To experience how to formulate our view according to principles in knowledge building and epistemic cognition in a social network environment, which may lead to the creation of new knowledge, I read the Wikipedia’s descriptions about Security service (telecommunication) to give some views about online social network security.
First, let me describe what the conventional security objectives/security services are. The OSI security services containing five key points, authentication, access control, data confidentiality, data integrity and non- repudiation. For authentication, these services provide authentication for peer entity and data origin authentication. For access control, this service provides protection against unauthorized access to a resource, such as using, reading, writing, deletion or execution. For data confidentiality, these services provides for the protection of data from unauthorized disclosure as connection, selective field, traffic flow confidentiality. For data integrity, these services counter active threats and may take one of the forms such as connection integrity with recovery, connection integrity without recovery, selective field connection integrity, connectionless integrity, and selective field connectionless integrity. For non-repudiation, this service may take one or both of two forms such as non-repudiation with proof of origin and non-repudiation with proof of delivery.
Thirdly, let me talk about my view of the differences between the social network security objectives and conventional online networks. The privacy and availability is new in social network security objects, which are not mentioned in conventional online networks. The privacy in social network may involve many components of conventional networks security objectives, such authentication, access control, and data confidentiality. Users publish their own information, which is only accessed by a part of users (who are on their contacts). And these users also need be authenticated in this group. The communications between these users are confidential, only trusted parties can trace, know it. Furthermore, in social network, the information is prevented to disclosure to other entrusted parties. All in all, information of users and their communications, actions is hidden to anyone unless users approved the access request themselves.
At last, I will share my opinion for a case of one of the above differences. Sir John Sawers is the incoming head of MI6, essentially the British equivalent of the CIA, who is the director of the United States Central Intelligence Agency, which is responsible for providing national security intelligence to senior U.S. policymakers, including the President, and who manages the operations, personnel, and budget of the CIA. His wife posted sensitive personal information to her Facebook page, including the address of the couple's London apartment and the locations of their children and Sir John's parents. She also posted family photos that included her half-brother, who was an associate and researcher for a historian who has been convicted of Holocaust denial. Her Facebook profile was left open to anyone in the London network[1]. Even we assume that the wife chose some features that social network provides protection on privacy, avoid untruth party to access it. There still are threats such as Digital dossier aggregation: profiles on online SNSs can be downloaded and stored by third parties, creating a digital dossier of personal data. Furthermore the malicious hackers can hack and get the information, or though some posted photo to locate the users.
Nowadays, social networks add many interesting features, such as status updating, locating services. At the mean time, these features bring many threats. Criminals can use social networks to target people in the real world. A report from The Digital Criminal, found that 38% of users of sites like Facebook and Twitter have posted status updates saying when they are away for the weekend. According to that same report, 23% of social media users have discussed vacation plans "wall-to-wall" outside the privacy of their own page and 17% have reported seeing people’s residential addresses posted on pages that can be seen by strangers [2]. Maybe users should not so rely on social network security now, after all, it born to this world not very long. Users should protect themselves by good practice as well, such as do not upload sensitive information to SNS (e.g. detail addresses, phone number, email addresses), do not share detail status on SNS (e.g. when, where to take vaction) and so on.
I agreed that the sensitive information should not be posted into the social networking sites. However, many users now would include their phone number in their Facebook. It is still a controversial issue in the social networking development.
回复删除It remind me of a case that some criminal track the personal information of parents on weibo and try to kidnap their kids.Those parents like to post photos and other information about their children on social network.But they never realize that criminals will take advantage of those information.
回复删除Yes, it is really dangerous. We need be very carefull when use these social networking functions when they are not so consummate.
删除the information shared on the social network can be used in human fresh searching, which has generally been stigmatized as being for the purpose of identifying and exposing individuals to public humiliation, usually out of Chinese nationalistic sentiment, or to break the Internet censorship in the People's Republic of China.More recent analyses, however, have shown that it is also used for a number of other reasons, including exposing government corruption, identifying hit and run drivers, and exposing scientific fraud, as well as for more "entertainment" related items such as identifying people seen in pictures.
回复删除anyway, i think it's dangerous to share to many personal information on the socia networks.
Yes, it is not sensible to post too much personal information on social networks. I remembered that there is an student in Qinghua university claiming that he could tell us the residence address of a famous actress through a photo of her. After the actress moved to another place, he posted the way how to deduce and the result on his blog. He just related some blogs of the actress(which seems really not very related to the location and place), google 3D maps, and some site visits, he could tell her leaving places. It is so dangerous to disclosure too much information on social networks!
删除However, social networking sites can hinder many risks to users as discussed in lectures. With so much risks, how can we protect ourselves?
回复删除I think we can propose a very good safety standard and make the companies follow this standard. Next, we can develop some web applications or software call "Anti-social risks" something like "Anti-virus" software to scan the risks of the sites. In fact, this can also be done by the extensions of browsers. Detail reports can be exported from these software to alert the dangerous sites and actions to users. Finally, I think enough education should be done by government and schools to the new generations to protect our properties from using social network.
It is really a good idea to ask everybody to follow the safety standard. I want add a point to your web application point, maybe the detailed reports can be sent to users' email when there are some critical events or warnings, or some abnormal behaviors happen automatically.
回复删除Security has always been a major concern for all Internet User. In many cases, malicious hackers are able to take control of a computer, steal sensitive information or use it against millions across the world. Nowadays, people use mobile device even more and a lot of personal data are stored in it instead.I think new Security measures are needed in mobile device too.
回复删除Can you post anything online, think about what a hacker could do with that data? I don’t think many of us can do that. Even you are often to hear that some “stupid” thief will post their track on twitter or Facebook.
回复删除More and more warning word just annoying users and encourage them to ignore these words.