Abstract
Although social computing (SC) has been growing phenomenally, it still lacks an appropriate way of protecting the security and privacy of data shared in the system. Current access control mechanisms in the domain of SC mainly rely on pre-defined access control policies to achieve authorization statically, which are intrinsically unsuitable for capturing the dynamic changes in social environment. In this paper, we explore the approach towards a more flexible and adaptive control through the incorporation of risk awareness in SC. In particular, risk values are associated with users and objects; meanwhile, risk thresholds are defined for each of the permissions. Risk values and risk thresholds can be derived from provenance data in a timely manner. Such dynamic computation can be enabled and facilitated with the incorporation of provenance awareness in SC systems.