Sciweavers

PERCOM
2011
ACM

PoX: Protecting users from malicious Facebook applications

13 years 4 months ago
PoX: Protecting users from malicious Facebook applications
Abstract—Online social networks such as Facebook, MySpace, and Orkut store large amounts of sensitive user data. While a user can legitimately assume that a social network provider adheres to strict privacy standards, we argue that it is unwise to trust third-party applications on these platforms in the same way. Although the social network provider would be in the best position to implement fine-grained access control for third party applications directly into the platform, existing mechanisms are not convincing. Therefore, we introduce PoX, an extension for Facebook that makes all requests for private data explicit to the user and allows her to exert fine-grained access control over what profile data can be accessed by individual applications. By leveraging a client-side proxy that executes in the user’s web browser, data requests can be relayed to Facebook without forcing the user to trust additional third parties. Of course, the presented system is backwards compatible and t...
Manuel Egele, Andreas Moser, Christopher Kruegel,
Added 22 Aug 2011
Updated 22 Aug 2011
Type Journal
Year 2011
Where PERCOM
Authors Manuel Egele, Andreas Moser, Christopher Kruegel, Engin Kirda
Comments (0)