SSStttooonnnyyy BBBrrrooooookkk UUUnnniiivvveeerrrsssiiitttyyy The official electronic file of this thesis or dissertation is maintained by the University Libraries on behalf of The Graduate School at Stony Brook University. ©©© AAAllllll RRRiiiggghhhtttsss RRReeessseeerrrvvveeeddd bbbyyy AAAuuuttthhhooorrr... Content-based Access Control A Dissertation Presented by Michael Andrew Hart to The Graduate School in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy in Computer Science Stony Brook University May 2011 Stony Brook University The Graduate School Michael Andrew Hart We, the dissertation committee for the above candidate for the Doctor of Philosophy degree, hereby recommend acceptance of this dissertation. Rob Johnson – Dissertation Advisor Assistant Professor, Computer Science Yejin Choi - Chairperson of Defense Assistant Professor, Computer Science Scott Stoller Professor, Computer Science Mónica F. Fernandez-Bugallo Professor, Electrical and Computer Engineering, Stony Brook University This dissertation is accepted by the Graduate School Lawrence Martin Dean of the Graduate School ii Abstract of the Dissertation Content-based Access Control by Michael Andrew Hart Doctor of Philosophy in Computer Science Stony Brook University 2011 In many contexts, users are either unable or unwilling to specify their access control policies. In Data Loss Prevention, for example, users cannot fully express what is secret in rule-based formats. Many users are unwilling to use access controls, particularly in the Web 2.0, because they are too draconian, leading to disastrous consequences in terms of privacy. To address both of these issues, we have introduced the concept of Content-Based Access Control (CBAC). CBAC combines content recognition with policy acquisition and enforcement. A CBAC-enabled system can be trained to recognize policy violations by learning what is secret from examples. This defense will discuss how CBAC can be successfully applied to Data Loss Prevention, Wikipedia Vandalism and the Web 2.0. Usability is integral to providing better CBAC systems and privacy interfaces, and this defense demonstrates improvements in the usability of these systems. iii Table of Contents List of Tables..................................................................................................................................ix List of Figures.................................................................................................................................xi Chapter 1 Introduction....................................................................................................................1 1.1 The Web 2.0..............................................................................................................................3 1.2 Consequences of the Web 2.0...................................................................................................6 Chapter 2 Current Access Controls...............................................................................................11 2.1 Introduction.............................................................................................................................11 2.2 Other privacy and access control schemes..............................................................................16 2.2.1 eXtensible Access Control Markup Language (XACML)..................................................18 2.2.2 Platform for Privacy Preferences (P3P)...............................................................................20 2.2.3 Social Contract Core............................................................................................................23 2.2.4 Policy-Aware Web...............................................................................................................25 2.2.5 EUFORBIA..........................................................................................................................30 2.2.6 The Accountability Perspective...........................................................................................34 2.3 Situations where policy enforcement is minimally useful......................................................36 2.4 Synthesis.................................................................................................................................38 Chapter 3 Content-based Access Control (CBAC).......................................................................40 3.1 Definition of a CBAC system.................................................................................................41 3.2 Implementation.......................................................................................................................42 3.3 CBAC applications.................................................................................................................44 Chapter 4 Privacy/Policy-aware Blogging....................................................................................46 iv 4.1 Privacy schemes in blogs and social-networks.......................................................................47 4.2 The Plog policy language........................................................................................................48 4.2.1 Tag usage on existing private posts.....................................................................................51 4.3 Plog WordPress plugin...........................................................................................................55 4.3.1 Tag rule authoring interface.................................................................................................55 4.3.2 Per-post policy editing interface..........................................................................................55 4.4 Evaluation...............................................................................................................................58 4.4.1 Participants...........................................................................................................................58 4.4.2 Experimental design.............................................................................................................58 4.4.3 Training................................................................................................................................59 4.4.4 Tasks....................................................................................................................................60 4.4.5 Procedure.............................................................................................................................61 4.5 Results.....................................................................................................................................62 4.5.1 Tag rule usage......................................................................................................................62 4.5.2 Accuracy on privacy tasks...................................................................................................62 4.5.3 Accuracy on distractor tasks................................................................................................63 4.5.4 Time to completion of privacy tasks....................................................................................64 4.5.5 Time to completion of distractor tasks.................................................................................64 4.5.6 Subjective evaluation results................................................................................................65 4.5.7 Size of tag rule policies........................................................................................................66 4.6 Discussion...............................................................................................................................66 4.7 Related work...........................................................................................................................68 4.8 Conclusion..............................................................................................................................70 v Chapter 5 Policy Inference for PLOG..........................................................................................72 5.1 Tag suggesters for blogs.........................................................................................................72 5.2 Tag usage on individual blogs................................................................................................74 5.3 iTag description......................................................................................................................77 5.3.1 TagAssist..............................................................................................................................77 5.3.2 iTag .....................................................................................................................................78 5.4 Evaluations and results...........................................................................................................80 5.5 Discussion...............................................................................................................................82 5.6 Future work.............................................................................................................................83 5.7 Conclusions.............................................................................................................................84