Considering the popularity and wide adoption of social network systems and the competitive edge these systems provide, there has been a rapid growth in use of these systems to access, store, and exchange personal attribute information in distributed and/or federated environments and this trend is expected to continue. Efficient, secure, and user-centric techniques are important for the successful deployment of such systems. Our goal in this project is to develop a comprehensive and compelling framework SNGuard (Social Network Guard) that satisfies diverse privacy properties, access control issues, identity management requirements, and usage patterns. The vision of dynamic social networks is a complex and highly sophisticated one that requiring ongoing research and analysis to continue concurrent with the changing role and face of digital information creation and usage including personal information and contents in social networks. The principal intellectual products resulting from this project will be the development of novel frameworks to facilitate user-centered privacy management, content management and risk-aware access control, thereby making SNGuard solutions more trustworthy, more reliable, and less vulnerable. This research effort will have broad societal impact by providing a key mechanism to enable new business and community models for the sharing of personal attributes including identity information to safely, easily, and quickly establish social networking environments in cyberspace. In addition to these potential benefits, other anticipated, broad-based benefits to be facilitated by this research include significant influence to K-12 education, international collaboration, and industrial and government partners.
Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users. These OSNs offer attractive means for digital social interactions and information sharing, but also raise a number of security and privacy issues. While OSNs allow users to restrict access to shared data, they currently do not provide any mechanism to enforce privacy concerns over data associated with multiple users. The objective of this project is to develop a comprehensive and compelling framework, Social Network Guard that satisfies diverse privacy properties, access control issues, identity management requirements, and usage patterns. The products resulting from this are mechanisms with demonstrative applications facilitating user-centered privacy management, content management and risk-aware access control. In addition, we developed an approach to enable the protection of shared data associated with multiple users in OSNs. We formulated an access control model to capture the essence of multiparty authorization requirements, along with a multiparty policy specification scheme and a policy enforcement mechanism. Besides, we generated a logical representation of our access control model which allows us to leverage the features of existing logic solvers to perform various analysis tasks on our model. We also implemented a proof-of-concept prototype of our approach as part of an application in Facebook. Through this project, we produced 6 and graduate students including one PhD graduate who is currently a tenure-track assistant professor at Delaware State University. Also, this project supported 3 Research Experience for Undergraduate (REU) participants. Through this research, our students at ASU could study more practical problems in computerized information systems such as social networks and other emerging technology such as cloud and mobile computing. In addition, our research environment helped our students learn research trends and outcomes in ensuring security and privacy requirements for online social networks.