| With the rapid development of Mobile Internet technologies, Social Network Service has become an essential part of people’s life nowadays. While users share their profiles and post plenty of content online, their private information is at risk. Therefore, it is necessary for researchers to come up with an efficient method to preserve user privacy in Online Social Networks. The current access control systems generally use relationship type and relationship length to make privacy configurations, which is not able to meet the requirements of privacy preserving. Considering that trust is an important measure of relationship between users and it corresponds to the privacy setting level, we take advantage of trust in the access control system. In this paper, a novel trust based privacy preserving mechanism is proposed.First of all, we deal with the issue of trust evaluation. It has been a popular research field of data mining and the aim is to extract trust information between users from social network data. Existed trust computation models try to quantify some trust related factors and express trust as a linear weighted sum of these factors. Since it is difficult to determine the influence that each factor has on trust, therefore the weight coefficient is uncertain. Moreover, the result might not be in accordance with the user’s subjective judgment and it is not straightforward to understand. Therefore in this paper, trust evaluation is defined as a classification problem and a machine learning based method is proposed as well as a complete trust evaluation framework. The experiment in real social networks has verified the feasibility and accuracy of the proposed framework.On the basis of trust evaluation framework, a trust based access control model with purpose and obligation involved is proposed for preserving privacy in online social networks. Firstly, the trust level criterion makes sure that any private information can be accessed only by trustworthy entities. Secondly, the purpose mechanism in our model analyzes the purposes of request and limit the usage of sensitive data according to the purpose for which the data is collected. Thirdly, the obligation module is able to enhance the privacy awareness of users. Apart from that, the concept of private information tree and private policy tree is raised. One piece of private information is broken into private information cells so that each cell is mapped with a combination rule of trust, purpose and obligation. Thus it improves the modularity of access control, information visibility and social network utility while protecting the sensitive part of data. In this paper, we illustrate the novel access control model in detail and describe the necessary algorithm with examples. The performance analysis is also given. As a conclusion, the proposed access control model preserves user privacy more effectively, friendly and completely. |
PDF Full Text Request