Today's social networking sites don't satisfy the decentralization nature of web 2.0, and face a lot of privacy concerns. This paper presents an access control scheme based on semi-decentralization. In this scenario, social networks sites only provide basic application services while users' resources are managed by themselves in client side. User declares the Relation types with their friends, Authorized users are denoted in terms of types and depth, only the requestor who matches the access rules can grant access to a resource. Thus protect the users' resources privacy from unauthorized access in social networks.