Collaborative Access Control in On-line Social Networks (Invited Paper)

Topology-based access control is today a de-facto standard for protecting resources in On-line Social Networks (OSNs) both within the research community and commercial OSNs. According to this paradigm, authorization constraints specify the relationships (and possibly their depth and trust level) that should occur between the requestor and the resource owner to make the first able to access the required resource. In this paper, we show how topology-based access control can be enhanced by exploiting the collaboration among OSN users, which is the essence of any OSN. The need of user collaboration during access control enforcement arises by the fact that, different from traditional settings, in most OSN services users can reference other users in resources (e.g., a user can be tagged to a photo), and therefore it is generally not possible for a user to control the resources published by another user. For this reason, we introduce collaborative security policies, that is, access control policies identifying a set of collaborative users that must be involved during access control enforcement. Moreover, we discuss how user collaboration can also be exploited for policy administration and we present an architecture on support of collaborative policy enforcement.