Hakim Touati

User Centric Policy Management in Online Social Networks

Online social networking sites are experiencing tremendous user growth with hundreds of millions of active users. As a result, there is a tremendous amount of user profile data online, e.g., name, birth date, etc. Protecting this data is a challenge. The task of access policy composition is a tedious and confusing effort for the average user having hundreds of friends. In this paper, we propose a Policy Manager (PolicyMgr) Framework for social networks. PolicyMgr assists users in composing and managing their access control policies for objects posted to their profiles. Our approach is based on a supervised learning mechanism that leverages user provided example policy settings as training sets to build classifiers that are the basis for auto-generated policies. Furthermore, we provide mechanisms to enable users to fuse policy decisions that are provided by their friends or others in the social network. These policies then regulate access to user profile objects. We implemented our framework and, through experimentation, demonstrate positive emerging results.

Learning based access control in online social networks

Online social networking sites are experiencing tremendous user growth with hundreds of millions of active users. As a result, there is a tremendous amount of user profile data online, e.g., name, birthdate, etc. Protecting this data is a challenge. The task of access policy composition is a tedious and confusing effort for the average user having hundreds of friends. We propose an approach that assists users in composing and managing their access control policies. Our approach is based on a supervised learning mechanism that leverages user provided example policy settings as training sets to build classifiers that are the basis for auto-generated policies. Furthermore, we provide mechanisms to enable users to fuse policy decisions that are provided by their friends or others in the social network. These policies then regulate access to user profile objects. We implemented our approach and, through extensive experimentation, prove the accuracy of our proposed mechanisms.

Semi-Supervised Policy Recommendation for Online Social Networks

Fine grain policy settings in social network sites is becoming a very important requirement for managing users privacy. Incorrect privacy policy settings can easily lead to leaks in private and personal information. At the same time, being too restrictive would reduce the benefits of online social networks. This is further complicated with the growing adoption of social networks and with the rapid growth in information uploading and sharing. The problem of facilitating policy settings has attracted numerous access control, and human computer interaction researchers. The solutions proposed range from usable interfaces for policy settings to automated policy settings. We propose a fine grained policy recommendation system that is based on an iterative semi-supervised learning approach that uses the social graph propagation properties. Active learning and social graph properties were used to detect the most informative instances to be labeled as training sets. We implemented and tested our approach using real Facebook dataset. We compared our proposed approach to supervised learning and random walk approaches. Our proposed approaches provided high accuracy and precision when compared to the other approaches.

Mining Surgical Meta-actions Effects with Variable Diagnoses’ Number

Commonly, information systems are organized by the use of tables that are composed of a fixed number of columns representing the information system’s attributes. However, in a typical hospital scenario, patients may have a variable number of diagnoses and this data is recorded in the patients’ medical records in a random order. Treatments are prescribed based on these diagnoses, which makes it harder to mine meta-actions from healthcare datasets. In such scenario, the patients are not necessarily followed for a specific disease, but are treated for what they are diagnosed for. This makes it even more complex to prescribe personalized treatments since patients react differently to treatments based on their state (diagnoses). In this work, we present a method to extract personalized meta-actions from surgical datasets with variable number of diagnoses. We used the Florida State Inpatient Databases (SID), which is a part of the Healthcare Cost and Utilization Project (HCUP) [1] to demonstrate how to extract meta-actions and evaluate them.

Towards a General Framework for Optimal Role Mining: A Constraint Satisfaction Approach

Role Based Access Control (RBAC) is the most widely used advanced access control model deployed in a variety of organizations. To deploy an RBAC system, one needs to first identify a complete set of roles, including permission role assignments and role user assignments. This process, known as role engineering, has been identified as one of the costliest tasks in migrating to RBAC. Since many organizations already have some form of user permission assignments defined, it makes sense to identify roles from this existing information. This process, known as role mining, has gained significant interest in recent years and numerous role mining techniques have been developed that take into account the characteristics of the core RBAC model, as well as its various extended features and each is based on a specific optimization metric. In this paper, we propose a generic approach which transforms the role mining problem into a constraint satisfaction problem. The transformation allows us to discover the optimal RBAC state based on customized optimization metrics. We also extend the RBAC model to include more context-aware and application specific constraints. These extensions broaden the applicability of the model beyond the classic role mining to include features such as permission usage, hierarchical role mining, hybrid role engineering approaches, and temporal RBAC models. We also perform experiments to show applicability and effectiveness of the proposed approach.

Semi-supervised policy recommendation for online social networks

Fine-grained policy settings in social networking sites are becoming important for managing user privacy. Incorrect privacy policy settings can easily lead to leaks in private and personal information. At the same time, being too restrictive would reduce the benefits of online social networks. This is further complicated due to the growing adoption of social networks and the rapid growth in information uploading and sharing. The problem of facilitating policy settings has attracted the attention of numerous access control, and human–computer interaction researchers. The proposed solutions range from usable interfaces for policy settings to automated policy settings. We propose a fine-grained policy recommendation system that is based on an iterative semi-supervised learning approach which leverages the social graph propagation properties. Active learning and social graph properties are used to detect the most informative instances to be labeled as training sets. We implemented and tested our approach using both participant-labeled Facebook dataset and their real policy dataset extracted using the Facebook API. We compared our proposed approach to supervised learning and random walk-based approaches. Our approach provided higher accuracy and precision for both datasets. Collaborative active learning further improved the performance of our approach. Moreover, the accuracy and precision of our approach were maintained with the addition of new friends in the social graph.

Enabling cross-site interactions in social networks

Online social networks is one of the major technological phenomena on the Web 2.0. Hundreds of millions of people are posting articles, photos, and videos on their profiles and interacting with other people, but the sharing and interaction are limited within a same social network site. Although users can share some contents in a social network site with people outside of the social network site using a secret address of content, appropriate access control mechanisms are still not supported. To overcome this limitation, we propose a cross-site interaction framework x-mngr, allowing users to interact with users in other social network sites, with a cross-site access control policy, which enables users to specify policies that allow/deny access to their shared contents across social network sites. We also propose a partial mapping approach based on a supervised learning mechanism to map user’s identities across social network sites. We implemented our proposed framework through a photo album sharing application that shares user’s photos between Facebook and MySpace based on the cross-site access control policy that is defined by the content owner. Furthermore, we provide mechanisms to enable users to fuse user-mapping decisions that are provided by their friends or others in the social network. We implemented our framework and through extensive experimentation we prove the accuracy and precision of our proposed mechanisms.

Enabling Cross-Site Content Sharing between Social Networks

Social Networks is one of the major technological phenomena on the Web 2.0. Hundreds of millions of people are posting articles, photos, and videos on their profiles and interacting with other people, but the sharing and interaction are limited within a same social network site. Although users can share some contents in a social network site with people outside of the social network site using a public link of content, appropriate access control mechanisms are still not supported. To overcome those limitations, we propose a cross-site content sharing framework named x-mngr, allowing users to interact with others in other social network sites, with a cross-site access control policy, which enables users to specify policies that allow/deny access to their shared contents across social network sites. We implemented our proposed framework through a photo sharing application that shares users photos between Face book and My Space based on the cross-site access control policy. To evaluate our approach, we conducted a user study for the x-mngr framework.

Meta-actions as a Tool for Action Rules Evaluation

Action rules extraction is a field of data mining used to extract actionable patterns from large datasets. Action rules present users with a set of actionable tasks to follow to achieve a desired result. An action rule can be seen as two patterns of feature values (classification rules) occurring together and having the same features. Action rules are evaluated using their supporting patterns occurrence in a measure called support. They are also evaluated using their confidence defined as the product of the two patterns confidences. Those two measures are important to evaluate action rules; nonetheless, they fail to measure the feature values transition correlation and applicability. This is due to the core of the action rules extraction process that extracts independent patterns and constructs an action rule. In this chapter, we present the benefits of meta-actions in evaluating action rules in terms of two measures, namely likelihood and execution confidence. In fact, in meta-actions, we extract real feature values transition patterns, rather than composing two feature values patterns. We also present an evaluation model of the application of meta-actions based on cost and satisfaction. We extracted action rules and meta-actions and evaluated them on the Florida State Inpatient Databases that is a part of the Healthcare Cost and Utilization Project.

Mining Meta-Actions for Action Rules Reduction

Meta-actions effect and selection are the fundamental core for a successful action rule execution. All atomic action terms on the left-hand side of an action rule have to be covered by well chosen meta-actions in order for it to be executed. The choice of meta-actions depends on the antecedent side of action rules; however, it also depends on their list of atomic actions that are outside of the action rule scope, seen as side effects. In this paper, we strive to minimize the side effects by decomposing the left-hand side of an action rule into executable action rules covered by a minimal number of meta-actions and resulting in a cascading effect. This process was tested and compared to original action rules. Experimental results show that side effects are diminished in comparison with the original meta-actions applied while keeping a good execution confidence. ding effect. This process was tested and compared to original action rules. Experimental results show that side effects are diminished in comparison with the original meta-actions applied while keeping a good execution confidence.