—With increasing amount of sensitive user data stored in social computing systems (SCSs) and lack of consensus on how it should be protected under meaningful control by the average user, security and privacy has become a pressing problem that must be addressed. We propose the concept of user and SCS activity as a natural aspect of social computing which influences access control in a manner distinct to SCSs. We propose an activity-centric access control or Activity CONtrol (ACON) framework for social computing to facilitate both privacy setting from user side and administration from SCS side. We further propose an ACONuser model for user activity control and session management. We illustrate how the model captures the user activities using several SC examples.
Jaehong Park, Ravi S. Sandhu, Yuan Cheng