CooPeD: Co-owned Personal Data management Articles uri icon

publication date

  • November 2014

start page

  • 41

end page

  • 65

volume

  • 47

international standard serial number (ISSN)

  • 0167-4048

electronic international standard serial number (EISSN)

  • 1872-6208

abstract

  • With the spread of Web-Based Social Networks (WBSNs) managing access to data is a challenging matter. Providing personalized, fine-grained access control is essential to build trusted WBSNs. WBSNs data can be associated with owners and co-owners, namely users who upload the data and users who are linked to uploaded data respectively. Thus, a privacy-friendly WBSN must allow users the management of elements related to them. In this regard, CooPeD (Co-owned Personal Data management), a system that deals with co-ownership management of decomposable objects, is proposed. CooPeD is formed by a model and a mechanism. CooPeD is developed on the bases of SoNeUCON(ABC) usage control model. Particularly, an extension of SoNeUCON(ABC) is proposed to support co-ownership management by means of access control and administrative management. In CooPeD's mechanism objects, decomposed in parts, are attached to owners and co-owners who individually set their access control preferences. The evaluation of CooPeD consists of three parts. Firstly, a feasibility analysis for different architectures of CooPeD's model and mechanism, as well as of CooPeD's mechanism in Facebook is performed. Secondly, a prototype proves the feasibility of implementing CooPeD. Lastly, a survey study assesses the acceptance of CooPeD. (C) 2014 Elsevier Ltd. All rights reserved.

keywords

  • co-ownership management; web-based social networks; access control policies; privacy; trust; access-control model; recognition; policies; people