PriMa: A comprehensive approach to privacy protection in social network sites

Anna C. Squicciarini, Federica Paci, Smitha Sundareswaran

Research output: Contribution to journalArticle

21 Citations (Scopus)

Abstract

With social networks (SNs) allowing their users to host large amounts of personal data on their platforms, privacy protection mechanisms are becoming increasingly important. The current privacy protection mechanisms offered by SNs mostly enforce access control policies based on users' privacy settings. The task of setting privacy preferences may be tedious and confusing for the average user, who has hundreds of connections (e.g., acquaintances, colleagues, friends, etc.) and maintains an extensive profile on his main SN. Hence, users often end up with policies that do not sufficiently protect their personal information, thus facilitating potential privacy breaches and information misuse. In this paper, we propose PriMa (Privacy Manager), a privacy protection mechanism that supports semiautomated generation of access rules for users' profile information, filling the gap between the privacy management needs of SN users and the existing SNs' privacy protection mechanisms. PriMa access rules are generated using a multicriteria algorithm, so as to account for an extensive set of criteria to be considered when dealing with access control in SN sites. The resulting rules are simple yet powerful specifications, indicating the adequate level of protection for each user, and are dynamically adapted to the ever-changing requirements of the users' preferences and SN configuration. We have implemented PriMa on a Drupal platform and as a third-party Facebook application. We have evaluated the performance of the PriMa application with respect to access rule generation.

Original languageEnglish (US)
Pages (from-to)21-36
Number of pages16
JournalAnnales des Telecommunications/Annals of Telecommunications
Volume69
Issue number1-2
DOIs
StatePublished - Feb 1 2014

Fingerprint

Managers
Access control
Data privacy
Specifications

All Science Journal Classification (ASJC) codes

  • Electrical and Electronic Engineering

Cite this

@article{8c785dc293aa42bd929b98c8955ee237,
title = "PriMa: A comprehensive approach to privacy protection in social network sites",
abstract = "With social networks (SNs) allowing their users to host large amounts of personal data on their platforms, privacy protection mechanisms are becoming increasingly important. The current privacy protection mechanisms offered by SNs mostly enforce access control policies based on users' privacy settings. The task of setting privacy preferences may be tedious and confusing for the average user, who has hundreds of connections (e.g., acquaintances, colleagues, friends, etc.) and maintains an extensive profile on his main SN. Hence, users often end up with policies that do not sufficiently protect their personal information, thus facilitating potential privacy breaches and information misuse. In this paper, we propose PriMa (Privacy Manager), a privacy protection mechanism that supports semiautomated generation of access rules for users' profile information, filling the gap between the privacy management needs of SN users and the existing SNs' privacy protection mechanisms. PriMa access rules are generated using a multicriteria algorithm, so as to account for an extensive set of criteria to be considered when dealing with access control in SN sites. The resulting rules are simple yet powerful specifications, indicating the adequate level of protection for each user, and are dynamically adapted to the ever-changing requirements of the users' preferences and SN configuration. We have implemented PriMa on a Drupal platform and as a third-party Facebook application. We have evaluated the performance of the PriMa application with respect to access rule generation.",
author = "Squicciarini, {Anna C.} and Federica Paci and Smitha Sundareswaran",
year = "2014",
month = "2",
day = "1",
doi = "10.1007/s12243-013-0371-x",
language = "English (US)",
volume = "69",
pages = "21--36",
journal = "Annales des Telecommunications",
issn = "0003-4347",
publisher = "Springer Paris",
number = "1-2",

}

PriMa : A comprehensive approach to privacy protection in social network sites. / Squicciarini, Anna C.; Paci, Federica; Sundareswaran, Smitha.

In: Annales des Telecommunications/Annals of Telecommunications, Vol. 69, No. 1-2, 01.02.2014, p. 21-36.

Research output: Contribution to journalArticle

TY - JOUR

T1 - PriMa

T2 - A comprehensive approach to privacy protection in social network sites

AU - Squicciarini, Anna C.

AU - Paci, Federica

AU - Sundareswaran, Smitha

PY - 2014/2/1

Y1 - 2014/2/1

N2 - With social networks (SNs) allowing their users to host large amounts of personal data on their platforms, privacy protection mechanisms are becoming increasingly important. The current privacy protection mechanisms offered by SNs mostly enforce access control policies based on users' privacy settings. The task of setting privacy preferences may be tedious and confusing for the average user, who has hundreds of connections (e.g., acquaintances, colleagues, friends, etc.) and maintains an extensive profile on his main SN. Hence, users often end up with policies that do not sufficiently protect their personal information, thus facilitating potential privacy breaches and information misuse. In this paper, we propose PriMa (Privacy Manager), a privacy protection mechanism that supports semiautomated generation of access rules for users' profile information, filling the gap between the privacy management needs of SN users and the existing SNs' privacy protection mechanisms. PriMa access rules are generated using a multicriteria algorithm, so as to account for an extensive set of criteria to be considered when dealing with access control in SN sites. The resulting rules are simple yet powerful specifications, indicating the adequate level of protection for each user, and are dynamically adapted to the ever-changing requirements of the users' preferences and SN configuration. We have implemented PriMa on a Drupal platform and as a third-party Facebook application. We have evaluated the performance of the PriMa application with respect to access rule generation.

AB - With social networks (SNs) allowing their users to host large amounts of personal data on their platforms, privacy protection mechanisms are becoming increasingly important. The current privacy protection mechanisms offered by SNs mostly enforce access control policies based on users' privacy settings. The task of setting privacy preferences may be tedious and confusing for the average user, who has hundreds of connections (e.g., acquaintances, colleagues, friends, etc.) and maintains an extensive profile on his main SN. Hence, users often end up with policies that do not sufficiently protect their personal information, thus facilitating potential privacy breaches and information misuse. In this paper, we propose PriMa (Privacy Manager), a privacy protection mechanism that supports semiautomated generation of access rules for users' profile information, filling the gap between the privacy management needs of SN users and the existing SNs' privacy protection mechanisms. PriMa access rules are generated using a multicriteria algorithm, so as to account for an extensive set of criteria to be considered when dealing with access control in SN sites. The resulting rules are simple yet powerful specifications, indicating the adequate level of protection for each user, and are dynamically adapted to the ever-changing requirements of the users' preferences and SN configuration. We have implemented PriMa on a Drupal platform and as a third-party Facebook application. We have evaluated the performance of the PriMa application with respect to access rule generation.

UR - http://www.scopus.com/inward/record.url?scp=84895064361&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84895064361&partnerID=8YFLogxK

U2 - 10.1007/s12243-013-0371-x

DO - 10.1007/s12243-013-0371-x

M3 - Article

AN - SCOPUS:84895064361

VL - 69

SP - 21

EP - 36

JO - Annales des Telecommunications

JF - Annales des Telecommunications

SN - 0003-4347

IS - 1-2

ER -