Tie-RBAC: An application of RBAC to Social Networks
This work addresses access control issues for social network users and developers, but it is incremental as it adapts an existing RBAC model to a new context.
The paper tackles the problem of access control in social networks by applying role-based access control (RBAC) to social ties, allowing users to define relations and assign roles with permissions, and it has been implemented in a social network site core called Social Stream.
This paper explores the application of role-based access control to social networks, from the perspective of social network analysis. Each tie, composed of a relation, a sender and a receiver, involves the sender's assignation of the receiver to a role with permissions. The model is not constrained to system-defined relations and lets users define them unilaterally. It benefits of RBAC's advantages, such as policy neutrality, simplification of security administration and permissions on other roles. Tie-RBAC has been implemented in a core for building social network sites, Social Stream.