Article Preview
TopIntroduction
With the rapid development of online social network, online social networking platforms, tools and applications such as Twitter, Facebook, LinkedIn, QQ and WeChat are constantly penetrating into people's production, life and social activities (Pang et al., 2015; Liu et al., 2019). Users spend a lot of time on online social networking and communication every day, and a large amount of social data and information spread through online social network (Yin et al., 2019; Zhang, et al, 2019). In the environment of social big data, user data has a stronger correlation than before. With the increase of data, user information is correlated and matched. Compared with the traditional Internet environment, it becomes easier to access, collect and disseminate users' information, and users cannot effectively control their personal information. While enjoying the convenience of social tools, users also faced with such problems as unauthorized access, data theft, information fraud, personal privacy disclosure, etc. Social network information access control has become a concern of people (Ma et al., 2019; Yamaguchi et al., 2019; Gupta, et al, 2019). Therefore, users need to effectively protect and supervise personal information through privacy protection technology at the source (Luo et al., 2018). As a classic method of information security and privacy protection, access control technology can be used to formulate complete rules and policies for different social scenarios of users. Such technology is the key technical guarantee for achieving virtual cyberspace security (Hu et al., 2013; Ahmed et al., 2016; Gupta, et al, 2018). In the online social network environment, the existing access control model distinguishes access subjects and objects based on user roles (Ulltveit et al., 2016), attributes (Wei et al., 2018), relationships (Cheng et al., 2016; Bui et al., 2019; Chen et al., 2014), tags (Zhang et al., 2016), groups (Hu et al., 2018), and so on, and it also describes and imposes visitor’s access rights and operations to different resources.
With the continuous emergence of new scenarios and applications of online social network (Zheng,et. al, 2019; Sahoo, et. al, 2019), practical applications, such as security control mechanisms (Fang et al., 2017) and personal privacy protection (Ma et al., 2017), have appeared. Literature (Xue et al., 2018) and (Baseri et al., 2018) propose an attribute-based location-aware access control mechanism in the cloud environment, which flexibly combines user attributes and location to achieve fine-grained control of data. Literature (Hsu et al., 2016) and (Li et al., 2016) propose an access control model based on location attribute awareness in the social network, and verify the feasibility of user behavior through location attributes and fine-grained control of access to users' sensitive location information in shared content. Literature (Yang et al., 2016) suggests a provably secure access control scheme based on time domain attributes in the cloud environment, allowing users to decrypt video content within a specific time period. Literature (Fan et al., 2017) proposes a mandatory access control model with space-time constraints in the collaborative environment, according to BLP model, tasks, time, and space are considered.
The widespread and in-depth application of social network constantly changes user needs. Moreover, the following new scenarios emerge:
Scenario 1: Alice posts a group of funny pictures on the social network platform, but the picture content is related to personal privacy. She hopes that the pictures could be seen by friends only for a while for entertainment, and she wants to delete the pictures after 24 hours.
Scenario 2: Bob publishes detailed information of his lost item on the social network platform, hoping to retrieve it through the platform. However, he only wants this information to be seen by friends in his city.
Scenario 3: Charlie’s relatives had lost and he posted a notice on social network. He hopes that his friend can currently browse the post and plans to delete it within 24 hours. At the same time, only friends in the same city can browse the information.