TY - GEN
T1 - Personally identifiable information leakage through online social networks
AU - Louw, Candice
AU - Von Solms, Sebastiaan
PY - 2013
Y1 - 2013
N2 - Information sharing on the Internet has become a streamlined process through services such as e-mail, blogs and recently also Online Social Networks (OSNs). The speed of posting information in one central place and the convenience of this information reaching a vast audience at the same time is a great advantage of this style of communication, but at the same time also a danger. The aim of this article is thus to introduce a prototype software model that can analyse not only the Personally Identifiable Information (PII) that users share on OSNs, but with whom they share this. Such analysis will give users a good indication of how their private information is shared based on different settings within their OSN profiles. To successfully develop such a model, familiarity with the concepts of information sharing and PII is firstly investigated. Identifying information leakage within one of the most popular OSNs follows. In combination with our programming knowledge, a prototype model is introduced and an overview of preliminary results is given. Due to the generic nature of the model, we are able to visually introduce and explain the process of information deduction - an aspect of information sharing often overlooked due to its invisible nature. After analysing the information gathered from our model, we conclude that the immense popularity of Facebook on both a global and local scale contribute to its success, but at the same time make its users more prone to leak information and subsequently be the potential targets of cyber criminals. The ease, anonymity and borderless nature of the Internet in combination with the poor default security settings of our investigated OSN all contribute to the lucrative industry of cyber crime. Proper user awareness is crucial to preventing the leaking of any information in an online environment, but for many users this still equates to (a) PII in the sky.
AB - Information sharing on the Internet has become a streamlined process through services such as e-mail, blogs and recently also Online Social Networks (OSNs). The speed of posting information in one central place and the convenience of this information reaching a vast audience at the same time is a great advantage of this style of communication, but at the same time also a danger. The aim of this article is thus to introduce a prototype software model that can analyse not only the Personally Identifiable Information (PII) that users share on OSNs, but with whom they share this. Such analysis will give users a good indication of how their private information is shared based on different settings within their OSN profiles. To successfully develop such a model, familiarity with the concepts of information sharing and PII is firstly investigated. Identifying information leakage within one of the most popular OSNs follows. In combination with our programming knowledge, a prototype model is introduced and an overview of preliminary results is given. Due to the generic nature of the model, we are able to visually introduce and explain the process of information deduction - an aspect of information sharing often overlooked due to its invisible nature. After analysing the information gathered from our model, we conclude that the immense popularity of Facebook on both a global and local scale contribute to its success, but at the same time make its users more prone to leak information and subsequently be the potential targets of cyber criminals. The ease, anonymity and borderless nature of the Internet in combination with the poor default security settings of our investigated OSN all contribute to the lucrative industry of cyber crime. Proper user awareness is crucial to preventing the leaking of any information in an online environment, but for many users this still equates to (a) PII in the sky.
KW - Cyber security
KW - Information access rights
KW - Online social networks
KW - Personally identifiable information
KW - Social engineering
UR - http://www.scopus.com/inward/record.url?scp=84886264799&partnerID=8YFLogxK
U2 - 10.1145/2513456.2513467
DO - 10.1145/2513456.2513467
M3 - Conference contribution
AN - SCOPUS:84886264799
SN - 9781450321129
T3 - ACM International Conference Proceeding Series
SP - 68
EP - 71
BT - South African Institute for Computer Scientists and Information Technologists
T2 - South African Institute for Computer Scientists and Information Technologists: A Connected Society, SAICSIT 2013
Y2 - 7 October 2013 through 9 October 2013
ER -