ENFORCING ROLE-BASED ACCESS CONTROL ON A SOCIAL NETWORK

ECU Author/Contributor (non-ECU co-authors, if there are any, appear on document)
James Carold Anderson (Creator)
Institution
East Carolina University (ECU )
Web Site: http://www.ecu.edu/lib/
Advisor
Junhua Ding

Abstract: Social networks supply a means by which people can communicate with each other while allowing for ease in initiating interaction and expressions. These systems of human collaboration may also be used to store and distribute information of a sensitive nature that must be secured against intrusions at all times. Given the massive operation embodied by social networks multiple methods have been developed that control the flow of information so that those with authorization can gain access. Before allowing a social network to begin distributing its contents a prudent prerequisite should be that the security protocols prevent unauthorized access. Formal modeling and analysis of security properties particularly those of Role-Based Access Control (RBAC) in social networks is the main focus of this thesis. A social network system and its security assurance mechanisms are modeled using the input language of Symbolic Model Verifier (SMV) and the properties of the system are specified using computation tree temporal logic (CTL*). Those properties are then verified using the SMV model checker. A real case was studied to demonstrate the effectiveness of model checking security properties in a social network system. The case consists of an account in which a group of users share various resources and access privileges which are controlled by RBAC. The case study results show that model checking is capable of formally analyzing security policies particularly RBAC in a social network system. In addition the counter examples generated from model checking could help to create test cases for testing system implementation and they can help us to find defects in the model as well. Formally modeling and model checking security policies in a complex system like a social network can greatly improve the security of these systems. 

Additional Information

Publication
Thesis
Date: 2012
Keywords
Computer science, Model Checking, Social networks
Subjects
Computer security
Social networks--Security measures
Information storage and retrieval systems--Security measures

Email this document to

This item references:

TitleLocation & LinkType of Relationship
ENFORCING ROLE-BASED ACCESS CONTROL ON A SOCIAL NETWORKhttp://hdl.handle.net/10342/3936The described resource references, cites, or otherwise points to the related resource.