A model of distributed rights allocation in online social interaction : a thesis presented in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Information Technology at Massey University, Albany, Auckland, New Zealand
In computing, the management of information resources is done through access control, a process by which authorized users are granted permission over resources. The last decade has witnessed the emergence of socio-technical systems (STS) like Facebook, Twitter, and YouTube, where millions of users interact with each other and share billions of resources on daily basis. Access control for a STS is different from traditional systems in having to satisfy the social requirements of the community as well as the technical requirements of the system.
The problems traditional access control models face today are firstly the complexity of mapping millions of users to billions of resources, and secondly the social requirements of users who want to own the resources they post. Current access control models for STS manage access through rule semantics, roles, trust, history management or contents. However, there is no general logical scheme that allows users to allocate rights, covering not just transfer and delegation but also joint and several ownership.
The trend from centralized to distributed access control demands a general model to manage rights allocation for users having heterogeneous privacy policies. The model's validity derives from socio-technical design, where social requirements like ownership, freedom and privacy give technical access axioms. The aim is to satisfy not only technical but also social requirements, over which the success of today?s software depends.
This research first proposes the social access control model for supporting local administration, dynamic asymmetric relationships and object privacy classification. This core model is then used as a basis of various rights allocation models. The research further illustrates a rights allocation framework based on various properties of STS and presents a reduction approach to design the model. This framework reduces all the possible rights allocations into four basic models: Replace, Revoke, Share and Merge, which can manage every tweet, every post, and every single communication on any STS. The proposed rights allocation models are demonstrated on various current and hypothetical use-cases of current STS to show that it can be used in any system that has social interactions, and where users want to control their resources. This research extends the online social interactions in STS to new horizons which are currently restricted due to the limitations posed by current technology.