CooPeD: Co-owned Personal Data management Articles
- COMPUTERS & SECURITY Journal
- November 2014
Digital Object Identifier (DOI)
International Standard Serial Number (ISSN)
Electronic International Standard Serial Number (EISSN)
- With the spread of Web-Based Social Networks (WBSNs) managing access to data is a challenging matter. Providing personalized, fine-grained access control is essential to build trusted WBSNs. WBSNs data can be associated with owners and co-owners, namely users who upload the data and users who are linked to uploaded data respectively. Thus, a privacy-friendly WBSN must allow users the management of elements related to them. In this regard, CooPeD (Co-owned Personal Data management), a system that deals with co-ownership management of decomposable objects, is proposed. CooPeD is formed by a model and a mechanism. CooPeD is developed on the bases of SoNeUCON(ABC) usage control model. Particularly, an extension of SoNeUCON(ABC) is proposed to support co-ownership management by means of access control and administrative management. In CooPeD's mechanism objects, decomposed in parts, are attached to owners and co-owners who individually set their access control preferences. The evaluation of CooPeD consists of three parts. Firstly, a feasibility analysis for different architectures of CooPeD's model and mechanism, as well as of CooPeD's mechanism in Facebook is performed. Secondly, a prototype proves the feasibility of implementing CooPeD. Lastly, a survey study assesses the acceptance of CooPeD. (C) 2014 Elsevier Ltd. All rights reserved.
- co-ownership management; web-based social networks; access control policies; privacy; trust; access-control model; recognition; policies; people