Fine-grained access control of personal data

Ting Wang, Mudhakar Srivatsa, Ling Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

The immensity and variety of personal information (e.g., profile, photo, and microblog) on social sites require access control policies tailored to individuals' privacy needs. Today such policies are still mainly specified manually by ordinary users, which is usually coarse-grained, tedious, and error-prone. This paper presents the design, implementation, and evaluation of an automated access control policy specification tool, XACCESS, that helps non-expert users effectively specify who should have access to which part of their data. A series of key features distinguish XACCESS from prior work: 1) it adopts a role-based access control model (instead of the conventional rule-based paradigm) to capture the implicit privacy/interest preference of social site users; 2) it employs a novel hybrid mining method to extract a set of semantically interpretable, functional "social roles", from both static network structures and dynamic historical activities; 3) based on the identified social roles, confidentiality setting of personal data, and (optional and possibly inconsistent) predefined user-permission assignments, it recommends a set of high-quality privacy settings; 4) it allows user feedback in every phase of the process to further improve the quality of the suggested privacy policies. A comprehensive experimental evaluation is conducted over real social network and user study data to validate the efficacy of XACCESS.

Original languageEnglish (US)
Title of host publicationSACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies
Pages145-155
Number of pages11
DOIs
StatePublished - Jul 25 2012
Event17th ACM Symposium on Access Control Models and Technologies, SACMAT'12 - Newark, NJ, United States
Duration: Jun 20 2012Jun 22 2012

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference17th ACM Symposium on Access Control Models and Technologies, SACMAT'12
CountryUnited States
CityNewark, NJ
Period6/20/126/22/12

Fingerprint

Data privacy
Access control
Specifications
Feedback

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Cite this

Wang, T., Srivatsa, M., & Liu, L. (2012). Fine-grained access control of personal data. In SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies (pp. 145-155). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). https://doi.org/10.1145/2295136.2295165
Wang, Ting ; Srivatsa, Mudhakar ; Liu, Ling. / Fine-grained access control of personal data. SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. 2012. pp. 145-155 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).
@inproceedings{93e7ac6f8cfe4b1484603aa83251b7e9,
title = "Fine-grained access control of personal data",
abstract = "The immensity and variety of personal information (e.g., profile, photo, and microblog) on social sites require access control policies tailored to individuals' privacy needs. Today such policies are still mainly specified manually by ordinary users, which is usually coarse-grained, tedious, and error-prone. This paper presents the design, implementation, and evaluation of an automated access control policy specification tool, XACCESS, that helps non-expert users effectively specify who should have access to which part of their data. A series of key features distinguish XACCESS from prior work: 1) it adopts a role-based access control model (instead of the conventional rule-based paradigm) to capture the implicit privacy/interest preference of social site users; 2) it employs a novel hybrid mining method to extract a set of semantically interpretable, functional {"}social roles{"}, from both static network structures and dynamic historical activities; 3) based on the identified social roles, confidentiality setting of personal data, and (optional and possibly inconsistent) predefined user-permission assignments, it recommends a set of high-quality privacy settings; 4) it allows user feedback in every phase of the process to further improve the quality of the suggested privacy policies. A comprehensive experimental evaluation is conducted over real social network and user study data to validate the efficacy of XACCESS.",
author = "Ting Wang and Mudhakar Srivatsa and Ling Liu",
year = "2012",
month = "7",
day = "25",
doi = "10.1145/2295136.2295165",
language = "English (US)",
isbn = "9781450312950",
series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",
pages = "145--155",
booktitle = "SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies",

}

Wang, T, Srivatsa, M & Liu, L 2012, Fine-grained access control of personal data. in SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pp. 145-155, 17th ACM Symposium on Access Control Models and Technologies, SACMAT'12, Newark, NJ, United States, 6/20/12. https://doi.org/10.1145/2295136.2295165

Fine-grained access control of personal data. / Wang, Ting; Srivatsa, Mudhakar; Liu, Ling.

SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. 2012. p. 145-155 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Fine-grained access control of personal data

AU - Wang, Ting

AU - Srivatsa, Mudhakar

AU - Liu, Ling

PY - 2012/7/25

Y1 - 2012/7/25

N2 - The immensity and variety of personal information (e.g., profile, photo, and microblog) on social sites require access control policies tailored to individuals' privacy needs. Today such policies are still mainly specified manually by ordinary users, which is usually coarse-grained, tedious, and error-prone. This paper presents the design, implementation, and evaluation of an automated access control policy specification tool, XACCESS, that helps non-expert users effectively specify who should have access to which part of their data. A series of key features distinguish XACCESS from prior work: 1) it adopts a role-based access control model (instead of the conventional rule-based paradigm) to capture the implicit privacy/interest preference of social site users; 2) it employs a novel hybrid mining method to extract a set of semantically interpretable, functional "social roles", from both static network structures and dynamic historical activities; 3) based on the identified social roles, confidentiality setting of personal data, and (optional and possibly inconsistent) predefined user-permission assignments, it recommends a set of high-quality privacy settings; 4) it allows user feedback in every phase of the process to further improve the quality of the suggested privacy policies. A comprehensive experimental evaluation is conducted over real social network and user study data to validate the efficacy of XACCESS.

AB - The immensity and variety of personal information (e.g., profile, photo, and microblog) on social sites require access control policies tailored to individuals' privacy needs. Today such policies are still mainly specified manually by ordinary users, which is usually coarse-grained, tedious, and error-prone. This paper presents the design, implementation, and evaluation of an automated access control policy specification tool, XACCESS, that helps non-expert users effectively specify who should have access to which part of their data. A series of key features distinguish XACCESS from prior work: 1) it adopts a role-based access control model (instead of the conventional rule-based paradigm) to capture the implicit privacy/interest preference of social site users; 2) it employs a novel hybrid mining method to extract a set of semantically interpretable, functional "social roles", from both static network structures and dynamic historical activities; 3) based on the identified social roles, confidentiality setting of personal data, and (optional and possibly inconsistent) predefined user-permission assignments, it recommends a set of high-quality privacy settings; 4) it allows user feedback in every phase of the process to further improve the quality of the suggested privacy policies. A comprehensive experimental evaluation is conducted over real social network and user study data to validate the efficacy of XACCESS.

UR - http://www.scopus.com/inward/record.url?scp=84864031880&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84864031880&partnerID=8YFLogxK

U2 - 10.1145/2295136.2295165

DO - 10.1145/2295136.2295165

M3 - Conference contribution

AN - SCOPUS:84864031880

SN - 9781450312950

T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

SP - 145

EP - 155

BT - SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies

ER -

Wang T, Srivatsa M, Liu L. Fine-grained access control of personal data. In SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. 2012. p. 145-155. (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). https://doi.org/10.1145/2295136.2295165