1.

Define access control in the context of online social  TikTok: Users may craft identities based on humor,
networks. talent, or activism to build a following or fit into
Access control in online social networks is a security mechanism specific communities.
that determines what content or features users can access and This shaping of identity can be empowering but also
what actions they are allowed to perform. It involves setting stressful, as users often feel pressured to maintain
permissions for who can view posts, send friend requests, idealized versions of themselves.
comment, or access private information. For instance, a user on 7. Discuss the major privacy challenges faced by users on
Facebook may configure their photo albums to be visible only to Facebook and Instagram, and suggest effective strategies to
friends, while posts in a public group are viewable by anyone. mitigate these risks.
Effective access control ensures user autonomy over data Challenges:
visibility and helps prevent unauthorized interactions, identity  Data overcollection: Platforms gather detailed user
theft, or exposure to harmful content. behavior and metadata for ad targeting.
2. What is the main goal of privacy settings on social media?  Invasive ads: Personalized ads often feel intrusive due
The main objective of privacy settings is to empower users to to extensive profiling.
manage how their data is collected, used, and shared. These  Unclear permissions: Users may unknowingly allow
settings help users determine who can see their content, interact third-party apps to access their data.
with them, or find their profiles. By allowing control over  Lack of transparency: Frequent updates to privacy
personal visibility, location tagging, friend lists, and more, policies make it hard to stay informed.
privacy settings protect users from potential risks like stalking, Strategies:
harassment, unsolicited contact, and misuse of personal data by  Enable two-factor authentication.
advertisers or malicious entities.
 Audit and revoke third-party app permissions regularly.
3. List two open security issues in identity management on
 Use private profiles and restrict visibility for posts and
social platforms.
stories.
 Phishing and impersonation: Attackers can create fake
 Limit location sharing and disable facial recognition
profiles that mimic real users to deceive others into
features.
sharing personal or financial information. These fake
 Stay updated on privacy policy changes and adjust
accounts are difficult to detect at scale.
settings accordingly.
 Weak authentication mechanisms: Many platforms
8. Compare and contrast the privacy policies of Twitter and
still rely primarily on usernames and passwords, which
Facebook. How do they handle user data collection and
are vulnerable to brute force attacks or data breaches.
third-party sharing?
Without multi-factor authentication (MFA),
Facebook:
compromised credentials can be easily exploited.
 Collects a vast range of data: user interactions,
4. What is meant by end-to-end encryption?
browsing habits, third-party activity, etc.
End-to-end encryption (E2EE) ensures that data transmitted
between two parties is encrypted in such a way that only the  Shares data with advertisers, partners, and third-party
sender and intended recipient can decrypt and read it. No apps for targeted marketing.
intermediaries—not even the platform provider—can access the  Has faced criticism and legal scrutiny (e.g., Cambridge
message content. For example, WhatsApp and Signal use E2EE Analytica) over opaque data practices.
to protect user chats, ensuring that even if the platform’s servers  Offers detailed but often overwhelming privacy
are breached, user messages remain secure and unreadable to settings.
attackers or unauthorized personnel. Twitter:
5. Explain the importance of customizable privacy settings in  Collects data such as tweet engagement, device
commercial social networks. information, and browsing patterns.
Customizable privacy settings are crucial because they cater to  Uses data for personalization and advertising, but shares
the diverse needs of users regarding privacy and safety. Users less with third parties compared to Facebook.
should be able to:  Offers simpler, more accessible privacy settings.
 Restrict who can see their posts (public, friends only, In short, both platforms collect and use data for business
custom groups). purposes, but Facebook engages in broader, deeper data
 Control what data third-party apps can access. integration across services.
 Decide if their profile can be found via search engines. 9. Critically analyze the challenges of implementing fine-
This flexibility enhances user trust, encourages grained access control in large-scale social networks.
engagement, and helps platforms comply with privacy Fine-grained access control allows users to define very specific
laws like GDPR and CCPA. Without such controls, rules about who can access each type of data. Implementing this
users may feel exposed and may reduce their activity or in a platform with millions of users is complex due to:
abandon the platform.  Scalability issues: Managing individual privacy
6. Explain the concept of "identity as self-presentation" with preferences for each piece of content consumes massive
examples from popular online platforms. system resources.
"Identity as self-presentation" means that individuals consciously  Complexity for users: Users may find it difficult to
curate and manage their online persona to influence how others understand and configure detailed permissions.
perceive them.  Policy conflicts: Overlapping access rules can lead to
Examples: ambiguity and inconsistent enforcement.
 Instagram: Users share carefully selected photos and  Performance degradation: Evaluating complex access
captions to convey a specific lifestyle or aesthetic, such rules in real time for every content interaction can slow
as travel, fashion, or fitness. down the platform.
 LinkedIn: Users highlight achievements, job roles, and Despite its benefits in enhancing user control, the
skills to present a professional, career-focused identity. overhead of fine-grained control must be balanced with
usability and system performance.
10. How do online platforms like Facebook or LinkedIn 2. Explain the Role of Identity Management in Online
implement identity verification? Discuss their mechanisms Social Networks
and effectiveness. Identity management is crucial for creating and maintaining
Mechanisms: digital personas. It allows platforms to:
 Verification via email/phone number during signup.  Verify authenticity: Prevent impersonation and fake
 Government ID upload in suspicious cases or when profiles.
users apply for verified status.  Enable personalization: Tailor content and
 Behavioral analysis: Unusual login patterns or mass advertisements to individual preferences.
friend requests may trigger identity verification.  Control access: Restrict content visibility to specific
 Crowdsourced reporting: Users can report fake audiences (e.g., friends, followers).
profiles for review.  Enhance security: Use credentials and authentication
Effectiveness: to safeguard user data.
These methods reduce spam and impersonation but aren’t 3. List Two Security Issues Commonly Faced by Online
foolproof. Attackers can still use fake or stolen identities to Social Networks
create convincing profiles. Moreover, requiring government IDs a. Phishing Attacks:
raises privacy concerns and may exclude users in certain regions Cybercriminals trick users into revealing personal data (e.g.,
or with limited documentation. passwords, credit card numbers) by pretending to be trustworthy
11. Evaluate the effectiveness of current privacy settings and entities.
controls on Instagram. Are users truly in control of their b. Data Breaches:
data? Unauthorized access to user data due to weak cybersecurity
Instagram provides various privacy tools: measures can lead to identity theft, blackmail, or resale of
 Private accounts to limit follower access. personal information.
 Controls for comments, story replies, and message 4. Discuss the Evolution of Online Social Networks and
requests.
Factors for Rapid Growth
 Option to hide like counts and activity status. Evolution:
However, users have limited control over:
 Early OSNs began as bulletin boards and email groups.
 Data used for algorithmic recommendations and ad
 Platforms like Friendster and MySpace introduced user
targeting.
profiles and friend lists.
 What third-party services can infer through linked
 Facebook revolutionized networking by emphasizing
accounts.
real identities and newsfeeds.
 How long data is retained or shared with Meta's broader
 Modern OSNs now include Instagram, TikTok,
ecosystem.
LinkedIn, and decentralized platforms.
So, while users can manage social visibility, they cannot fully
Growth Factors:
control how their data is used behind the scenes, meaning control
 Widespread internet and smartphone adoption.
is partial at best.
12. Discuss the risks of poor identity management practices  Human desire for social interaction and self-expression.
in the context of open security issues.  Real-time content sharing and instant feedback.
Poor identity management can lead to:  Gamification, influencer culture, and monetization
 Unauthorized access: Weak or reused passwords allow opportunities.
attackers to hijack accounts. 6. Explain the Concept of Trust Management in Online
 Impersonation fraud: Inadequate verification enables Social Networks
attackers to create accounts that mimic real individuals. Trust management involves mechanisms that determine the
 Loss of trust: If users feel their identity is insecure or reliability of users and content. This includes:
misused, they may abandon the platform.  User ratings and reviews.
 Regulatory non-compliance: Failure to protect user  Verification badges (e.g., blue checkmarks).
identities can lead to violations of data protection laws  Content moderation (e.g., reporting abuse, fact-
and hefty fines. checking).
To mitigate these risks, platforms need to adopt strong Impact:
authentication (like MFA), regular audits, and transparent  Builds safer communities by discouraging harmful
identity verification processes. behavior.
1. Describe Two Major Differences Between Offline  Encourages engagement by creating a trustworthy
and Online Communities environment.
a. Geographical Constraints:  Helps users decide whom to follow or trust for
 Offline communities are typically bound by location information.
(e.g., neighborhoods, workplaces), making physical 7. What are Trust Evaluation Models in Online Social
presence necessary. Networks? Provide Examples
 Online communities can connect individuals globally, These models assess and quantify trustworthiness within the
transcending physical boundaries and time zones. network. Examples include:
b. Mode of Interaction:  Reputation-Based Models: Rely on user ratings or
 Offline interaction involves verbal and non-verbal reviews.
communication (e.g., body language, tone). Example: Amazon seller ratings.
 Online interaction occurs via text, video, images, and  Graph-Based Models: Analyze the trust flow through
emojis, often lacking the emotional depth of face-to- the network.
face exchanges but allowing for asynchronous Example: PageRank, EigenTrust, which evaluate trust
communication. based on connections and interactions.
  Behavior-Based Models: Monitor past actions to
predict trustworthiness.
Example: Blocking spammers based on posting
behavior.
8. Describe the Challenges and Opportunities in
Collecting Data from Online Social Networks
Challenges:
 Privacy Regulations (e.g., GDPR, CCPA) limit access
to personal data.
 API Limitations restrict data volume or type.
 Data Complexity: Data is unstructured, massive, and
constantly changing.
Opportunities:
 Sentiment Analysis: Understand public opinion and
emotional trends.
 Market Research: Discover consumer preferences and
emerging trends.
 Sociological Research: Study group behavior,
influence, and communication patterns.
9. Discuss the Role of APIs in Collecting Data from
Online Social Networks
APIs (Application Programming Interfaces) allow developers to
access structured data in real-time from social platforms.
Roles:
 Data Collection: Retrieve user posts, comments,
follower counts, etc.
 Automation: Streamline data extraction without
manual effort.
 Integration: Feed data into analytics tools for insights.
Examples:
 Twitter API, Facebook Graph API, Instagram Basic
Display API.
10. Explain the Concept of 'Social Trust' and Its Role in
Building Credibility
Social Trust refers to the confidence users have in each other’s
integrity and reliability.
Roles:
 Encourages users to share personal information or
opinions.
 Facilitates e-commerce (e.g., trusting a seller on
Facebook Marketplace).
 Enhances cooperation in group activities or activism.
High social trust reduces the perceived risk of interacting online.
11. Effects of Information Privacy Disclosure in OSNs
For Users:
 Risks include identity theft, doxxing, and cyberstalking.
 Loss of privacy can lead to stress and reduced platform
usage.
For Platforms:
 Legal liabilities due to data leaks.
 Decline in user trust and engagement.
 Increased scrutiny from regulators and the public.
12. Phishing in Online Social Networks and Strategies
to Identify Fraudulent Entities
Phishing: Fraudulent messages or links that trick users into
revealing sensitive data.
Identification Strategies:
 AI and Machine Learning: Detect suspicious behavior
patterns.
 User Education: Teaching users to recognize red flags
(e.g., urgent requests, odd URLs).
 Two-Factor Authentication: Prevent unauthorized
account access.
 Verified Accounts: Help users distinguish real from
fake profiles.