A semantic access control model for online social networks

Abstract

Online Social Networks (OSNs) are very popular and users share various information in these networks. To protect these resources from unauthorized access, these frameworks must support flexible access control mechanisms. Semantic technology provides new opportunities for this purpose. This paper proposes a Prioritized Ontology-Based Access Control (POBAC) model for protecting users' information in OSNs. In POBAC, Description Logic (DL) is used for modeling of security-related information in social networks as an ontology and MKNF+ rules are used for specification of system's and users' access control policies. Using MKNF+, we can utilize non-monotonic inference (i.e., closed-world reasoning) in the access control procedure. Furthermore, users are able to define their access control rules, exceptions, and default policies. The potential conflict among different access control rules defined by users and the system is another problem, which is resolved in POBAC by considering priority levels for rules in a logical manner. Logical foundation of the model dedicates accuracy, expressiveness, and inference (of implicit access rules from the explicit ones) to the model and thus decreases the risk of sharing information in OSNs. The expressive power of the model is demonstrated through a case study.