We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Recommendation Models for Open Authorization.
- Authors
Shehab, Mohamed; Marouf, Said
- Abstract
Major online platforms such as Facebook, Google, and Twitter allow third-party applications such as games, and productivity applications access to user online private data. Such accesses must be authorized by users at installation time. The Open Authorization protocol (OAuth) was introduced as a secure and efficient method for authorizing third-party applications without releasing a user's access credentials. However, OAuth implementations don't provide the necessary fine-grained access control, nor any recommendations, i.e., which access control decisions are most appropriate. We propose an extension to the OAuth 2.0 authorization that enables the provisioning of fine-grained authorization recommendations to users when granting permissions to third-party applications. We propose a multicriteria recommendation model that utilizes application-based, user-based, and category-based collaborative filtering mechanisms. Our collaborative filtering mechanisms are based on previous user decisions, and application permission requests to enhance the privacy of the overall site's user population. We implemented our proposed OAuth extension as a browser extension that allows users to easily configure their privacy settings at application installation time, provides recommendations on requested privacy permissions, and collects data regarding user decisions. Our experiments on the collected data indicate that the proposed framework efficiently enhanced the user awareness and privacy related to third-party application authorizations.
- Subjects
ONLINE social networks; COMPUTER network protocols; APPLICATION software; INTERNET users; INTERNET privacy
- Publication
IEEE Transactions on Dependable & Secure Computing, 2012, Vol 9, Issue 4, p583
- ISSN
1545-5971
- Publication type
Article
- DOI
10.1109/TDSC.2012.34