Exploiting Privacy Policy Conflicts in Online Social Networks
نویسندگان
چکیده
Online Social Networks (OSNs) offer access control mechanisms to protect users’ sensitive information from undesired accesses. Yet, their information is still vulnerable to disclosure when their friends assign conflicting privacy policies: a user prohibits everyone from accessing his own content or profile but his friends allow others to see it. OSNs tend to select Permit-Take-Precedence when resolving multiple conflicting policies so that the information is possibly exposed regardless of the information owner’s preference. In this paper, we confirm that specific types of information in real OSN services are under this circumstance. We then propose three attacking scenarios that reveal the hidden friend-lists, profiles, and posted messages on users’ OSN accounts, exploiting a target’s sensitive information. We finally discuss possible countermeasures in terms of both implementation and human behavior.
منابع مشابه
A centralized privacy-preserving framework for online social networks
There are some critical privacy concerns in the current online social networks (OSNs). Users' information is disclosed to different entities that they were not supposed to access. Furthermore, the notion of friendship is inadequate in OSNs since the degree of social relationships between users dynamically changes over the time. Additionally, users may define similar privacy settings for their f...
متن کاملAnalysis and Evaluation of Privacy Protection Behavior and Information Disclosure Concerns in Online Social Networks
Online Social Networks (OSN) becomes the largest infrastructure for social interactions like: making relationship, sharing personal experiences and service delivery. Nowadays social networks have been widely welcomed by people. Most of the researches about managing privacy protection within social networks sites (SNS), observes users as owner of their information. However, individuals cannot co...
متن کاملA Sudy on Information Privacy Issue on Social Networks
In the recent years, social networks (SN) are now employed for communication and networking, socializing, marketing, as well as one’s daily life. Billions of people in the world are connected though various SN platforms and applications, which results in generating massive amount of data online. This includes personal data or Personally Identifiable Information (PII). While more and more data a...
متن کاملArgumentation for Resolving Privacy Disputes in Online Social Networks: (Extended Abstract)
Preserving privacy of users in online social networks is important. Usually, users specify their privacy constraints and the online social network is expected to enforce them. However, many times a piece of content is related to a number of users, whose privacy constraints might be incompatible. For example, when a user shares a party photo, her privacy constraints are enforced on the picture b...
متن کاملNowhere to Hide: Navigating around Privacy in Online Social Networks
In this paper, we introduce a navigation privacy attack, where an external adversary attempts to find a target user by exploiting publicly visible attributes of intermediate users. If such an attack is successful, it implies that a user cannot hide simply by excluding himself from a central directory or search function. The attack exploits the fact that most attributes (such as place of residen...
متن کامل