{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T00:16:28Z","timestamp":1725754588660},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319029368"},{"type":"electronic","value":"9783319029375"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-319-02937-5_10","type":"book-chapter","created":{"date-parts":[[2013,10,30]],"date-time":"2013-10-30T15:52:40Z","timestamp":1383148360000},"page":"179-198","source":"Crossref","is-referenced-by-count":1,"title":["Resource Access Control in the Facebook Model"],"prefix":"10.1007","author":[{"given":"Konstantinos","family":"Chronopoulos","sequence":"first","affiliation":[]},{"given":"Maria","family":"Gouseti","sequence":"additional","affiliation":[]},{"given":"Aggelos","family":"Kiayias","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"unstructured":"Facebook: Data Use Policy | Facebook (October 15, 2012), \n                    \n                      http:\/\/www.facebook.com\/about\/privacy\/your-info-on-other","key":"10_CR1"},{"unstructured":"Facebook: Removal of offline_access permission (October 16, 2012), \n                    \n                      https:\/\/developers.facebook.com\/roadmap\/offline-access-removal","key":"10_CR2"},{"unstructured":"Facebook: Access Tokens and Types (November 14, 2012), \n                    \n                      http:\/\/developers.facebook.com\/docs\/concepts\/login\/access-tokens-and-types","key":"10_CR3"},{"unstructured":"Facebook: New security restrictions for OAuth authorization codes (November 14, 2012), \n                    \n                      https:\/\/developers.facebook.com\/roadmap","key":"10_CR4"},{"unstructured":"Chari, S., Jutla, C., Roy, A.: Universally composable security analysis of OAuth v2.0. Cryptology ePrint Archive, Report 2011\/526 (2011)","key":"10_CR5"},{"doi-asserted-by":"crossref","unstructured":"Pai, S., Sharma, Y., Kumar, S., Pai, R.M., Ringh, S.: Formal verification of OAuth 2.0 using Alloy framework. In: Proceedings of the International Conference on Communication Systems and Network Technologies (CSNT), pp. 655\u2013659 (2011)","key":"10_CR6","DOI":"10.1109\/CSNT.2011.141"},{"doi-asserted-by":"crossref","unstructured":"Luo, W., Xie, Q., Hengartner, U.: FaceCloak: An architecture for user privacy on social networking sites. In: PASSAT (2009)","key":"10_CR7","DOI":"10.1109\/CSE.2009.387"},{"doi-asserted-by":"crossref","unstructured":"Lucas, M.M., Borisov, N.: flyByNight: Mitigating the privacy risks of social networking. In: WPES (2008)","key":"10_CR8","DOI":"10.1145\/1456403.1456405"},{"doi-asserted-by":"crossref","unstructured":"Guha, S., Tang, K., Francis, P.: NOYB: Privacy in online social networks. In: WOSN (2008)","key":"10_CR9","DOI":"10.1145\/1397735.1397747"},{"doi-asserted-by":"crossref","unstructured":"Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: An online social network with user-defined privacy. In: SIGCOMM (2009)","key":"10_CR10","DOI":"10.1145\/1592568.1592585"},{"doi-asserted-by":"crossref","unstructured":"Jahid, S., Mittal, P., Borisov, N.: EASiER: Encryption-based Access Control in Social Networks with Efficient Revocation. In: ASIACCS (2011)","key":"10_CR11","DOI":"10.1145\/1966913.1966970"},{"unstructured":"Top 15 Most Popular Social Networking Sites (November 16, 2012), \n                    \n                      http:\/\/www.ebizmba.com\/articles\/social-networking-websites","key":"10_CR12"},{"doi-asserted-by":"crossref","unstructured":"Hardt, D. (ed.): The OAuth 2.0 Authorization Protocol ( November 16, 2012), \n                    \n                      http:\/\/tools.ietf.org\/html\/draft-ietf-oauth-v2-31","key":"10_CR13","DOI":"10.17487\/rfc6749"},{"doi-asserted-by":"crossref","unstructured":"Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: A semantic web based framework for network access control. In: SACMAT, pp. 177\u2013186 (2009)","key":"10_CR14","DOI":"10.1145\/1542207.1542237"},{"doi-asserted-by":"crossref","unstructured":"Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer\u00a029(2) (1996)","key":"10_CR15","DOI":"10.1109\/2.485845"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/11836025_15","volume-title":"The Semantic Web \u2013 ASWC 2006","author":"S.R. Kruk","year":"2006","unstructured":"Kruk, S.R., Grzonkowski, S., Gzella, A., Woroniecki, T., Choi, H.-C.: D-FOAF: Distributed identity management with access rights delegation. In: Mizoguchi, R., Shi, Z.-Z., Giunchiglia, F. (eds.) ASWC 2006. LNCS, vol.\u00a04185, pp. 140\u2013154. Springer, Heidelberg (2006)"},{"doi-asserted-by":"crossref","unstructured":"Sun, S.-T., Beznosov, K.: The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems. CCS (2012)","key":"10_CR17","DOI":"10.1145\/2382196.2382238"},{"unstructured":"Lang, B.: Trust Degree Based Access Control for Social Networks. In: Proc. of the International Conference on Security and Cryptography (2010)","key":"10_CR18"},{"unstructured":"Ferraiolo, D., Kuhn, R.: Role-based access controls. In: 15th NIST-NCSC National Computer Security Conference, pp. 554\u2013563 (October 1992)","key":"10_CR19"},{"issue":"11","key":"10_CR20","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1109\/2.241422","volume":"26","author":"R.S. Sandhu","year":"1993","unstructured":"Sandhu, R.S.: Lattice-based access control models. IEEE Computer\u00a026(11), 9\u201319 (1993)","journal-title":"IEEE Computer"},{"doi-asserted-by":"crossref","unstructured":"Sandhu, R.S., Samarati, P.: Access Control: Principles and Practice. In: IEEE Communications Magazine, pp. 40\u201348 (September 1994)","key":"10_CR21","DOI":"10.1109\/35.312842"},{"key":"10_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/BFb0055718","volume-title":"Advances in Cryptology - CRYPTO \u201998","author":"M. Bellare","year":"1998","unstructured":"Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations Among Notions of Security for Public-Key Encryption Schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol.\u00a01462, pp. 26\u201345. Springer, Heidelberg (1998)"},{"unstructured":"Facebook: Using the signed_request Parameter, \n                    \n                      http:\/\/developers.facebook.com\/docs\/howtos\/login\/signed-request\/\n                    \n                    \n                   (March 18, 2013)","key":"10_CR23"},{"unstructured":"Doshi, N.: Facebook Applications Accidentally Leaking Access to Third Parties - Updated (May 10, 2011), \n                    \n                      http:\/\/www.symantec.com\/connect\/blogs\/facebook-applications-accidentally-leaking-access-third-parties\n                    \n                    \n                   (June 26, 2013)","key":"10_CR24"}],"container-title":["Lecture Notes in Computer Science","Cryptology and Network Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-02937-5_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,24]],"date-time":"2019-05-24T02:01:15Z","timestamp":1558663275000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-02937-5_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783319029368","9783319029375"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-02937-5_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}