SOCIAL NETWORK RISK ANALYSIS AND PRIVACY FRAMEWORK
Open Access
- Author:
- Rajasekaran, Sathya Dev
- Graduate Program:
- Electrical Engineering
- Degree:
- Master of Science
- Document Type:
- Master Thesis
- Date of Defense:
- November 18, 2009
- Committee Members:
- Anna Cinzia Squicciarini, Thesis Advisor/Co-Advisor
Anna Cinzia Squicciarini, Thesis Advisor/Co-Advisor
John Metzner, Thesis Advisor/Co-Advisor - Keywords:
- Social Network
Privacy
Security
Risk Analysis
Organization
Employee - Abstract:
- With the tremendous growth in Social Networks, it is of most importance to extend the current research and studies towards the risk associated with it. A Nielsen report reveals that more than two-thirds of the world’s Internet population visit social networking sites each month, accounting for almost 10% of all internet time. Recent studies have also shown that users post massive amounts of personal and professional information on the social network. Hence it becomes absolutely necessary to enhance the safety and reduce the risk associated with the usage of social networks. This thesis aims at exploring the consequences of the adoption of social networks by employees working in enterprises. In the first part of the thesis we suggest methodologies to answer questions related to the risks incurred in an organization due to the usage of social network by its employees, efficient approaches that can be taken to mitigate the different risks and the financial and organizational implications for an organization in implementing any of the possible risk mitigation approaches. In the second part of the thesis we propose a new flexible framework for privacy policy generation in social networks, filling the gap between the privacy management needs of a social network user and privacy protection mechanism provided by the current social networks. We conclude, with the help of simulation results, that the framework proposed significantly enhances the privacy and security of the profile information on the social network at the cost of very little time overhead for the user.