DATA-BASED ACCESS CONTROL FOR SOCIAL NETWORKS ( ELECTRICAL AND ELECTRONIC PROJECT TOPIC)
Abstract
Social networking has become a popular way to be in contact with each other. In social networking, people tend to share a wide range of information with other users of the networking site. Here, security of personal information has become a most critical issue. One of the important issues in online social network is that how user privacy is protected because online social network providers have full control over users’ data. The online social network providers typically store users’ information permanently. Meanwhile, the trend in information security is mov-ing the security perimeter as close to the data as possible. We want to move the perimeter closer to the data, but do this without being able to derive who is accessing which data. An e cient privacy protection mechanism is important for online social networking sites that can be used to protect the privacy of online users’ data from third parties. An access control mechanism shifts the control over data sharing back to the users by providing them with exible and dynamic access policies. Hence, instead of relying on credentials given by a person trying to access information, there is a need to protect the data using only the data itself. In this context where decryption of data is made possible by already knowing some part of the data. This thesis work discusses the implementation of data based access control in social networking sites. That is, personal information is made available only to those who already have some of this information. We de ned and analyzed types of data based access control methods (direct, indirect and order-invariant data based access control methods). An e ort is made to design suitable policy in order to apply them to social networking sites. We implemented our solution in a prototype platform for social networking sites using a Java based prototype and My Structured Query Language (MySQL) database. Our experimental re-sults verify the e ectiveness of indirect data based access control method over social networking sites. This mechanism provides enhanced security features from both eavesdrop attacks and provider attacks. Moreover, we present a performance study of the implemented prototype.
