Abstract
In recent years we are experiencing the tremendous growth in Online Social Networks (OSNs) and become a de facto portal for hundreds of millions of Internet users. Digital social interactions and information security are the means offered by these OSNs, but also raise a number of security and privacy issues. In OSNs users are restricted to access the shared data, but they currently do not provide any mechanism to enforce privacy concerns over data associated with multiple users. In our paper, we propose an approach to enable the protection of shared data associated with multiple users in OSNs. We also formulate an access control model to capture the essence of multiparty authorization requirements, along with a multiparty policy specification scheme and a policy enforcement mechanism. To the end, we discuss a proof-of-concept prototype of our approach as part of an application in Facebook and provide usability study and system evaluation of our method.