Paper 2015/456

Collateral damage of Facebook Apps: an enhanced privacy scoring model

Iraklis Symeonidis, Pagona Tsormpatzoudi, and Bart Preneel

Abstract

Establishing friendship relationships on Facebook often entails information sharing which is based on the social trust and implicit contract between users and their friends. In this context, Facebook offers applications (Apps) developed by third-party application providers (AppPs), which may grant access to users' personal data via Apps installed by their friends. Such access takes place outside the circle of social trust with the user not being aware whether a friend has installed an App collecting her data. In some cases, one or more AppPs may cluster several Apps and thus gain access to a collection of personal data. As a consequence privacy risks emerge. Previous research has mentioned the need to quantify privacy risks on Online Social Networks (OSNs). Nevertheless, most of the existing works do not focus on the personal data disclosure via Apps. Moreover, the problem of personal data clustering from AppPs has not been studied. In this work, we perform a general analysis of the privacy threats stemming from the personal data requested by Apps installed by the user’s friends from a technical and legal point of view. In order to assist users, we propose a model and a privacy scoring formula to calculate the amount of personal data that may be exposed to AppPs. Moreover, we propose algorithms that based on clustering, computes the visibility of each personal data to the AppPs.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
Socialeconomic and policy issues of trustsecurity and privacySecurity and privacy in social networks
Contact author(s)
iraklis symeonidis @ esat kuleuven be
History
2018-03-23: last of 25 revisions
2015-05-13: received
See all versions
Short URL
https://ia.cr/2015/456
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/456,
      author = {Iraklis Symeonidis and Pagona Tsormpatzoudi and Bart Preneel},
      title = {Collateral damage of Facebook Apps: an enhanced privacy scoring model},
      howpublished = {Cryptology ePrint Archive, Paper 2015/456},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/456}},
      url = {https://eprint.iacr.org/2015/456}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.