Social network sites (SNSs) have attracted millions of users around the world. Approximately half of the Internet users are members in one or more SNSs (Liu et al., 2011). Users create their personal profiles and share their private information and interests with others (Sledgianowski & Kulviwat, 2009). With information sharing in social networking applications, private information may be disclosed unintentionally. For example, a users’ position is visible to others when he/she uses a location based service. The exploratory nature of social networking websites requires a user friendly interface while virtual communications need a secure protection on private information. This paper proposes the concept of user-friendly security patterns that provide developers the solutions to address the usability and security issues together.
A social network website has a set of distinct features, different from other websites (Marin et al., 2010; Vorakulpipat et al., 2011; Gao et al., 2011). First, it is challenging to automatically authenticate contents due to the diversified information, which includes various multimedia contents, texts, instant messages or requests that are closely related to a specific context. It is, therefore, hard to automatically validate information in social networking websites. Second, a SNS facilitates virtual communication among a large number of users. It contains a large repository of personal profiles and contents, which make it challenging to have a user-friendly yet powerful interface to differentiate sensitive information from public information. Third, a SNS is an open platform for third-party developers and businesses. For example, Application Platform Interfaces (APIs) allow third-party developers to create applications that are hosted by SNSs. Fourth, SNSs have diversified services, such as content tagging, messaging, circle of friends, wall posts, status updates, and etc., which need a sophisticated mechanism to enhance secure information sharing (Kitsantas et al., 2016) .
The above characteristics of SNSs have introduced several challenges (Truta et al., 2015). A major challenge is to protect users’ privacy while being user-friendly as well. For example, the open architecture of SNSs allows any third party developer or person to send requests to the user, which may potentially jeopardize a user’s privacy. SNSs have to provide an efficient graphical user interface (GUI) to verify various requests. Also, the diverse social interactions should provide different levels of access to users’ private information. Therefore, GUIs should provide a flexible yet powerful mechanism to balance user-friendliness and privacy. In addition, SNSs allow the users to upload their contents for others to access and tag. This kind of tags may reveal users’ private information to the others. This requires GUIs to give users a control to protect their contents and information. Therefore, SNS developers should emphasize on user-friendliness to encourage users to keep active in a virtual community. However, user-friendliness should not sacrifice security and privacy. Instead, when developing social network websites, developers must consider the usability and security aspects at the same time (Braz et al., 2007), since both security and usability are important properties of Social Network Sites. On one hand, numerous security and privacy issues remain as an open problem (Marin et al., 2010; (Vorakulpipat et al., 2011; Gao et al., 2011). On the other hand, “usability” (Fox & Naidu, 2009) has been one of the critical factors of SNSs, even if it is still one of biggest dilemmas faced by SNS developers, particularly when considering the security and privacy features (Lipford et al., 2008).