applying the strategy selected by the owner, and the aggregated sensitivity score is considered as a recommendation for strategy selection.

CONCLUSION

In this paper, we have proposed a novel solution for collaborative management of shared data in OSNs. A proof-of-concept implementation of our solution called MController has been discussed as well, followed by the usability study and system evaluation of our method. we are planning to investigate more comprehensive privacy conflict resolution approach and analysis services for collaborative management of shared data in OSNs. Also, we would explore more criteria to evaluate the features of our proposed MPAC model. For example, one of our recent work has evaluated the effectiveness of MPAC conflict resolution approach based on the tradeoff of privacy risk and sharing loss. In addition, users may be involved in the control of a larger number of shared photos and the configurations of the privacy preferences may become time-consuming and tedious tasks.