An Access Control Model for Online Social
Networks Using User-to-User Relationships
ABSTRACT
Users and resources in online social networks (OSNs) are interconnected via various types of relationships. In particular, user-to-user relationships form the basis of the OSN structure, and play a significant role in specifying and enforcing access control. Individual users and the OSN provider should be enabled to specify which access can be granted in terms of existing relationships. In this paper, we propose a novel user-to-user relationship-based access control (UURAC) model for OSN systems that utilizes regular expression notation for such policy specification. Access control policies on users and resources are composed in terms of requested action, multiple relationship types, the starting point of the evaluation, and the number of hops on the path. We present two path checking algorithms to determine whether the required relationship path between users for a given access request exists. We validate the feasibility of our approach by implementing a prototype system and evaluating the performance of these two algorithms. Index Terms—Social network, access control, security model, policy specification.
EXISTING SYSTEM
Privacy preservation is a significant research issue in social networking. The social networking platforms are extended into the mobile environment, users require more extensive privacy-preservation because they are unfamiliar with the neighbors in close vicinity who may store, and correlate their personal information at different time periods and locations. Once the personal information is correlated to the location information, the behavior of users will be completely disclosed to the public. The content-sharing applications, all of which provide no feedback or control mechanisms to users and may cause inappropriate location and identity information disclosure. To overcome the privacy violation in MSNs, many privacy enhancing techniques have been adopted into the MSN applications.
PROPOSED SYSTEM
We first propose an explicit Comparison-based depth first serach (DFS) which runs between two parties, an initiator and a responder. The DFS enables the initiator to obtain the comparison-based matching result about a specified attribute in their profiles, while preventing their attribute values from disclosure. We then propose an implicit Comparison-based depth first search(DFS) which allows the initiator to directly obtain some messages instead of the comparison result from the responder. The messages unrelated to user profile can be divided into multiple categories by the responder. The initiator implicitly chooses the interested category which is unknown to the responder. Two messages in each category are prepared by the responder, and only one message can be obtained by the initiator according to the comparison result on a single attribute. We further generalize the iDFS to an implicit Predicate-based breath fist search BFS Profile Matching protocol which allows complex comparison criteria spanning multiple attributes. The anonymity analysis shows all these protocols achieve the confidentiality of user profiles. In addition, the DFS reveals the comparison result to the initiator and provides only conditional anonymity; the iDFSand the iBFS do not reveal the result at all and provide full anonymity. We analyze the communication overhead and the anonymity strength of the protocols.
FEATURES:
1. To share the good information our friends.
2. Maintain good relationship. Get and provide the good air condition among the world wide. .
3. Easy to communicate and create a new organization for the particular .
4. Number of people following the individual acitvity. It helps us to your nearest member thing differently and shares the message to everyone.
IMPLEMENTATION
Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most critical stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.
The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to achieve changeover and evaluation of changeover methods.
Modules:
Number of Modules
After careful analysis the system has been identified to have the following modules:
- Mobile Social Networking Module.
- Depth first search(DFS)Module.
- Breath first search (BFS) Module.
- Privacy PreservingModule.
1. Mobile Social Networking Module:
The MSNs support many promising and novel applications. In the MSNs, users are able to not only surf the Internet but also communicate with peers in close vicinity using short-range wireless communications Realizing the potential benefits brought by the MSNs, recent research efforts have been put on how to improve the effectiveness and efficiency of the communications among the MSN users. They developed specialized data routing and forwarding protocols associated with the social features exhibited from the behavior of users, such as, social friendship, social selfishness, and social morality.
2.Depth first search(DFS)Module.
Attribute, the DFS allows the initiator to know the comparison result, i.e., whether it has a larger, equal, or smaller value than the responder on the attribute. Due to the exposure of the comparison result, user profile will be leaked and linked in some conditions. We provide a numerical analysis on the conditional anonymity of the DFS. We study the anonymity risk level in relation to the pseudonym change for the consecutive DFS runs.
3. Breath first search (BFS) Module.
We propose the BFS, the responder prepares multiple categories of messages where two messages are generated for each category. The initiator can obtain only one message related to one category for each run. During the protocol, the responder is unable to know the category of the initiator’s interest. To receive which message in the category is dependent on the comparison result on a specified attribute. The responder does not know which message the initiator receives, while the initiator cannot derive the comparison result from the received message. We provide an analysis of the effectiveness of the iBFS, and show that the iBFS achieves full anonymity.
4. Privacy Preserving Module:
Privacy preservation is a significant research issue in social networking. Since more personalized information is shared with the public, violating the privacy of a target user become much easier. We propose three different protocols with different anonymity levels. For the DFS with conditional anonymity, we provide detailed anonymity analysis and show the relation between pseudonym change and anonymity variation. For the DFS and the BFS with full anonymity, we show that the use of these protocols does not affect user anonymity level and users are able to completely preserve their privacy.
SOFTWARE REQUIREMENTS:
Operating System: Windows
Technology: Java and J2EE
Web Technologies: Html, JavaScript, CSS
IDE: Macromedia Dreamweaver MX
Web Server: Tomcat
Tool kit : Android Phone
Database: My SQL
Java Version : J2SDK1.5
HARDWARE REQUIREMENTS:
Hardware : Pentium
Speed : 1.1 GHz
RAM : 2GB
Hard Disk : 20 GB
Floppy Drive : 1.44 MB
Key Board : Standard Windows Keyboard
Mouse : Two or Three Button Mouse
Monitor : SVGA
CONCLUSION
In this paper, we proposed a UURAC model and a regular expression based policy specification language. We provided DFS-based and BFS-based path checking algorithms and analyzed the complexity for the algorithms. We demonstrated the feasibility of our approach by discussing a proof-of-concept implementation of both algorithms, followed by the evaluation results. We believe the proposed model in this paper provides a solid foundation for more advanced ReBAC solutions in the future. We have extended this work to a new model, namely URRAC, which exploits user to- resource and resource-to-resource relationships as well. We have also proposed an attribute-aware UURAC model that incorporates attribute-based policies to ReBAC .