Abstract | ||
---|---|---|
With the widespread adoption of Online Social Networks (OSNs), users increasingly also use corresponding third-party applications (TPAs), such as social games and applications for collaboration. To improve their social experience, TPAs access users' personal data via an API provided by the OSN. Applications are then expected to comply with certain security and privacy policies when handling the users' data. However, in practice, they might store, use, and distribute that data in all kinds of unapproved ways. We present an approach that transparently enforces security and privacy policies on TPAs that integrate with OSNs. To this end, we integrate concepts and implementations from the research areas of data usage control and information flow control. We instantiate these results in the context of TPAs in OSNs in order to enforce compliance with security and privacy policies that are provided by the OSN operator. We perform a preliminary evaluation of our approach on the basis of a TPA that integrates with the Facebook API. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1109/SPW.2016.13 | 2016 IEEE Security and Privacy Workshops (SPW) |
Keywords | Field | DocType |
online social networks,third-party applications,privacy policies,compliance,data usage control | Information flow (information theory),Internet privacy,Social network,Computer security,Computer science,Privacy policy,Implementation,Third party,Information privacy,Social games,Compliance Monitoring | Conference |
ISBN | Citations | PageRank |
978-1-5090-3691-2 | 0 | 0.34 |
References | Authors | |
14 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Florian Kelbert | 1 | 0 | 0.68 |
Alexander Fromm | 2 | 4 | 1.09 |