TY - JOUR
T1 - Trusted Online Social Network (OSN) services with optimal data management
AU - Park, Joon S.
AU - Kwiat, Kevin A.
AU - Kamhoua, Charles A.
AU - White, Jonathan
AU - Kim, Sookyung
N1 - Funding Information:
Joon S. Park is an associate professor at the School of Information Studies (iSchool), Syracuse University, Syracuse, New York, USA. Over the past decades Prof. Park has been involved with theoretical/practical research and education in information and systems security. He is Syracuse University's Point of Contact (POC) at the Center of Academic Excellence (CAE) in Information Assurance (IA), which is designated by the National Security Agency (NSA) and the Department of Homeland Security (DHS), both for Education and Research, respectively. He has served as the founding director of the Certificate of Advanced Study (CAS) in Information Security Management (ISM) at the Syracuse iSchool (2003–2013). During his extended sabbatical (Fall 2011–Summer 2013), his research on cybersecurity has been sponsored by the US National Research Council (NRC), National Academies, as an NRC Fellow.
Funding Information:
Jonathan White is the Director of Computer Engineering at Harding University in Searcy, Arkansas. He is also an Assistant Professor of Engineering and Physics and teaches classes in electronics, telecommunications, and discrete mathematics. His research interests include mobile and cloud computing, low power circuit design, computer cyber security, honeytokens, and green computing. He is a Fulbright scholar and has traveled to Ukraine and China to give invited lectures on foreign campuses. His research has been funded by the Air Force Office of Scientific Research and Google. He was recently a summer visiting faculty fellow at the Rome Research Laboratory in Rome, New York. He has also recently received his Professional Engineer (PE) license in electrical engineering. Dr. White is originally from Danville, Illinois and he did his graduate work at the University of Arkansas in Fayetteville.
Funding Information:
This research was performed in part while Dr. Joon S. Park held a National Research Council (NRC) Research Associateship (RAP) Award at the U.S. Air Force Research Laboratory (AFRL), Rome, New York, USA. This research was supported by the Air Force Office of Scientific Research (AFOSR).
PY - 2014/5
Y1 - 2014/5
N2 - Online Social Network (OSN) services have rapidly grown into a wide network and offer users a variety of benefits. However, they also bring new threats and privacy issues to the community. Unfortunately, there are attackers that attempt to expose OSN users' private information or conceal the information that the user desire to share with other users. Therefore, in this research we develop a framework that can provide trusted data management in OSN services. We first define the data types in OSN services and the states of shared data with respect to Optimal, Under-shared, Over-shared, and Hybrid states. We also identify the facilitating, detracting, and preventive parameters that are responsible for the state transition of the data. In a reliable OSN service, we address that a user should be able to set up his or her desired level of information sharing with a certain group of other users. However, it is not always clear to the ordinary users how to determine how much information they should reveal to others. In order to support such a decision, we propose an approach for helping OSN users to determine their optimum levels of information sharing, taking into consideration the payoffs (potential Reward or Cost) based on the Markov decision process (MDP). As an extension of the MDP-based approach, we also introduce a game theoretic approach, considering the interactions of OSN users and attackers with conflicting interests whose decisions affect each other's. Finally, after developing the framework for the optimal data sharing on OSNs, we conduct several experiments with attack simulation based on the proposed ideas and discuss the results. Our proposed approach has the capability to allow a large amount of variables to be altered to suit particular setups that an organization might have.
AB - Online Social Network (OSN) services have rapidly grown into a wide network and offer users a variety of benefits. However, they also bring new threats and privacy issues to the community. Unfortunately, there are attackers that attempt to expose OSN users' private information or conceal the information that the user desire to share with other users. Therefore, in this research we develop a framework that can provide trusted data management in OSN services. We first define the data types in OSN services and the states of shared data with respect to Optimal, Under-shared, Over-shared, and Hybrid states. We also identify the facilitating, detracting, and preventive parameters that are responsible for the state transition of the data. In a reliable OSN service, we address that a user should be able to set up his or her desired level of information sharing with a certain group of other users. However, it is not always clear to the ordinary users how to determine how much information they should reveal to others. In order to support such a decision, we propose an approach for helping OSN users to determine their optimum levels of information sharing, taking into consideration the payoffs (potential Reward or Cost) based on the Markov decision process (MDP). As an extension of the MDP-based approach, we also introduce a game theoretic approach, considering the interactions of OSN users and attackers with conflicting interests whose decisions affect each other's. Finally, after developing the framework for the optimal data sharing on OSNs, we conduct several experiments with attack simulation based on the proposed ideas and discuss the results. Our proposed approach has the capability to allow a large amount of variables to be altered to suit particular setups that an organization might have.
KW - OSNs
KW - Online social networks
KW - Privacy protection
KW - Security
KW - Trusted data management
UR - http://www.scopus.com/inward/record.url?scp=84896796376&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84896796376&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2014.02.004
DO - 10.1016/j.cose.2014.02.004
M3 - Article
AN - SCOPUS:84896796376
SN - 0167-4048
VL - 42
SP - 116
EP - 136
JO - Computers and Security
JF - Computers and Security
ER -