CooPeD

AbstractWith the spread of Web-Based Social Networks (WBSNs) managing access to data is a challenging matter. Providing personalized, fine-grained access control is essential to build trusted WBSNs. WBSNs data can be associated with owners and co-owners, namely users who upload the data and users who are linked to uploaded data respectively. Thus, a privacy-friendly WBSN must allow users the management of elements related to them. In this regard, CooPeD (Co-owned Personal Data management), a system that deals with co-ownership management of decomposable objects, is proposed. CooPeD is formed by a model and a mechanism. CooPeD is developed on the bases of SoNeUCONABC usage control model. Particularly, an extension of SoNeUCONABC is proposed to support co-ownership management by means of access control and administrative management. In CooPeD's mechanism objects, decomposed in parts, are attached to owners and co-owners who individually set their access control preferences. The evaluation of CooPeD consists of three parts. Firstly, a feasibility analysis for different architectures of CooPeD's model and mechanism, as well as of CooPeD's mechanism in Facebook is performed. Secondly, a prototype proves the feasibility of implementing CooPeD. Lastly, a survey study assesses the acceptance of CooPeD.