ABSTRACT
In the previous chapter, we provided a framework for social network access control using semantic web technologies. Here, we show the results of an initial implementation of our framework on synthetic data. As stated in Chapter 19, we have designed an extensible, fine-grained online social network (OSN) access control model based on semantic web technologies. Our main idea is to encode social network-related information by means of an ontology. In particular, we suggest to model the following five important aspects of OSNs using semantic web ontologies: (i) user profiles, (ii) relationships among users (e.g., Bob is Alice’s close friend), (iii) resources (e.g., online photo albums), (iv) relationships between users and resources (e.g., Bob is the owner of the photo album), and (v) actions (e.g., posting a message on someone’s wall). By constructing such an ontology, we model the Social Network Knowledge Base (SNKB). Our access control enforcement mechanism is then implemented by exploiting this knowledge. In particular, the idea is to define security policies as rules, whose antecedents state conditions on SNKB and consequents specify the authorized actions. We assume that a centralized reference monitor hosted by the social network manager will enforce the required policies. Our architecture is extensible in that we can add modules to carry out functions such as inference control. Furthermore, we can also extend our policies to include information-sharing policies in addition to access control policies. These extensions will be discussed in Section VIII of this book.
