@inproceedings{93c6959d69204c7dbaf50607974e210d,
title = "Attribute-aware relationship-based access control for online social networks",
abstract = "Relationship-based access control (ReBAC) has been adopted as themost prominent approach for access control in online social networks (OSNs), where authorization policies are typically specified in terms of relationships of certain types and/or depth between the access requester and the target. However, using relationships alone is often not sufficient to enforce various security and privacy requirements that meet the expectation fromtoday'sOSN users. In thiswork, we integrate attribute-based policies into relationship-based access control. The proposed attribute-aware Re-BAC enhances access control capability and allows finer-grained controls that are not available in ReBAC. The policy specification language for the user-to-user relationship-based access control (UURAC) model proposed in [6] is extended to enable such attribute-aware access control. We also present an enhanced path-checking algorithm to determine the existence of the required attributes and relationships in order to grant access.",
keywords = "Access Control, Attribute, Social Networks",
author = "Yuan Cheng and Jaehong Park and Ravi Sandhu",
year = "2014",
doi = "10.1007/978-3-662-43936-4_19",
language = "English",
isbn = "9783662439357",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "292--306",
booktitle = "Data and Applications Security and Privacy XXVIII - 28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Proceedings",
address = "Germany",
note = "28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014 ; Conference date: 14-07-2014 Through 16-07-2014",
}