2013
Carminati, Barbara; Ferrari, Elena; Guglielmi, Michele
Controlled information sharing for unspecified emergencies Proceedings Article
In: Crispo, Bruno; Sandhu, Ravi S; -, Nora Cuppens; Conti, Mauro; -, Jean (Ed.): 2013 International Conference on Risks and Security of Internet and Systems (CRiSIS), La Rochelle, France, October 23-25, 2013, pp. 1–8, IEEE Computer Society, 2013.
@inproceedings{DBLP:conf/crisis/CarminatiFG13,
title = {Controlled information sharing for unspecified emergencies},
author = {Barbara Carminati and Elena Ferrari and Michele Guglielmi},
editor = {Bruno Crispo and Ravi S Sandhu and Nora Cuppens - and Mauro Conti and Jean -},
url = {https://doi.org/10.1109/CRiSIS.2013.6766356},
doi = {10.1109/CRiSIS.2013.6766356},
year = {2013},
date = {2013-01-01},
booktitle = {2013 International Conference on Risks and Security of Internet and
Systems (CRiSIS), La Rochelle, France, October 23-25, 2013},
pages = {1--8},
publisher = {IEEE Computer Society},
abstract = {During emergency situations a key requirement is information sharing. If emergencies are known a-priori, it is possible to specify them using emergency policies, modeling the extra sharing needs usually arising during emergencies. However, there are many situations where emergencies can be unspecified and yet they require a timely information sharing. Therefore, in this paper, we present an extended model which is able to deal with such emergencies. The idea is to open the system to some controlled violations, i.e., those denied access requests that signal the occurrence of an unspecified emergency. We have defined measures to determine whether a denied access request represents an information need for an unspecified emergency or the risk of an attempted abuse, and we have carried out experiments to verify the effectiveness of the proposed measures comparing them with a human-based evaluation.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
During emergency situations a key requirement is information sharing. If emergencies are known a-priori, it is possible to specify them using emergency policies, modeling the extra sharing needs usually arising during emergencies. However, there are many situations where emergencies can be unspecified and yet they require a timely information sharing. Therefore, in this paper, we present an extended model which is able to deal with such emergencies. The idea is to open the system to some controlled violations, i.e., those denied access requests that signal the occurrence of an unspecified emergency. We have defined measures to determine whether a denied access request represents an information need for an unspecified emergency or the risk of an attempted abuse, and we have carried out experiments to verify the effectiveness of the proposed measures comparing them with a human-based evaluation.
Carminati, Barbara; Ferrari, Elena; Guglielmi, Michele
SHARE: Secure information sharing framework for emergency management Proceedings Article
In: Jensen, Christian S; Jermaine, Christopher M; Zhou, Xiaofang (Ed.): 29th IEEE International Conference on Data Engineering, ICDE 2013, Brisbane, Australia, April 8-12, 2013, pp. 1336–1339, IEEE Computer Society, 2013.
@inproceedings{DBLP:conf/icde/CarminatiFG13,
title = {SHARE: Secure information sharing framework for emergency management},
author = {Barbara Carminati and Elena Ferrari and Michele Guglielmi},
editor = {Christian S Jensen and Christopher M Jermaine and Xiaofang Zhou},
url = {https://doi.org/10.1109/ICDE.2013.6544938},
doi = {10.1109/ICDE.2013.6544938},
year = {2013},
date = {2013-01-01},
booktitle = {29th IEEE International Conference on Data Engineering, ICDE 2013,
Brisbane, Australia, April 8-12, 2013},
pages = {1336--1339},
publisher = {IEEE Computer Society},
abstract = {9/11, Katrina, Fukushima and other recent emergencies demonstrate the need for effective information sharing across government agencies as well as non-governmental and private organizations to assess emergency situations, and generate proper response plans. In this demo, we present a system to enforce timely and controlled information sharing in emergency situations. The framework is able to detect emergencies, enforce temporary access control policies and obligations to be activated during emergencies, simulate emergency situations for demonstrational purposes and show statistical results related to emergency activation/deactivation and consequent access control policies triggering.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
9/11, Katrina, Fukushima and other recent emergencies demonstrate the need for effective information sharing across government agencies as well as non-governmental and private organizations to assess emergency situations, and generate proper response plans. In this demo, we present a system to enforce timely and controlled information sharing in emergency situations. The framework is able to detect emergencies, enforce temporary access control policies and obligations to be activated during emergencies, simulate emergency situations for demonstrational purposes and show statistical results related to emergency activation/deactivation and consequent access control policies triggering.
Carminati, Barbara; Ferrari, Elena; Tran, Ngoc Hong
Enforcing Trust Preferences in Mobile Person-to-Person Payments Proceedings Article
In: International Conference on Social Computing, SocialCom 2013, SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013, Washington, DC, USA, 8-14 September, 2013, pp. 429–434, IEEE Computer Society, 2013.
@inproceedings{DBLP:conf/socialcom/CarminatiFT13,
title = {Enforcing Trust Preferences in Mobile Person-to-Person Payments},
author = {Barbara Carminati and Elena Ferrari and Ngoc Hong Tran},
url = {https://doi.org/10.1109/SocialCom.2013.67},
doi = {10.1109/SocialCom.2013.67},
year = {2013},
date = {2013-01-01},
booktitle = {International Conference on Social Computing, SocialCom 2013, SocialCom/PASSAT/BigData/EconCom/BioMedCom
2013, Washington, DC, USA, 8-14 September, 2013},
pages = {429--434},
publisher = {IEEE Computer Society},
abstract = {The technological advancements in Internet speeds, increased computing power and smart phones have pushed the rise of new digital methods supporting mobile person-to-person (P2P) payments. Despite the growing interest in these new methods, we believe that, to fully enable this increasing rise of digital wallets, there is the need for tools helping a person in judging the risk of a money transfer. For this purpose, this paper aims at exploiting social network connections. This is achieved by making payers/payees able to state their trust preferences with respect to the potential payees/payers. Trust preference evaluation requires to find social connections between a payer and a payee across, possible, different social network realms. We therefore propose a light cryptography protocol, specifically targeted to mobile P2P payments, that besides providing good performance, ensures user information privacy.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
The technological advancements in Internet speeds, increased computing power and smart phones have pushed the rise of new digital methods supporting mobile person-to-person (P2P) payments. Despite the growing interest in these new methods, we believe that, to fully enable this increasing rise of digital wallets, there is the need for tools helping a person in judging the risk of a money transfer. For this purpose, this paper aims at exploiting social network connections. This is achieved by making payers/payees able to state their trust preferences with respect to the potential payees/payers. Trust preference evaluation requires to find social connections between a payer and a payee across, possible, different social network realms. We therefore propose a light cryptography protocol, specifically targeted to mobile P2P payments, that besides providing good performance, ensures user information privacy.
Ferrari, Elena; Viviani, Marco
Privacy in Social Collaboration Book Section
In: Michelucci, Pietro (Ed.): Handbook of Human Computation, pp. 857–878, Springer, 2013.
@incollection{DBLP:reference/sp/FerrariV13,
title = {Privacy in Social Collaboration},
author = {Elena Ferrari and Marco Viviani},
editor = {Pietro Michelucci},
url = {https://doi.org/10.1007/978-1-4614-8806-4_70},
doi = {10.1007/978-1-4614-8806-4_70},
year = {2013},
date = {2013-01-01},
booktitle = {Handbook of Human Computation},
pages = {857--878},
publisher = {Springer},
abstract = {With the expression social collaboration we refer to the processes of helping multiple people to interact and share information in order to achieve common goals. Nowadays, collaboration and social dissemination of information are facilitated by the Internet and Social Network Services (SNS). The reliance of social collaboration on SNS might seem surprising given the differences between their group-centric and individual-centric views. In particular, social collaboration services focus on group activities, identifying groups and collaboration spaces in which messages are explicitly directed at the group and the group activity feed is seen the same way by everyone. In contrast, social networking services generally focus on single personalized activities, sharing messages in a more-or-less undirected way and receiving messages from many sources into a single personalized activity feed.},
keywords = {},
pubstate = {published},
tppubtype = {incollection}
}
With the expression social collaboration we refer to the processes of helping multiple people to interact and share information in order to achieve common goals. Nowadays, collaboration and social dissemination of information are facilitated by the Internet and Social Network Services (SNS). The reliance of social collaboration on SNS might seem surprising given the differences between their group-centric and individual-centric views. In particular, social collaboration services focus on group activities, identifying groups and collaboration spaces in which messages are explicitly directed at the group and the group activity feed is seen the same way by everyone. In contrast, social networking services generally focus on single personalized activities, sharing messages in a more-or-less undirected way and receiving messages from many sources into a single personalized activity feed.
Lucia, William; Akcora, Cuneyt Gurcan; Ferrari, Elena
Multi-dimensional Conversation Analysis across Online Social Networks Journal Article
In: CoRR, vol. abs/1312.6756, 2013.
@article{DBLP:journals/corr/LuciaAF13,
title = {Multi-dimensional Conversation Analysis across Online Social Networks},
author = {William Lucia and Cuneyt Gurcan Akcora and Elena Ferrari},
url = {http://arxiv.org/abs/1312.6756},
year = {2013},
date = {2013-01-01},
journal = {CoRR},
volume = {abs/1312.6756},
abstract = {With the advance of the Internet, ordinary users have created multiple personal accounts on online social networks, and interactions among these social network users have recently been tagged with location information. In this work, we observe user interactions across two popular online social networks, Facebook and Twitter, and analyze which factors lead to retweet/like interactions for tweets/posts. In addition to the named entities, lexical errors and expressed sentiments in these data items, we also consider the impact of shared user locations on user interactions. In particular, we show that geolocations of users can greatly affect which social network post/tweet will be liked/ retweeted. We believe that the results of our analysis can help researchers to understand which social network content will have better visibility.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With the advance of the Internet, ordinary users have created multiple personal accounts on online social networks, and interactions among these social network users have recently been tagged with location information. In this work, we observe user interactions across two popular online social networks, Facebook and Twitter, and analyze which factors lead to retweet/like interactions for tweets/posts. In addition to the named entities, lexical errors and expressed sentiments in these data items, we also consider the impact of shared user locations on user interactions. In particular, we show that geolocations of users can greatly affect which social network post/tweet will be liked/ retweeted. We believe that the results of our analysis can help researchers to understand which social network content will have better visibility.
2012
Carminati, Barbara; Ferrari, Elena; Perego, Andrea
A multi-layer framework for personalized social tag-based applications Journal Article
In: Data Knowl. Eng., vol. 79-80, pp. 62–86, 2012.
@article{DBLP:journals/dke/CarminatiFP12,
title = {A multi-layer framework for personalized social tag-based applications},
author = {Barbara Carminati and Elena Ferrari and Andrea Perego},
url = {https://doi.org/10.1016/j.datak.2012.06.002},
doi = {10.1016/j.datak.2012.06.002},
year = {2012},
date = {2012-01-01},
journal = {Data Knowl. Eng.},
volume = {79-80},
pages = {62--86},
abstract = {Recent years have seen an increasing diffusion of online communities giving their members the ability of specifying and sharing metadata concerning online resources. Such practice, also known as social or collaborative tagging, has the purpose of collecting and sharing opinions about Web resources and simplifying their retrieval. In this paper, we go one step further and show how tags can have more enhanced applications to be exploited for customizing Web content fruition. More precisely, we propose a multi-layer framework where data collected by social tagging communities are complemented with additional services. Such services provide users the ability of expressing their dis/agreement with existing tags, denoting the members they trust based on their characteristics and relationships, or specifying policies on which “quality” assessment of resources should be returned. Besides providing the formal specification of the proposed framework, we illustrate two case studies we have implemented and the experiments we have carried out in order to verify the feasibility of our approach.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Recent years have seen an increasing diffusion of online communities giving their members the ability of specifying and sharing metadata concerning online resources. Such practice, also known as social or collaborative tagging, has the purpose of collecting and sharing opinions about Web resources and simplifying their retrieval. In this paper, we go one step further and show how tags can have more enhanced applications to be exploited for customizing Web content fruition. More precisely, we propose a multi-layer framework where data collected by social tagging communities are complemented with additional services. Such services provide users the ability of expressing their dis/agreement with existing tags, denoting the members they trust based on their characteristics and relationships, or specifying policies on which “quality” assessment of resources should be returned. Besides providing the formal specification of the proposed framework, we illustrate two case studies we have implemented and the experiments we have carried out in order to verify the feasibility of our approach.
Ferrari, Elena; Thuraisingham, Bhavani M
Guest Editors' Introduction: Special Section on Data and Applications Security and Privacy Journal Article
In: IEEE Trans. Dependable Secur. Comput., vol. 9, no. 5, pp. 625–626, 2012.
@article{DBLP:journals/tdsc/FerrariT12,
title = {Guest Editors' Introduction: Special Section on Data and Applications
Security and Privacy},
author = {Elena Ferrari and Bhavani M Thuraisingham},
url = {https://doi.org/10.1109/TDSC.2012.58},
doi = {10.1109/TDSC.2012.58},
year = {2012},
date = {2012-01-01},
journal = {IEEE Trans. Dependable Secur. Comput.},
volume = {9},
number = {5},
pages = {625--626},
abstract = {The four papers in this special section focus on the latest advancements in data and application systems in the information security and privacy industry.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The four papers in this special section focus on the latest advancements in data and application systems in the information security and privacy industry.
Kveler, Ksenya; Bock, Kirsten; Colombo, Pietro; Domany, Tamar; Ferrari, Elena; Hartman, Alan
Conceptual Framework and Architecture for Privacy Audit Proceedings Article
In: Preneel, Bart; Ikonomou, Demosthenes (Ed.): Privacy Technologies and Policy - First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers, pp. 17–40, Springer, 2012.
@inproceedings{DBLP:conf/apf/KvelerBCDFH12,
title = {Conceptual Framework and Architecture for Privacy Audit},
author = {Ksenya Kveler and Kirsten Bock and Pietro Colombo and Tamar Domany and Elena Ferrari and Alan Hartman},
editor = {Bart Preneel and Demosthenes Ikonomou},
url = {https://doi.org/10.1007/978-3-642-54069-1_2},
doi = {10.1007/978-3-642-54069-1_2},
year = {2012},
date = {2012-01-01},
booktitle = {Privacy Technologies and Policy - First Annual Privacy Forum, APF
2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers},
volume = {8319},
pages = {17--40},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
abstract = {Many ICT applications involve the collection of personal information or in-formation on the behaviour of customers, users, employees, citizens, or pa-tients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamental data protection goals (DPG): availability, integrity, confidentiality, transpar-ency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design re-quirements and widely accepted certification criteria. We also describe a nov-el conceptual framework and architecture for defining comprehensive priva-cy compliance metrics and providing assessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.Many ICT applications involve the collection of personal information or in-formation on the behaviour of customers, users, employees, citizens, or pa-tients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamental data protection goals (DPG): availability, integrity, confidentiality, transpar-ency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design re-quirements and widely accepted certification criteria. We also describe a nov-el conceptual framework and architecture for defining comprehensive priva-cy compliance metrics and providing assessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Many ICT applications involve the collection of personal information or in-formation on the behaviour of customers, users, employees, citizens, or pa-tients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamental data protection goals (DPG): availability, integrity, confidentiality, transpar-ency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design re-quirements and widely accepted certification criteria. We also describe a nov-el conceptual framework and architecture for defining comprehensive priva-cy compliance metrics and providing assessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.Many ICT applications involve the collection of personal information or in-formation on the behaviour of customers, users, employees, citizens, or pa-tients. The organisations that collect this data need to manage the privacy of these individuals. In many organisations there are insufficient data protection measures and a low level of trust among those whose data are concerned. It is often difficult and burdensome for organisations to prove privacy compliance and accountability especially in situations that cross national boundaries and involve a number of different legal systems governing privacy. In response to these obstacles, we describe instruments facilitating accountability, audit, and meaningful certification. These instruments are based on a set of fundamental data protection goals (DPG): availability, integrity, confidentiality, transpar-ency, intervenability, and unlinkability. By using the data protection goals instead of focusing on fragmented national privacy regulations, a well defined set of privacy metrics can be identified recognising privacy by design re-quirements and widely accepted certification criteria. We also describe a nov-el conceptual framework and architecture for defining comprehensive priva-cy compliance metrics and providing assessment tools for ICT applications and services using as much automation as possible. The proposed metrics and tools will identify gaps, provide clear suggestions and will assist audit and certification to support informed decisions on the trustworthiness of ICT for citizens and businesses.
Colombo, Pietro; Ferrari, Elena
Towards a framework to handle privacy since the early phases of the development: Strategies and open challenges Proceedings Article
In: 6th IEEE International Conference on Digital Ecosystems and Technologies, DEST 2012, Campione d'Italia, Italy, June 18-20, 2012, pp. 1–6, IEEE, 2012.
@inproceedings{DBLP:conf/dest/ColomboF12,
title = {Towards a framework to handle privacy since the early phases of the
development: Strategies and open challenges},
author = {Pietro Colombo and Elena Ferrari},
url = {https://doi.org/10.1109/DEST.2012.6227953},
doi = {10.1109/DEST.2012.6227953},
year = {2012},
date = {2012-01-01},
booktitle = {6th IEEE International Conference on Digital Ecosystems and Technologies,
DEST 2012, Campione d'Italia, Italy, June 18-20, 2012},
pages = {1--6},
publisher = {IEEE},
abstract = {Although almost any software application processes personal data, effective development frameworks that properly handle privacy are still missing. This work makes a step to fill this void. This paper investigates requirements and development strategies of a privacy-preserving development framework that deals with privacy since the early phases of the development.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Although almost any software application processes personal data, effective development frameworks that properly handle privacy are still missing. This work makes a step to fill this void. This paper investigates requirements and development strategies of a privacy-preserving development framework that deals with privacy since the early phases of the development.
Akcora, Cuneyt Gurcan; Carminati, Barbara; Ferrari, Elena
Privacy in Social Networks: How Risky is Your Social Graph? Proceedings Article
In: Kementsietsidis, Anastasios; Salles, Marcos Antonio Vaz (Ed.): IEEE 28th International Conference on Data Engineering (ICDE 2012), Washington, DC, USA (Arlington, Virginia), 1-5 April, 2012, pp. 9–19, IEEE Computer Society, 2012.
@inproceedings{DBLP:conf/icde/AkcoraCF12,
title = {Privacy in Social Networks: How Risky is Your Social Graph?},
author = {Cuneyt Gurcan Akcora and Barbara Carminati and Elena Ferrari},
editor = {Anastasios Kementsietsidis and Marcos Antonio Vaz Salles},
url = {https://doi.org/10.1109/ICDE.2012.99},
doi = {10.1109/ICDE.2012.99},
year = {2012},
date = {2012-01-01},
booktitle = {IEEE 28th International Conference on Data Engineering (ICDE 2012),
Washington, DC, USA (Arlington, Virginia), 1-5 April, 2012},
pages = {9--19},
publisher = {IEEE Computer Society},
abstract = {Several efforts have been made for more privacy aware Online Social Networks (OSNs) to protect personal data against various privacy threats. However, despite the relevance of these proposals, we believe there is still the lack of a conceptual model on top of which privacy tools have to be designed. Central to this model should be the concept of risk. Therefore, in this paper, we propose a risk measure for OSNs. The aim is to associate a risk level with social network users in order to provide other users with a measure of how much it might be risky, in terms of disclosure of private information, to have interactions with them. We compute risk levels based on similarity and benefit measures, by also taking into account the user risk attitudes. In particular, we adopt an active learning approach for risk estimation, where user risk attitude is learned from few required user interactions. The risk estimation process discussed in this paper has been developed into a Facebook application and tested on real data. The experiments show the effectiveness of our proposal.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Several efforts have been made for more privacy aware Online Social Networks (OSNs) to protect personal data against various privacy threats. However, despite the relevance of these proposals, we believe there is still the lack of a conceptual model on top of which privacy tools have to be designed. Central to this model should be the concept of risk. Therefore, in this paper, we propose a risk measure for OSNs. The aim is to associate a risk level with social network users in order to provide other users with a measure of how much it might be risky, in terms of disclosure of private information, to have interactions with them. We compute risk levels based on similarity and benefit measures, by also taking into account the user risk attitudes. In particular, we adopt an active learning approach for risk estimation, where user risk attitude is learned from few required user interactions. The risk estimation process discussed in this paper has been developed into a Facebook application and tested on real data. The experiments show the effectiveness of our proposal.
Carminati, Barbara; Ferrari, Elena; Girardi, Jacopo
Trust and Share: Trusted Information Sharing in Online Social Networks Proceedings Article
In: Kementsietsidis, Anastasios; Salles, Marcos Antonio Vaz (Ed.): IEEE 28th International Conference on Data Engineering (ICDE 2012), Washington, DC, USA (Arlington, Virginia), 1-5 April, 2012, pp. 1281–1284, IEEE Computer Society, 2012.
@inproceedings{DBLP:conf/icde/CarminatiFG12,
title = {Trust and Share: Trusted Information Sharing in Online Social Networks},
author = {Barbara Carminati and Elena Ferrari and Jacopo Girardi},
editor = {Anastasios Kementsietsidis and Marcos Antonio Vaz Salles},
url = {https://doi.org/10.1109/ICDE.2012.127},
doi = {10.1109/ICDE.2012.127},
year = {2012},
date = {2012-01-01},
booktitle = {IEEE 28th International Conference on Data Engineering (ICDE 2012),
Washington, DC, USA (Arlington, Virginia), 1-5 April, 2012},
pages = {1281--1284},
publisher = {IEEE Computer Society},
abstract = {At the beginning of Web 2.0 era, Online Social Networks (OSNs) appeared as just another phenomenon among wikis, blogs, video sharing, and so on. However, they soon became one of the biggest revolution of the Internet era. Statistics confirm the continuing rise in the importance of social networking sites in terms of number of users (e.g., Facebook reaches 750 millions users, Twitter 200 millions, LinkedIn 100 millions), time spent in social networking sites, and amount of data flowing (e.g., Facebook users interact with about 900 million piece of data in terms of pages, groups, events and community pages). This successful trend lets OSNs to be one of the most promising paradigms for information sharing on the Web.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
At the beginning of Web 2.0 era, Online Social Networks (OSNs) appeared as just another phenomenon among wikis, blogs, video sharing, and so on. However, they soon became one of the biggest revolution of the Internet era. Statistics confirm the continuing rise in the importance of social networking sites in terms of number of users (e.g., Facebook reaches 750 millions users, Twitter 200 millions, LinkedIn 100 millions), time spent in social networking sites, and amount of data flowing (e.g., Facebook users interact with about 900 million piece of data in terms of pages, groups, events and community pages). This successful trend lets OSNs to be one of the most promising paradigms for information sharing on the Web.
Akcora, Cuneyt Gurcan; Carminati, Barbara; Ferrari, Elena
Risks of Friendships on Social Networks Proceedings Article
In: Zaki, Mohammed Javeed; Siebes, Arno; Yu, Jeffrey Xu; Goethals, Bart; Webb, Geoffrey I; Wu, Xindong (Ed.): 12th IEEE International Conference on Data Mining, ICDM 2012, Brussels, Belgium, December 10-13, 2012, pp. 810–815, IEEE Computer Society, 2012.
@inproceedings{DBLP:conf/icdm/AkcoraCF12,
title = {Risks of Friendships on Social Networks},
author = {Cuneyt Gurcan Akcora and Barbara Carminati and Elena Ferrari},
editor = {Mohammed Javeed Zaki and Arno Siebes and Jeffrey Xu Yu and Bart Goethals and Geoffrey I Webb and Xindong Wu},
url = {https://doi.org/10.1109/ICDM.2012.57},
doi = {10.1109/ICDM.2012.57},
year = {2012},
date = {2012-01-01},
booktitle = {12th IEEE International Conference on Data Mining, ICDM 2012,
Brussels, Belgium, December 10-13, 2012},
pages = {810--815},
publisher = {IEEE Computer Society},
abstract = {In this paper, we explore the risks of friends in social networks caused by their friendship patterns, by using real life social network data and starting from a previously defined risk model. Particularly, we observe that risks of friendships can be mined by analyzing users' attitude towards friends of friends. This allows us to give new insights into friendship and risk dynamics on social networks.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In this paper, we explore the risks of friends in social networks caused by their friendship patterns, by using real life social network data and starting from a previously defined risk model. Particularly, we observe that risks of friendships can be mined by analyzing users' attitude towards friends of friends. This allows us to give new insights into friendship and risk dynamics on social networks.
Carminati, Barbara; Ferrari, Elena; Girardi, Jacopo
Performance analysis of relationship-based access control in OSNs Proceedings Article
In: Zhang, Chengcui; Joshi, James; Bertino, Elisa; Thuraisingham, Bhavani M (Ed.): IEEE 13th International Conference on Information Reuse & Integration, IRI 2012, Las Vegas, NV, USA, August 8-10, 2012, pp. 449–456, IEEE, 2012.
@inproceedings{DBLP:conf/iri/CarminatiFG12,
title = {Performance analysis of relationship-based access control in OSNs},
author = {Barbara Carminati and Elena Ferrari and Jacopo Girardi},
editor = {Chengcui Zhang and James Joshi and Elisa Bertino and Bhavani M Thuraisingham},
url = {https://doi.org/10.1109/IRI.2012.6303043},
doi = {10.1109/IRI.2012.6303043},
year = {2012},
date = {2012-01-01},
booktitle = {IEEE 13th International Conference on Information Reuse \& Integration,
IRI 2012, Las Vegas, NV, USA, August 8-10, 2012},
pages = {449--456},
publisher = {IEEE},
abstract = {Relationshion-based access control (ReBAC) is today emerging as a de-facto standard for On-line Social Network (OSN) access control. However, although several proposals exist of ReBAC models, no extensive performance evaluations have been conducted so far. In this paper, we carried out several experiments on different datasets to study the overhead implied by ReBAC and how it scales when increasing the OSN size.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Relationshion-based access control (ReBAC) is today emerging as a de-facto standard for On-line Social Network (OSN) access control. However, although several proposals exist of ReBAC models, no extensive performance evaluations have been conducted so far. In this paper, we carried out several experiments on different datasets to study the overhead implied by ReBAC and how it scales when increasing the OSN size.
Carminati, Barbara; Ferrari, Elena; Guglielmi, Michele
Policies for Composed Emergencies in Support of Disaster Management Proceedings Article
In: Jonker, Willem; Petkovic, Milan (Ed.): Secure Data Management - 9th VLDB Workshop, SDM 2012, Istanbul, Turkey, August 27, 2012. Proceedings, pp. 75–92, Springer, 2012.
@inproceedings{DBLP:conf/sdmw/CarminatiFG12,
title = {Policies for Composed Emergencies in Support of Disaster Management},
author = {Barbara Carminati and Elena Ferrari and Michele Guglielmi},
editor = {Willem Jonker and Milan Petkovic},
url = {https://doi.org/10.1007/978-3-642-32873-2_6},
doi = {10.1007/978-3-642-32873-2_6},
year = {2012},
date = {2012-01-01},
booktitle = {Secure Data Management - 9th VLDB Workshop, SDM 2012, Istanbul,
Turkey, August 27, 2012. Proceedings},
volume = {7482},
pages = {75--92},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
abstract = {Recently, some proposals have appeared to achieve timely and flexible information sharing in support of emergency management. This is obtained by means of an emergency description language able to specify both emergency situations and temporary access control policies/obligations that have to be activated during emergencies. In this paper, we show that these languages have some limitations in capturing more critical emergency situations, which might arise when atomic emergency events are combined. Moreover, we show that such critical situations might require a new response plan (i.e., new temporary access control policies and obligations), with respect to those already in place for atomic emergencies. Therefore, we introduce the concept of composed emergency and related emergency policies. We also propose some overriding strategies to determine how temporary access control policies and obligations associated with a composed emergency have to be combined with those associated with atomic emergencies. Finally, we propose a tree-data structure in support of efficient emergency policy enforcement.Recently, some proposals have appeared to achieve timely and flexible information sharing in support of emergency management. This is obtained by means of an emergency description language able to specify both emergency situations and temporary access control policies/obligations that have to be activated during emergencies. In this paper, we show that these languages have some limitations in capturing more critical emergency situations, which might arise when atomic emergency events are combined. Moreover, we show that such critical situations might require a new response plan (i.e., new temporary access control policies and obligations), with respect to those already in place for atomic emergencies. Therefore, we introduce the concept of composed emergency and related emergency policies. We also propose some overriding strategies to determine how temporary access control policies and obligations associated with a composed emergency have to be combined with those associated with atomic emergencies. Finally, we propose a tree-data structure in support of efficient emergency policy enforcement.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Recently, some proposals have appeared to achieve timely and flexible information sharing in support of emergency management. This is obtained by means of an emergency description language able to specify both emergency situations and temporary access control policies/obligations that have to be activated during emergencies. In this paper, we show that these languages have some limitations in capturing more critical emergency situations, which might arise when atomic emergency events are combined. Moreover, we show that such critical situations might require a new response plan (i.e., new temporary access control policies and obligations), with respect to those already in place for atomic emergencies. Therefore, we introduce the concept of composed emergency and related emergency policies. We also propose some overriding strategies to determine how temporary access control policies and obligations associated with a composed emergency have to be combined with those associated with atomic emergencies. Finally, we propose a tree-data structure in support of efficient emergency policy enforcement.Recently, some proposals have appeared to achieve timely and flexible information sharing in support of emergency management. This is obtained by means of an emergency description language able to specify both emergency situations and temporary access control policies/obligations that have to be activated during emergencies. In this paper, we show that these languages have some limitations in capturing more critical emergency situations, which might arise when atomic emergency events are combined. Moreover, we show that such critical situations might require a new response plan (i.e., new temporary access control policies and obligations), with respect to those already in place for atomic emergencies. Therefore, we introduce the concept of composed emergency and related emergency policies. We also propose some overriding strategies to determine how temporary access control policies and obligations associated with a composed emergency have to be combined with those associated with atomic emergencies. Finally, we propose a tree-data structure in support of efficient emergency policy enforcement.
Colombo, Pietro; Ferrari, Elena
Towards a Modeling and Analysis Framework for Privacy-Aware Systems Proceedings Article
In: 2012 International Conference on Privacy, Security, Risk and Trust, PASSAT 2012, and 2012 International Confernece on Social Computing, SocialCom 2012, Amsterdam, Netherlands, September 3-5, 2012, pp. 81–90, IEEE Computer Society, 2012.
@inproceedings{DBLP:conf/socialcom/ColomboF12,
title = {Towards a Modeling and Analysis Framework for Privacy-Aware Systems},
author = {Pietro Colombo and Elena Ferrari},
url = {https://doi.org/10.1109/SocialCom-PASSAT.2012.12},
doi = {10.1109/SocialCom-PASSAT.2012.12},
year = {2012},
date = {2012-01-01},
booktitle = {2012 International Conference on Privacy, Security, Risk and Trust,
PASSAT 2012, and 2012 International Confernece on Social Computing,
SocialCom 2012, Amsterdam, Netherlands, September 3-5, 2012},
pages = {81--90},
publisher = {IEEE Computer Society},
abstract = {Nowadays, almost any software application deals with private information. However, effective tools that support the specification and implementation of privacy-aware systems are still missing. This work makes a step to address this issue. In this paper we present MAPaS, a model based framework for the modeling and analysis of privacy-aware systems. MAPaS provides a modeling language for the privacy domain and a rich set of functionalities that allow users to easily analyze privacy-preserving characteristics of a system at the early stages of its development. In this paper, besides presenting the main modules of MaPaS, we show how it can effectively help in the development of privacy-aware systems.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Nowadays, almost any software application deals with private information. However, effective tools that support the specification and implementation of privacy-aware systems are still missing. This work makes a step to address this issue. In this paper we present MAPaS, a model based framework for the modeling and analysis of privacy-aware systems. MAPaS provides a modeling language for the privacy domain and a rich set of functionalities that allow users to easily analyze privacy-preserving characteristics of a system at the early stages of its development. In this paper, besides presenting the main modules of MaPaS, we show how it can effectively help in the development of privacy-aware systems.
Carminati, Barbara; Ferrari, Elena; Viviani, Marco
A Multi-dimensional and Event-Based Model for Trust Computation in the Social Web Proceedings Article
In: Aberer, Karl; Flache, Andreas; Jager, Wander; Liu, Ling; Tang, Jie; é, Christophe Gu (Ed.): Social Informatics - 4th International Conference, SocInfo 2012, Lausanne, Switzerland, December 5-7, 2012. Proceedings, pp. 323–336, Springer, 2012.
@inproceedings{DBLP:conf/socinfo/CarminatiFV12,
title = {A Multi-dimensional and Event-Based Model for Trust Computation in
the Social Web},
author = {Barbara Carminati and Elena Ferrari and Marco Viviani},
editor = {Karl Aberer and Andreas Flache and Wander Jager and Ling Liu and Jie Tang and Christophe Gu \'{e}},
url = {https://doi.org/10.1007/978-3-642-35386-4_24},
doi = {10.1007/978-3-642-35386-4_24},
year = {2012},
date = {2012-01-01},
booktitle = {Social Informatics - 4th International Conference, SocInfo 2012, Lausanne,
Switzerland, December 5-7, 2012. Proceedings},
volume = {7710},
pages = {323--336},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
abstract = {In this paper, we propose a general-purpose Trust Layer that fits and exploits the emerging concept of Social Web. Key features of our proposal are the consideration of several dimensions for trust computation and the exploitation of social interaction dynamics over the Web, through the definition and the evaluation of event patterns and trust rules. Besides presenting our trust model, we discuss a case study on the ACM Digital Library social environment.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In this paper, we propose a general-purpose Trust Layer that fits and exploits the emerging concept of Social Web. Key features of our proposal are the consideration of several dimensions for trust computation and the exploitation of social interaction dynamics over the Web, through the definition and the evaluation of event patterns and trust rules. Besides presenting our trust model, we discuss a case study on the ACM Digital Library social environment.
Akcora, Cuneyt Gurcan; Carminati, Barbara; Ferrari, Elena
Risks of Friendships on Social Networks Journal Article
In: CoRR, vol. abs/1210.3234, 2012.
@article{DBLP:journals/corr/abs-1210-3234,
title = {Risks of Friendships on Social Networks},
author = {Cuneyt Gurcan Akcora and Barbara Carminati and Elena Ferrari},
url = {http://arxiv.org/abs/1210.3234},
year = {2012},
date = {2012-01-01},
journal = {CoRR},
volume = {abs/1210.3234},
abstract = {In this paper, we explore the risks of friends in social networks caused by their friendship patterns, by using real life social network data and starting from a previously defined risk model. Particularly, we observe that risks of friendships can be mined by analyzing users' attitude towards friends of friends. This allows us to give new insights into friendship and risk dynamics on social networks.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In this paper, we explore the risks of friends in social networks caused by their friendship patterns, by using real life social network data and starting from a previously defined risk model. Particularly, we observe that risks of friendships can be mined by analyzing users' attitude towards friends of friends. This allows us to give new insights into friendship and risk dynamics on social networks.
2011
Carminati, Barbara; Ferrari, Elena; Heatherly, Raymond; Kantarcioglu, Murat; Thuraisingham, Bhavani M
Semantic web-based social network access control Journal Article
In: Comput. Secur., vol. 30, no. 2-3, pp. 108–115, 2011.
@article{DBLP:journals/compsec/CarminatiFHKT11,
title = {Semantic web-based social network access control},
author = {Barbara Carminati and Elena Ferrari and Raymond Heatherly and Murat Kantarcioglu and Bhavani M Thuraisingham},
url = {https://doi.org/10.1016/j.cose.2010.08.003},
doi = {10.1016/j.cose.2010.08.003},
year = {2011},
date = {2011-01-01},
journal = {Comput. Secur.},
volume = {30},
number = {2-3},
pages = {108--115},
abstract = {The existence of online social networks that include person specific information creates interesting opportunities for various applications ranging from marketing to community organization. On the other hand, security and privacy concerns need to be addressed for creating such applications. Improving social network access control systems appears as the first step toward addressing the existing security and privacy concerns related to online social networks. To address some of the current limitations, we have created an experimental social network using synthetic data which we then use to test the efficacy of the semantic reasoning based approaches we have previously suggested.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The existence of online social networks that include person specific information creates interesting opportunities for various applications ranging from marketing to community organization. On the other hand, security and privacy concerns need to be addressed for creating such applications. Improving social network access control systems appears as the first step toward addressing the existing security and privacy concerns related to online social networks. To address some of the current limitations, we have created an experimental social network using synthetic data which we then use to test the efficacy of the semantic reasoning based approaches we have previously suggested.
Cao, Jianneng; Carminati, Barbara; Ferrari, Elena; -, Kian
CASTLE: Continuously Anonymizing Data Streams Journal Article
In: IEEE Trans. Dependable Secur. Comput., vol. 8, no. 3, pp. 337–352, 2011.
@article{DBLP:journals/tdsc/CaoCFT11,
title = {CASTLE: Continuously Anonymizing Data Streams},
author = {Jianneng Cao and Barbara Carminati and Elena Ferrari and Kian -},
url = {https://doi.org/10.1109/TDSC.2009.47},
doi = {10.1109/TDSC.2009.47},
year = {2011},
date = {2011-01-01},
journal = {IEEE Trans. Dependable Secur. Comput.},
volume = {8},
number = {3},
pages = {337--352},
abstract = {Most of the existing privacy-preserving techniques, such as k-anonymity methods, are designed for static data sets. As such, they cannot be applied to streaming data which are continuous, transient, and usually unbounded. Moreover, in streaming applications, there is a need to offer strong guarantees on the maximum allowed delay between incoming data and the corresponding anonymized output. To cope with these requirements, in this paper, we present Continuously Anonymizing STreaming data via adaptive cLustEring (CASTLE), a cluster-based scheme that anonymizes data streams on-the-fly and, at the same time, ensures the freshness of the anonymized data by satisfying specified delay constraints. We further show how CASTLE can be easily extended to handle ℓ-diversity. Our extensive performance study shows that CASTLE is efficient and effective w.r.t. the quality of the output data.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Most of the existing privacy-preserving techniques, such as k-anonymity methods, are designed for static data sets. As such, they cannot be applied to streaming data which are continuous, transient, and usually unbounded. Moreover, in streaming applications, there is a need to offer strong guarantees on the maximum allowed delay between incoming data and the corresponding anonymized output. To cope with these requirements, in this paper, we present Continuously Anonymizing STreaming data via adaptive cLustEring (CASTLE), a cluster-based scheme that anonymizes data streams on-the-fly and, at the same time, ensures the freshness of the anonymized data by satisfying specified delay constraints. We further show how CASTLE can be easily extended to handle ℓ-diversity. Our extensive performance study shows that CASTLE is efficient and effective w.r.t. the quality of the output data.
Carminati, Barbara; Ferrari, Elena; Morasca, Sandro; Taibi, Davide
A probability-based approach to modeling the risk of unauthorized propagation of information in on-line social networks Proceedings Article
In: Sandhu, Ravi S; Bertino, Elisa (Ed.): First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, San Antonio, TX, USA, February 21-23, 2011, Proceedings, pp. 51–62, ACM, 2011.
@inproceedings{DBLP:conf/codaspy/CarminatiFMT11,
title = {A probability-based approach to modeling the risk of unauthorized
propagation of information in on-line social networks},
author = {Barbara Carminati and Elena Ferrari and Sandro Morasca and Davide Taibi},
editor = {Ravi S Sandhu and Elisa Bertino},
url = {https://doi.org/10.1145/1943513.1943522},
doi = {10.1145/1943513.1943522},
year = {2011},
date = {2011-01-01},
booktitle = {First ACM Conference on Data and Application Security and Privacy,
CODASPY 2011, San Antonio, TX, USA, February 21-23, 2011, Proceedings},
pages = {51--62},
publisher = {ACM},
abstract = {The unauthorized propagation of information is an important problem in the Internet, especially because of the increasing popularity of On-line Social Networks. To address this issue, many access control mechanisms have been proposed so far, but there is still a lack of techniques to evaluate the risk of unauthorized flow of information within social networks. This paper introduces a probability-based approach to modeling the likelihood that information propagates from one social network user to users who are not authorized to access it. The approach is demonstrated via an example, to show how it can be applied in practical cases.The unauthorized propagation of information is an important problem in the Internet, especially because of the increasing popularity of On-line Social Networks. To address this issue, many access control mechanisms have been proposed so far, but there is still a lack of techniques to evaluate the risk of unauthorized flow of information within social networks. This paper introduces a probability-based approach to modeling the likelihood that information propagates from one social network user to users who are not authorized to access it. The approach is demonstrated via an example, to show how it can be applied in practical cases.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
The unauthorized propagation of information is an important problem in the Internet, especially because of the increasing popularity of On-line Social Networks. To address this issue, many access control mechanisms have been proposed so far, but there is still a lack of techniques to evaluate the risk of unauthorized flow of information within social networks. This paper introduces a probability-based approach to modeling the likelihood that information propagates from one social network user to users who are not authorized to access it. The approach is demonstrated via an example, to show how it can be applied in practical cases.The unauthorized propagation of information is an important problem in the Internet, especially because of the increasing popularity of On-line Social Networks. To address this issue, many access control mechanisms have been proposed so far, but there is still a lack of techniques to evaluate the risk of unauthorized flow of information within social networks. This paper introduces a probability-based approach to modeling the likelihood that information propagates from one social network user to users who are not authorized to access it. The approach is demonstrated via an example, to show how it can be applied in practical cases.
Carminati, Barbara; Ferrari, Elena
Collaborative access control in on-line social networks Proceedings Article
In: Georgakopoulos, Dimitrios; Joshi, James B D (Ed.): 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2011, Orlando, FL, USA, 15-18 October, 2011, pp. 231–240, ICST / IEEE, 2011.
@inproceedings{DBLP:conf/colcom/CarminatiF11,
title = {Collaborative access control in on-line social networks},
author = {Barbara Carminati and Elena Ferrari},
editor = {Dimitrios Georgakopoulos and James B D Joshi},
url = {https://doi.org/10.4108/icst.collaboratecom.2011.247109},
doi = {10.4108/icst.collaboratecom.2011.247109},
year = {2011},
date = {2011-01-01},
booktitle = {7th International Conference on Collaborative Computing: Networking,
Applications and Worksharing, CollaborateCom 2011, Orlando, FL, USA,
15-18 October, 2011},
pages = {231--240},
publisher = {ICST / IEEE},
abstract = {Topology-based access control is today a de-facto standard for protecting resources in On-line Social Networks (OSNs) both within the research community and commercial OSNs. According to this paradigm, authorization constraints specify the relationships (and possibly their depth and trust level) that should occur between the requestor and the resource owner to make the first able to access the required resource. In this paper, we show how topology-based access control can be enhanced by exploiting the collaboration among OSN users, which is the essence of any OSN. The need of user collaboration during access control enforcement arises by the fact that, different from traditional settings, in most OSN services users can reference other users in resources (e.g., a user can be tagged to a photo), and therefore it is generally not possible for a user to control the resources published by another user. For this reason, we introduce collaborative security policies, that is, access control policies identifying a set of collaborative users that must be involved during access control enforcement. Moreover, we discuss how user collaboration can also be exploited for policy administration and we present an architecture on support of collaborative policy enforcement.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Topology-based access control is today a de-facto standard for protecting resources in On-line Social Networks (OSNs) both within the research community and commercial OSNs. According to this paradigm, authorization constraints specify the relationships (and possibly their depth and trust level) that should occur between the requestor and the resource owner to make the first able to access the required resource. In this paper, we show how topology-based access control can be enhanced by exploiting the collaboration among OSN users, which is the essence of any OSN. The need of user collaboration during access control enforcement arises by the fact that, different from traditional settings, in most OSN services users can reference other users in resources (e.g., a user can be tagged to a photo), and therefore it is generally not possible for a user to control the resources published by another user. For this reason, we introduce collaborative security policies, that is, access control policies identifying a set of collaborative users that must be involved during access control enforcement. Moreover, we discuss how user collaboration can also be exploited for policy administration and we present an architecture on support of collaborative policy enforcement.
Xue, Mingqiang; Carminati, Barbara; Ferrari, Elena
P3D - Privacy-Preserving Path Discovery in Decentralized Online Social Networks Proceedings Article
In: Proceedings of the 35th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2011, Munich, Germany, 18-22 July 2011, pp. 48–57, IEEE Computer Society, 2011.
@inproceedings{DBLP:conf/compsac/XueCF11,
title = {P3D - Privacy-Preserving Path Discovery in Decentralized Online
Social Networks},
author = {Mingqiang Xue and Barbara Carminati and Elena Ferrari},
url = {https://doi.org/10.1109/COMPSAC.2011.15},
doi = {10.1109/COMPSAC.2011.15},
year = {2011},
date = {2011-01-01},
booktitle = {Proceedings of the 35th Annual IEEE International Computer Software
and Applications Conference, COMPSAC 2011, Munich, Germany, 18-22
July 2011},
pages = {48--57},
publisher = {IEEE Computer Society},
abstract = {One of the key service of social networks is path discovery, in that release of a resource or delivering of a service is usually constrained by the existence of a path with given characteristics in the social network graph. One fundamental issue is that path discovery should preserve relationship privacy. In this paper, we address this issue by proposing a Privacy-Preserving Path Discovery protocol, called P 3 D. Relevant features of P 3 D are that: (1) it computes only aggregate information on the discovered paths, whereas details on single relationships are not revealed to anyone, (2) it is designed for a decentralized social network. Moreover, P 3 D is designed such to reduce the drawbacks that offline nodes may create to path discovery. In the paper, besides giving the details of the protocol, we provide an extensive performance study. We also present the security analysis of P 3 D, showing its robustness against the main security threats.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
One of the key service of social networks is path discovery, in that release of a resource or delivering of a service is usually constrained by the existence of a path with given characteristics in the social network graph. One fundamental issue is that path discovery should preserve relationship privacy. In this paper, we address this issue by proposing a Privacy-Preserving Path Discovery protocol, called P 3 D. Relevant features of P 3 D are that: (1) it computes only aggregate information on the discovered paths, whereas details on single relationships are not revealed to anyone, (2) it is designed for a decentralized social network. Moreover, P 3 D is designed such to reduce the drawbacks that offline nodes may create to path discovery. In the paper, besides giving the details of the protocol, we provide an extensive performance study. We also present the security analysis of P 3 D, showing its robustness against the main security threats.
Braghin, Stefano; Ferrari, Elena; Trombetta, Alberto
A rule-based policy language for selective trust propagation in social networks Proceedings Article
In: Barbosa, Denilson; Miklau, Gerome; Yu, Cong (Ed.): Proceedings of the First ACM SIGMOD Workshop on Databases and Social Networks, DBSocial 2011, Athens, Greece, June 12, 2011, pp. 25–30, ACM, 2011.
@inproceedings{DBLP:conf/dbsocial/BraghinFT11,
title = {A rule-based policy language for selective trust propagation in social
networks},
author = {Stefano Braghin and Elena Ferrari and Alberto Trombetta},
editor = {Denilson Barbosa and Gerome Miklau and Cong Yu},
url = {https://doi.org/10.1145/1996413.1996418},
doi = {10.1145/1996413.1996418},
year = {2011},
date = {2011-01-01},
booktitle = {Proceedings of the First ACM SIGMOD Workshop on Databases and
Social Networks, DBSocial 2011, Athens, Greece, June 12, 2011},
pages = {25--30},
publisher = {ACM},
abstract = {Information spreading is a important topic in the area of Online Social Networks (OSNs). Typically, information flows in a careless way among directly connected members of the OSN ("friends"). In this way, it is possible that sensitive information is unintentionally leaked to not entitled or un-trusted members. A well-known approach for the management of trust relationships is represented by trust negotiations. In an OSN, trust negotiations can be exploited in a novel way, that is, their outcome can be used to dynamically adjust the trust level between OSN users. Additionally, information about past negotiations between members of the OSN can be propagated in the OSN graph and used by other OSN members to take access control decisions. However, such information can be sensitive and therefore their disclosure should be carefully regulated. To cope with these issues, in this paper we introduce a language for the definition of policies regulating the disclosure of information about past interactions occurred between members of the OSN.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Information spreading is a important topic in the area of Online Social Networks (OSNs). Typically, information flows in a careless way among directly connected members of the OSN ("friends"). In this way, it is possible that sensitive information is unintentionally leaked to not entitled or un-trusted members. A well-known approach for the management of trust relationships is represented by trust negotiations. In an OSN, trust negotiations can be exploited in a novel way, that is, their outcome can be used to dynamically adjust the trust level between OSN users. Additionally, information about past negotiations between members of the OSN can be propagated in the OSN graph and used by other OSN members to take access control decisions. However, such information can be sensitive and therefore their disclosure should be carefully regulated. To cope with these issues, in this paper we introduce a language for the definition of policies regulating the disclosure of information about past interactions occurred between members of the OSN.
Akcora, Cuneyt Gurcan; Carminati, Barbara; Ferrari, Elena
Network and profile based measures for user similarities on social networks Proceedings Article
In: Proceedings of the IEEE International Conference on Information Reuse and Integration, IRI 2011, 3-5 August 2011, Las Vegas, Nevada, USA, pp. 292–298, IEEE Systems, Man, and Cybernetics Society, 2011.
@inproceedings{DBLP:conf/iri/AkcoraCF11,
title = {Network and profile based measures for user similarities on social
networks},
author = {Cuneyt Gurcan Akcora and Barbara Carminati and Elena Ferrari},
url = {https://doi.org/10.1109/IRI.2011.6009562},
doi = {10.1109/IRI.2011.6009562},
year = {2011},
date = {2011-01-01},
booktitle = {Proceedings of the IEEE International Conference on Information
Reuse and Integration, IRI 2011, 3-5 August 2011, Las Vegas, Nevada,
USA},
pages = {292--298},
publisher = {IEEE Systems, Man, and Cybernetics Society},
abstract = {An interesting problem in online social networks is the identification of user characteristics and the analysis of how these are reflected in the graph structure evolution. The basis of these studies are user similarity measures. In this paper, we approach user similarity from two angles. First, we propose a network similarity measure that considers only the graph structure and that, differently from existing techniques, takes into consideration also how two users are indirectly connected. Secondly, we propose a similarity measure based on user profile information, such to find semantic similarities between users. Moreover, since user profile data could be missing, we present a technique to infer them from profile items of the user contacts. We evaluate our similarity measures on Facebook and DBLP data.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
An interesting problem in online social networks is the identification of user characteristics and the analysis of how these are reflected in the graph structure evolution. The basis of these studies are user similarity measures. In this paper, we approach user similarity from two angles. First, we propose a network similarity measure that considers only the graph structure and that, differently from existing techniques, takes into consideration also how two users are indirectly connected. Secondly, we propose a similarity measure based on user profile information, such to find semantic similarities between users. Moreover, since user profile data could be missing, we present a technique to infer them from profile items of the user contacts. We evaluate our similarity measures on Facebook and DBLP data.
Carminati, Barbara; Ferrari, Elena; Guglielmi, Michele
Secure Information Sharing on Support of Emergency Management Proceedings Article
In: PASSAT/SocialCom 2011, Privacy, Security, Risk and Trust (PASSAT), 2011 IEEE Third International Conference on and 2011 IEEE Third International Conference on Social Computing (SocialCom), Boston, MA, USA, 9-11 Oct., 2011, pp. 988–995, IEEE Computer Society, 2011.
@inproceedings{DBLP:conf/socialcom/CarminatiFG11,
title = {Secure Information Sharing on Support of Emergency Management},
author = {Barbara Carminati and Elena Ferrari and Michele Guglielmi},
url = {https://doi.org/10.1109/PASSAT/SocialCom.2011.69},
doi = {10.1109/PASSAT/SocialCom.2011.69},
year = {2011},
date = {2011-01-01},
booktitle = {PASSAT/SocialCom 2011, Privacy, Security, Risk and Trust (PASSAT),
2011 IEEE Third International Conference on and 2011 IEEE Third
International Conference on Social Computing (SocialCom), Boston,
MA, USA, 9-11 Oct., 2011},
pages = {988--995},
publisher = {IEEE Computer Society},
abstract = {One of the most strategic component for an efficient and effective emergency management is the availability of an infrastructure on support of information sharing. Indeed, during emergency situations it is vital that the necessary information timely reaches the right person. Even if emergency management usually requires to bypass access control policies in place during the system normal operations, it is crucial that such process is temporary and controlled by proper emergency policies. To cope with these requirements, in this paper we present a system able to: 1) detect the events that cause the triggering of an emergency policy, 2) make immediately available to the authorized subjects information covered by the emergency policy. This is achieved by the definition of flexible emergency policies and by the use of a Complex Event Processing system on support of event monitoring and policy triggering. The paper also presents preliminary experiments on system overhead.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
One of the most strategic component for an efficient and effective emergency management is the availability of an infrastructure on support of information sharing. Indeed, during emergency situations it is vital that the necessary information timely reaches the right person. Even if emergency management usually requires to bypass access control policies in place during the system normal operations, it is crucial that such process is temporary and controlled by proper emergency policies. To cope with these requirements, in this paper we present a system able to: 1) detect the events that cause the triggering of an emergency policy, 2) make immediately available to the authorized subjects information covered by the emergency policy. This is achieved by the definition of flexible emergency policies and by the use of a Complex Event Processing system on support of event monitoring and policy triggering. The paper also presents preliminary experiments on system overhead.