Advertisement

A novel trust-based access control for social networks using fuzzy systems

  • Sadaf Vahabli
  • Reza RavanmehrEmail author
Article
  • 6 Downloads

Abstract

Social networks are constantly expanding and attracting more and more users. The users of these networks share plenty of information with their friends, many of which are confidential and private. In this regard, maintaining the security and privacy of users is a major requirement in social networks. Although the traditional access control can help users keep their privacy by applying initial access levels, they are not effective for social networks, considering the dynamic nature of them. Therefore, in this paper, a novel trust-based access control approach has been presented for social network using fuzzy system. The proposed method, SNFTrust, is a combination of trust-based access control and fuzzy inference system which consists of three modules: the user module, the fuzzy trust module, and the access control module. In user module, the user request is analyzed to identify the type of relationships, and the property matrix is created based on user’s activity in social network. In fuzzy trust module, two fuzzy systems are combined to calculate the trust score and to specify the access right. Finally, the access control module enables access to the user account. The proposed approach was implemented using the dataset of a real microblog that attracted over 540 million users on the time we accessed the dataset. The results of experiments indicate that the amount of accuracy is 0.96 and the proposed method has the required flexibility, scalability and accuracy, which can be suitable to apply in various social networks.

Keywords

Social networks Access control Trust-based access control Fuzzy system 

Notes

References

  1. 1.
    Ahmad, A., Whitworth, B.: Access control taxonomy for social networks. 7th International Conference on Information Assurance and Security (IAS), pp. 256–261, (2011)Google Scholar
  2. 2.
    Chen, S., Wang, G., Jia, W.: κ-FuzzyTrust: efficient trust computation for large-scale mobile social networks using a fuzzy implicit social graph. Inf. Sci. 318, 123–143 (2015)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Cheng, Y., Park, J., Sandhu, R.: Relationship-based access control for online social networks: beyond user-to-user relationships. Privacy, security, risk and trust (PASSAT). International Conference on Social Computing (SocialCom). 646–655 (2012)Google Scholar
  4. 4.
    Cheng, X., Fu, S., de Vreede, G.-J.: Understanding trust influencing factors in social media communication: a qualitative study. Int. J. Inf. Manag. 37(2), 25–35 (2017)CrossRefGoogle Scholar
  5. 5.
    Fire, M., Goldschmidt, R., Elovici, Y.: Online social networks: threats and solutions. IEEE Communications Surveys & Tutorials. 16(4), 2019–2036 (2014)CrossRefGoogle Scholar
  6. 6.
    Folorunso, O., Mustapha, O.A.: A fuzzy expert system to trust-based access control in crowdsourcing environments. App. Com. Inf. 11(2), 116–129 (2015)Google Scholar
  7. 7.
    Hao, F., Min, G., Lin, M., Luo, C., Yang, L.T.: MobiFuzzyTrust: an efficient fuzzy trust inference mechanism in mobile social networks. IEEE Transactions on Parallel and Distributed Systems. 25(11), 2944–2955 (2014)CrossRefGoogle Scholar
  8. 8.
    Kizza, J.M.: Ethical, Privacy, and Security Issues in the Online Social Network Ecosystems. Ethics in Computing, Springer, pp. 227–253, (2016)Google Scholar
  9. 9.
    Lang, B.: Trust degree based access control for social networks. Proceedings of the International Conference on Security and Cryptography (SECRYPT). 1–6 (2010)Google Scholar
  10. 10.
    Lee, K.H.: First course on fuzzy theory and applications, Springer Science & Business Media, vol. 27, (2006)Google Scholar
  11. 11.
    Li, J., Zhang, Z., Zhang, W.: Mobitrust: trust management system in mobile social computing. IEEE 10th International Conference on Computer and Information Technology (CIT), pp.954–959, (2010)Google Scholar
  12. 12.
    Li, M., Sun, X., Wang, H., Zhang, Y., Zhang, J.: Privacy-aware access control with trust management in web service. World Wide Web. 14(4), 407–430 (2011)CrossRefGoogle Scholar
  13. 13.
    Liu, G., Liu, Y., Liu, A., Li, Z., Zheng, K., Wang, Y., Zhou, X.: Context-aware trust network extraction in large-scale trust-oriented social networks. World Wide Web. 21(3), 713–738 (2018)CrossRefGoogle Scholar
  14. 14.
    Ma, S., He, J., Shuai, X.: An access control method based on scenario trust. Int. J. of Com. Int. Sys. 5(5), 942–952 (2012)CrossRefGoogle Scholar
  15. 15.
    Mahalle, P.N., Thakre, P.A., Prasad, N.R., Prasad, R.: A fuzzy approach to trust based access control in internet of things. 3rd international conference on wireless communications, vehicular technology, Information Theory and Aerospace & Electronic Systems (VITAE), pp. 1–5, (2013)Google Scholar
  16. 16.
    Maqsood, T., Khalid, O., Irfan, R., Madani, S.A., Khan, S.U.: Scalability issues in online social networks.ACM Com. Sur. (CSUR) 49(2), No.40, (2016)Google Scholar
  17. 17.
    Nepal, S., Sherchan, W., Paris, C.: Strust: a trust model for social networks. IEEE 10th international conference on trust, Security and Privacy in Computing and Communications (TrustCom), pp.841–846, (2011)Google Scholar
  18. 18.
    Niu, Y., Wang, Y., Sun, G., Yue, A., Dalessandro, B., Perlich, C., Hamner, B.: The Tencent Dataset and KDD-Cup’12. KDD-Cup Workshop. https://www.kaggle.com/c/kddcup2012-track1/data (2018). Accessed Nov 2018
  19. 19.
    Raad, E., Chbeir, R.: Privacy in online social networks. Security and Privacy Preserving in Social Networks. Springer, pp. 3–45, (2013)Google Scholar
  20. 20.
    Rathore, N.C., Tripathy, S.: A trust-based collaborative access control model with policy aggregation for online social networks. Soc. Net. Ana. Min. 7(1), 7 (2017)CrossRefGoogle Scholar
  21. 21.
    Rathore, S., Sharma, P.K., Loia, V., Jeong, Y.-S., Park, J.H.: Social network security: issues, challenges, threats, and solutions. Inf. Sci. 421, 43–69 (2017)CrossRefGoogle Scholar
  22. 22.
    Richthammer, C., Netter, M., Riesner, M., Sänger, J., Pernul, G.: Taxonomy of social network data types. EURASIP J. on Inf. Sec. 11, 1–17 (2014)Google Scholar
  23. 23.
    Ruan, Y., Durresi, A.: A survey of trust management systems for online social communities–trust modeling, trust inference and attacks. Knowl.-Based Syst. 106, 150–163 (2016)CrossRefGoogle Scholar
  24. 24.
    Sayaf, R., Clarke, D.: Access control models for online social networks. Social Network Engineering for Secure Web Data and Services. IGI Global 32–65 (2014)Google Scholar
  25. 25.
    Shehab, M., Cheek, G., Touati, H., Squicciarini, A.C., Cheng, P.-C.: Learning based access control in online social networks. Proceedings of the 19th international conference on World wide Web, pp.1179–1180, (2010)Google Scholar
  26. 26.
    Shekarpour, S., Katebi, S.: Modeling and evaluation of trust with an extension in semantic web. Web Semant. Sci. Serv. Agents World Wide Web. 8(1), 26–36 (2010)CrossRefGoogle Scholar
  27. 27.
    Sherchan, W., Nepal, S., Paris, C.: A survey of trust in social networks. ACM Computing Surveys (CSUR). 45(4), 47 (2013)CrossRefGoogle Scholar
  28. 28.
    Singh, S., Sidhu, J.: An approach for determining trustworthiness of individuals in a web-based social network. Arab. J. Sci. Eng. (Springer Science & Business Media BV). 41(2), 461–477 (2016)CrossRefGoogle Scholar
  29. 29.
    Stachowiak, A.: Uncertainty-preserving trust prediction in social networks. Social Networks: A Framework of Computational Intelligence, Springer, pp. 99–122, (2014)Google Scholar
  30. 30.
    Su, R., Zhang, Y., Fan, J., Wang, Y.: Application of fuzzy neural network in the trust-based access control model. 8th World Congress on Intelligent Control and Automation (WCICA), pp.1273–1276, (2010)Google Scholar
  31. 31.
    Sun, X., Wang, H., Li, J., Zhang, Y.: Injecting purpose and trust into data anonymisation. Computers & Security. 30(5), 332–345 (2011)CrossRefGoogle Scholar
  32. 32.
    Takalkar, V., Mahalle, P.N.: Trust-based access control in multi-role environment of online social networks. Wirel. Pers. Commun. 100(2), 391–399 (2018)CrossRefGoogle Scholar
  33. 33.
    Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. IEEE Trans. Knowl. Data Eng. 17(3), 425–436 (2005)CrossRefGoogle Scholar
  34. 34.
    Wang, H., Zhang, Y., Cao, J.: Effective collaboration with information sharing in virtual universities. IEEE Trans. Knowl. Data Eng. 21(6), 840–853 (2009)CrossRefGoogle Scholar
  35. 35.
    Wang, Y., Zhai, E., Lua, E.K., Hu, J., Chen, Z.: isac: intimacy based access control for social network sites. In: Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), pp. 517–524, (2012)Google Scholar
  36. 36.
    Yager, R.R., Zadeh, L.A.: An Introduction to Fuzzy Logic Applications in Intelligent Systems. Springer US, (1992)Google Scholar
  37. 37.
    Yin, G., Jiang, F., Cheng, S., Li, X., He, X.: Autrust: a practical trust measurement for adjacent users in social networks. Second International Conference on Cloud and Green Computing (CGC), pp.360–367, (2012)Google Scholar
  38. 38.
    Zhan, J., Fang, X.: A novel trust computing system for social networks. Privacy, security, Risk and Trust (PASSAT) and IEEE Third Inernational Conference on Social Computing (SocialCom), pp. 1284–1289, (2011)Google Scholar
  39. 39.
    Zhang, J., Tao, X., Wang, H.: Outlier detection from large distributed databases. World Wide Web. 17(4), 539–568 (2014)CrossRefGoogle Scholar
  40. 40.
    Zhao, K., Pan, L.: A machine learning based trust evaluation framework for online social networks. IEEE 13th international conference on trust, Security and Privacy in Computing and Communications (TrustCom), pp. 69–74, (2014)Google Scholar
  41. 41.
    Zhao, B., Xiao, C., Zhang, Y., Zhai, P., Wang, Z.: Assessment of recommendation trust for access control in open networks. Clust. Comput. 1–7 (2018)Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer Engineering, Central Tehran BranchIslamic Azad UniversityTehranIran

Personalised recommendations