Online Social Networks (OSN) have become a central means of communication and interaction between people around the world. The essence of privacy has been challenged through the past two decades as technological advances enabled benefits and social visibility to active members that share content in online communities. While OSN users share personal content with friends and colleagues, they are not always fully aware of the potential unintentional exposure of their information to various people including adversaries, social bots, fake users, spammers, or data-harvesters. Preventing this information leakage is a key objective of many security models developed for OSNs including Access Control, Relationship based models, Trust based models and Information Flow control. Following previous research, we assert that a combined approach is required to overcome the shortcoming of each model. In this research we present a new model to protect users' privacy. The basic model is composed of three main phases addressing three of its major aspects: trust, role-based access control and information flow. This model considers a user's sub-network and classifies the user's direct connections to roles. It relies on public information such as total number of friends, age of user account, and friendship duration to characterize the quality of the network connections. It also evaluates trust between a user and members of the user's network to estimate if these members are acquaintances or adversaries based on the paths of the information flow between them. The basic model has three main extensions: Analyzing the attack scenarios on the basic model and proposing modes for its defense, Refining the model by considering both the category and context of the Data instance, and the User profile and past actions regarding different contexts. And third, considering the GDPR regulations, the implementation of our model creates control of all personal data since its sharing is restricted by the secure network and cannot leak from it. Current work is done on the context part of its use case of Fake News prevention by detecting potentially problematic users that spread it.
Join at http://imt.lu/seminar