Social networks have developed the most important platforms
allowing third party developers to create applications targeting
their members. To install and run on the accounts
users, these applications need access to different types of
data within the account, according to a set of permissions.
Each authorization (as it appears to the user in the box
Request permission reproduced here) is more than one category
of data. For example, by selecting "Go to my information
base ", the user can grant access to a range of information
personal, as his list of friends, or other information shared
by all. The ability to select what type of information is
provides access does not exist, the user is not really aware of
data actually exposed. An attacker using an application
manipulative can take over all existing information.
3 .1. Permission Facebook
Fig. 4 - page Request permission to an application. access
to my data base includes: user name, profile picture,
gender, networks, user ID, and other information
the user has shared with everyone.
Facebook being the most popular social network, this section will
review its licensing system and risks to data
personal user. The full list of permissions, side view
the application developer, as the data associated with that
These give access permissions, can be found
Aucun commentaire:
Enregistrer un commentaire