A Logic of Creation in Online Social Networks Brian Whitworth 1 , Lech Janczewski 2 and Adnan Ahmad 1 1 Massey University, Auckland, New Zealand 2 The University of Auckland, New Zealand Abstract - A community is a social entity that by norms, laws or ethics grants its citizens rights - social permissions to act. It does so to help itself, as a community that prospers helps its members. Online social networks are computer based communities whose social requirements are not too different from any other. Access control in these networks requires some logical foundation to build upon. Without an agreed logical basis to distribute social rights, current access control models are based on intuition, experience or trial and error. This paper suggests anonine entity creation logic based on the socio-technical approach – use the knowledge of physical society as the basis of information rights model for online communities. Social axioms give a theoretical base for rights analysis that could not only satisfy technical requirements like efficiency but also social requirements like fairness. Keywords: social computing, socio-technical, access control, security, social network 1 Introduction The last decade has seen extreme multi-user systems emerge – online social networks (OSN) where millions of users share billions of resources and grant each other access rights (Carminati, 2009). A social network is a type of socio- technical system (STS), which is a social system operating upon a technical base (Whitworth, 2009), e.g. wikis, social media, e-trade or chat. Every STS has both social and technical requirements, so can fail by social or technical error, e.g. by allocating permissions unfairly or inefficiently. Online access to resources and information is managed through an access control system (ACS), which restricts who can access what based on a permission matrix which for friend interactions increases geometrically not linearly with group size. So for hundreds of millions of people, the possible connections are astronomical. Each account also adds hundreds or thousands of photos or comments a year and each user wants the sort of control over their domain previously reserved only for system administrators. With the world population at seven billion and growing, if Facebook's current 800 million active accounts is just the beginning, matrix access methods may be ending their useful life. In traditional ACS, access is granted to predefined users, but OSN profiles can be created by users new to the system and rights allocation is over constantly new objects. Currently, access control in social networks is based on designer intuition, experience or even trial and error, with no agreed common base. The base proposed here is social requirements. As social networks are here to stay and growing in number and size, a common model of distributed rights allocation can identify socio-technical design patterns (Alexander, 1964). Privacy is one OSN social requirement, as connecting to others raises privacy concerns (Simpson, 2008). People want to contribute personal stuff to online social networks without worrying about its unauthorized disclosure (Ahmad and Whitworth, 2011). Another is Locke's idea that one should own what one creates, whether a book, a painting or an online photo (Locke, 1975). If so, everything posted on an OSN should be owned, and conversely if people own their posts, they should manage their access control. Access control in OSNs today is more about access than control because people want to share as well as keep private. Essentially, if people don't own the resources they contribute, why bother to add them at all? Why do work for someone else to get the result? If people don't contribute to an STS there is no user community and it fails socially. Ownership of newly created online objects is critical to OSN success for social reasons. The aim is a system that works both in technical practice (efficient, consistent and reachable) and in social practice (fair, productive and understandable). The access control logic outlined here could generalize to any socio-technical system. 2 Requirements A socio-technical system is a social system on a technical base, as a socio-physical system is a social system on a physical base. Socio-technical design (Mumford, 1995; Porra and Hirscheim, 2007) involves technical and social requirements, to model not just what can be done but what should be done. Social requirments, usually applied to workplace management, are here applied to software design. Social synergy is people working together to increase each other's outcomes (it isn't just people adding efforts, say to lift a heavy log together). Communities that enable positive synergy