PRIVACY AND SECURITY IN ONLINE

SOCIAL MEDIA
UNIT1-UNIT2-UNIT3-UNIT4-UNIT5

Subject Code: B120404T

VERSION 1.1

Faculty -
Gaurav Chaudhary
Assistant Professor
SOS-Department of CS
NOIDA INTERNATIONAL UNIVERSITY
GREATER NOIDA
B120404T : Privacy and Security in Online Social Media
CO 1 Understand working of online social networks K2,
CO 2 Describe privacy policies of online social media K2,
CO 3 Analyse countermeasures to control information sharing in Online social networks. K3,
CO 4 Apply knowledge of identity management in Online social networks K3,
CO 5 Compare various privacy issues associated with popular social media. K3
DETAILED SYLLABUS 2-0-0
I Introduction to Online Social Networks: Introduction to Social Networks, From offline to Online Communities,
Online Social Networks, Evolution of Online
Social Networks, Analysis and Properties, Security Issues in Online Social Networks, Trust Management in Online
Social Networks, Controlled Information
Sharing in Online Social Networks, Identity Management in Online Social Networks, data collection from social
networks, challenges, opportunities, and
pitfalls in online social networks, APIs; Collecting data from Online Social Media.
II Trust Management in Online Social Networks: Trust and Policies, Trust and Reputation Systems, Trust in Online
Social, Trust Properties, Trust Components,
Social Trust and Social Capital, Trust Evaluation Models, Trust, credibility, and reputations in social systems; Online
social media and Policing, Information
privacy disclosure, revelation, and its effects in OSM and online social networks; Phishing in OSM & Identifying
fraudulent entities in online social networks
III Controlled Information Sharing in Online Social Networks: Access Control Models, Access Control in Online
Social Networks, Relationship-Based Access
Control, Privacy Settings in Commercial Online Social Networks, Existing Access Control Approaches
IV Identity Management in Online Social Networks: Identity Management, Digital Identity, Identity
Management Models: From Identity 1.0 to Identity 2.0, Identity
Management in Online Social Networks, Identity as Self-Presentation, Identity thefts, Open Security Issues in Online
Social Networks
V Case Study: Privacy and security issues associated with various social media such as Facebook, Instagram,
data collection from social networks, challenges, opportunities, and
pitfalls in online social networks, APIs; Collecting data from Online Social Media.

What type of data is collected by social media?

Social media data is all the raw data collected from users of
social networks. The data collected by social media sites vary
from one platform to another. However, some of the commonly
tracked data include:

Comments
Likes
Mentions
Impressions
Shares
Conversions
Engagement time
Clicks (most crucial)
Note: click metadata is important for understanding the
behaviors of social media users, and what influenced their
decisions.
But to be a little more specific, here's why
social media data collection is
vital/opportunities:
•Real-time market research: Social media is like
a constant focus group. It allows you to quickly
gather feedback on new products and
social media marketing efforts. This means that
you can skip traditional research methods that are
expensive and time-consuming.
•Spotting emerging trends: With the right data,
you can anticipate trends and consumer
sentiments in real time, giving you the power to
adapt your strategy and outpace your
competitors.
•ROI-focused marketing: If you're unsure where
to invest your ad dollars, data analytics can guide
you. Gain insights into the most effective
platforms, campaigns and content to ensure a real
return on your investment.
•Insights into customer behavior: Social media
data holds valuable clues about the success of
your products and how customers feel about your
brand. It reveals which aspects of your efforts are
 Challenges

pitfalls in online social networks

How to Use Social Media Data Points For Your
Business
To pull out the social media data that is useful to
your company, you need to answer the following
questions:
•Who is my target audience?
•What social networks do they use regularly?
•How do they interact with social media networks?
Once you’ve answered these questions, it’s much
easier to narrow down the social media data that
will be most useful to understand your consumers
better. For example:
Your company sells themed cakes and one of your
target audiences is parents of kids aged 1-16.
Which social media collects the most data?
According to Clario, it is stated that out of all the
data a business can legally collect about you,
Facebook collects 79.49%, and Instagram comes
next.
It is estimated that Instagram (a Facebook-owned
app) collects 69.23% of all available data, which
includes the hobbies, height, weight, and
sexual orientation of its users.
TikTok collects up to 46.15% of available data on
its users, which includes facial recognition, voice
data, and images.
data collection from social networks, challenges, opportunities, and
pitfalls in online social networks

What is social media data?

Social media data is the information gathered from social
media platforms. This includes data on engagement, reach,
click-through rates, demographics, customer feedback and
user-generated content. Analyzing this info will give your
business valuable insights into audience behavior and trends so
you can make informed decisions and optimize your social
media strategies.

In short, social media data can help you:

Fine-tune your marketing strategy by understanding what

resonates with your audience
Improve customer service by spotting issues and trends before
they escalate
Create more engaging content that’s tailored to what your
followers want to see
Identify influencers and brand advocates who can amplify your
message
Track your competitors' moves and adapt your strategies
accordingly
II Trust Management in Online Social
Networks: Trust and Policies, Trust and Reputation
Systems, Trust in Online Social, Trust Properties,
Trust Components,
Social Trust and Social Capital, Trust Evaluation
Models, Trust, credibility, and reputations in social
systems; Online social media and Policing,
Information
privacy disclosure, revelation, and its effects in
OSM and online social networks; Phishing in OSM &
Identifying fraudulent entities in online social
networks
TRUST MANAGEMENT
UNIT-3

Controlled Information Sharing in Online

Social Networks: Access Control Models, Access
Control in Online Social Networks, Relationship-
Based Access
Control, Privacy Settings in Commercial Online
Social Networks, Existing Access Control
Approaches
ANOTHER DESCRIPTION:

Controlled Information Sharing in Online

Social Networks
Controlled information sharing in online social networks is a
crucial topic that addresses how users can manage and protect
their personal data while interacting on platforms like
Facebook, Twitter, and LinkedIn.
The main challenges include:
1.Privacy Concerns: Ensuring that personal information shared
on social networks remains private and is not accessed by
unauthorized users.
2.Access Control: Implementing mechanisms that allow users
to control who can view or share their information.
3.Security Risks: Protecting data from malicious attacks and
unauthorized access.
Researchers have proposed various models and frameworks to
address these issues, such as multiparty access control models
that allow users to specify and enforce privacy policies for
shared data.
 Controlled Information
Sharing in Online Social Networks,

The enormous success and diffusion that online social networks (OSNs) are encountering nowadays is vastly apparent. Users'
social interactions now occur using online social media as communication channels; personal information and activities are
easily exchanged both for recreational and business purposes in order to obtain social or economic advantages. In this scenario,
OSNs are considered critical applications with respect to the security of users and their resources, for their characteristics alone:
the large amount of personal information they manage, big economic upturn connected to their commercial use, strict
interconnection among users and resources characterizing them, as well as user attitude to easily share private data and
activities with strangers. In this book, we discuss three main research topics connected to security in online social networks: (i)
trust management, because trust can be intended as a measure of the perception of security (in terms of risks/benefits) that
users in an OSN have with respect to other (unknown/little-known) parties; (ii) controlled information sharing, because in OSNs,
where personal information is not only connected to user profiles, but spans across users' social activities and interactions, users
must be provided with the possibility to directly control information flows; and (iii) identity management, because OSNs are
subjected more and more to malicious attacks that, with respect to traditional ones, have the advantage of being more effective
by leveraging the social network as a new medium for reaching victims. For each of these research topics, in this book we
provide both theoretical concepts as well as an overview of the main solutions that commercial/non-commercial actors have
proposed over the years. We also discuss some of the most promising research directions in these fields.
IV
Identity Management in Online Social Networks: Identity
Management, Digital Identity, Identity Management Models:
From Identity 1.0 to Identity 2.0, Identity
Management in Online Social Networks, Identity as Self-
Presentation, Identity thefts, Open Security Issues in Online
Social Networks
Identity Management in Online Social Networks 4.2 IDENTITYMANAGEMENT
Traditionally, identity management (IdM) refers to the task of controlling information about managed
entities on computers. Managed entities typically include users, hardware and network resources,
4.1 INTRODUCTION and even applications. Such information includes data that authenticate the identity of
Identity management (IdM) generally describes the management of user identities and their an entity, that describes actions the entity is authorized to perform. It also includes the management
rights of descriptive information about the entity and how and by whom that information can be
to access resources throughout the identity life cycle, according to users' rights and restrictions accessed and modified.
associated with the established identities. Identity management systems provide services and The concept of identity spans across different fields, from Philosophy, where identity, from
technologies Latin identitas (sameness), is the relation each thing bears just to itself/ to Social Sciences, where
for controlling user access to critical information. Among these services and technologies, identity may be defined as "the distinctive characteristic belonging to any given individual, or
the most well known include Active Directory, Identity Providers, Digital Identities, Password shared by all members of a particular social category or group" [243].
Managers, Single Sign-on, Security Tokens, Security Token Services (STS), OpenID, WSSecurity, 4.2.1 DIGITAL IDENTITY
WS-Trust, SAML 2.0, and OAuth. In Computer Science, the term digital identity is used to define "the digital representation of
59 the information known about a specific individual or organization, in a specific application domain''
The development of Web 2.0 technologies has led to the definition of the concept of Online [256,279]. It includes unique descriptive data, allowing a precise identification of an entity
Identity Management (OIM), whose meaning it twofold. among others, as well as other generic information. According to [158], an entity (such as a person
• When it refers to online image management or online personal branding or personal or an organization) may have multiple identities, and each identity may consist of multiple
reputation characteristics that can be unique or non-unique identifiers.
management (PRM), OIM is a set of methods for generating a distinguished Web presence An identity domain is a domain where each identity is unique. For users, derived from psychological
of a person on the Internet. That presence could be reflected in any kind of content that refers concepts summarized by the Future of ldentity in the Information Society (FIDIS),2
to the person, including news, participation in blogs and forums, personal websites [198], a digital identity can be seen as constituted by:
social media presence, pictures, videos, etc. 1. a personal identity, composed of persistent identity information such as name, date of birth
• But online identity management also refers to identity disclosure and identity theft, and has and genealogical relations;
particularly been developed in the management of online identity in social network services 2. a shared identity, that is, information which is susceptible to change such as social network
[266]. of user profile information ( shopping list, centers of interest, friends); and
In OSNs, aspects belonging to both meanings constitute an integral part of the identity 3. an abstract identity, consisting of derived or inferred information about the user.
construction process on these sites. Due to impression management [ 41], i.e., "the process Nowadays, according to Viviani et al. [270], in the context of engineering online systems,
through the management of digital identities can involve three main research fields.
which people try to control the impressions other people form of them"-one of whose • The pure identity field: issues concerning the creation, management and deletion of digital
objectives identities without considering access issues (e.g., anonymization problems).
is in particular to increase the online reputation of the person-users provide a lot of personal • The user access field: issues concerning user access requirements connected the need to assume
information concerning their identities. This identity disclosure brings to mind several identity a unique digital identity across applications and networked infrastructures.
attacks which are particularly insidious in online social networks.
In this chapter, after having briefly introduced the general concepts connected to identity
management (Section 4.2), we will discuss in detail the concerns and solutions connected to
online
identity management, considering the different meanings it has in online social networks
(Section
4.3) as introduced before, and focusing in particular on identity protection (Section 4.3.3).
UNIT-5

CASE STUDY: Privacy and security issues associated with various social media such as Facebook, Instagram, Twitter,
LinkedIn etc.