半去中心化的社交网访问控制方案

Semi-decentralization based access control mechanism for social networks

提出一种将社交网网络服务与用户的数据资源管理相分离的半去中心化的社交网隐私保护方案。通过对其直接好友颁布并保存到关系服务器上的关系声明来明确用户与其好友之间的关系类型,以关系类型和访问深度作为参数定义数据资源的访问控制规则,利用关系服务器验证访问请求者与资源拥有者之间的关系路径,将关系路径与访问控制规则进行比较以决定是否授权访问。实现了依据用户指定的关系类型和深度进行授权控制,进而保护了社交网中用户数据资源的隐私。

This paper presents a privacy preserving scheme based on semi-decentralization.In this scenario, social networks sites only provide basic application services while users＇ resources are managed by themselves in the client side.Users clarify the relationship types with their direct friends to the relationship server, authorized users are denoted in terms of relationship types and depth,relationship paths between owner and requestor are checked out by relationship server.Only the requestor who meets the access rules can grant access to a resource.Thus the users＇ resources privacy from unauthorized access is protected in social networks.