Adaptive Access Control Enforcement in Social Network Using Aspect Weaving

Current social network systems support a large range of applications with very different security requirements. Even if available social network solutions provide some security functionalities, users do not control these functionalities and cannot customize them to handle their specific security needs. In this paper, we suggest a new approach to handle these issues. This approach is based on Aspect Oriented Programming (AOP) which enables the enforcement of an independent, reusable access control policy through the modification of the program at runtime. This makes possible to externalize the security concerns and weave them into an existing social network. Using this approach, it is possible to customize security of social network at different levels. First, one can specify the global security policy of the particular social network application and then, each member of this social network can further refine this global policy to specify their specific security requirements. This approach is illustrated on the open source social network system Elgg.