Constraining Information Flow in Social Networks with Privacy Policies
August 10, 2009
Microsoft PowerPoint - Need a reader? Get one here
Online social networking systems are a phenomenon that has grown exponentially over the past few years. These systems provide platforms for people to easily share information, especially about themselves and about their interests. With the recent emergence of geolocation technologies, social networking can allow users to interact relative to location and time. Most systems began with few or no privacy controls and have gradually been adding and enhancing them to meet the demands of their users. Until recently, for example, Facebook had only a binary notion of privacy - a friend could see everything. This has lead to several well known mishaps where information people have voluntarily put online has been used to their detriment. There is a need of strong privacy control mechanisms that factor in the dynamic changes in the user context relative to attributes like location and time. In this paper, we present a system that adds rich privacy support to such systems. We describe a prototype implementation typical of applications that many university campuses and startups are creating. It aggregates social media from a variety of online sources as well as sources internal to the campus intranet. We show how policy framework based on semantic web technologies can be effectively used to devise better privacy control mechanisms that factor in the dynamic user context. The implementation uses the Rein framework and the AIR framework to provide access control and justification support. We validate our architecture in the prototype implementation and describe various cases of privacy rules definitions in the system.
- (Event) Constraining Information Flow in Social Networks with Privacy Policies has PowerPoint slides (Resource) Constraining Information Flow in Social Networks with Privacy Policies