Access Control

Access Control is how security systems control what resources can be acted upon by which entities. In this course we will be focused on social media and how controls there work.

Required Reading

None

Learning Outcomes

Topics

• Access control policies
• Social media permissions

Understand

• What “actions”, “resources”, and “enttities” are.
• People prefer actions over configuration.

Apply

• Look at the access control policy associated with a social media post. Try properly listing out who can and cannot see it.
• Think about your own social media threat model.

Additional Readings

• Dilara Keküllüoglu, Kami Vaniea, Maria K. Wolters, Walid Magdy (2023). Twitter has a Binary Privacy Setting, are Users Aware of How It Works?. In Proceedings of the 2023 ACM SIGCHI Conference on Computer-Supported Cooperative Work and Social Computing (CSCW23).