• Corpus ID: 18633702

A Security API for Distributed Social Networks

@inproceedings{Backes2011ASA,
  title={A Security API for Distributed Social Networks},
  author={Michael Backes and Matteo Maffei and Kim Pecina},
  booktitle={Network and Distributed System Security Symposium},
  year={2011}
}
We present a cryptographic framework to achieve access control, privacy of social relations, secrecy of resources, and anonymity of users in social networks. We illustrate our technique on a core API for social networking, which includes methods for establishing social relations and for sharing resources. The cryptographic protocols implementing these methods use pseudonyms to hide user identities, signatures on these pseudonyms to establish social relations, and zero-knowledge proofs of… 

Figures and Tables from this paper

Securing social networks

The main idea is to use pseudonyms to hide user identities, signatures on pseudonym to establish social relations, and zero-knowledge proofs on these signatures to demonstrate the existence of the corresponding social relations without sacrificing user anonymity.

DECENT: A decentralized architecture for enforcing privacy in online social networks

This work proposes DECENT, an architecture for OSNs that uses a distributed hash table to store user data, and features cryptographic protections for confidentiality and integrity, as well as support for flexible attribute policies and fast revocation.

Security and Privacy of Distributed Online Social Networks

The paper focuses on the data privacy, data integrity, and secure social search solutions for centralized and distributed OSNs and discusses open security problems and concerns, that can be used as future research directions.

Enhancing Security and Privacy in Online Social Networks

A cryptographic mechanism that ensures confidentiality, and efficiently supports the fine-grained access policies suitable for OSNs, and a decentralized architecture that benefits from the privacy provided by the cryptographic mechanism, and the structured data storage and availability of a distributed hash table are presented.

Privacy-Preserving Social Network for an Untrusted Server

This research aims to help users to overcome privacy issues by designing a crypto-based framework for building online social networking services that allows users to digitally sign and encrypt their posted content at the client side before transferring it to the server so that it guarantees confidentiality as well as integrity of users' data.

Cryptographic Protocols for Enforcing Relationship-Based Access Control Policies

  • Jun PangYang Zhang
  • Computer Science, Mathematics
    2015 IEEE 39th Annual Computer Software and Applications Conference
  • 2015
This paper proposes cryptographic protocols for decentralized social networks to enforce relationship-based access control polices, i.e., K-common friends and k-depth, and proves their security under the honest but curious adversary model, and analyses their computation and communication complexities.

Privacy-preserving Path Discovery in Social Networks

This paper provides techniques to instantiate one of the core functionalities of social networks: discovery of paths between individuals and preserves the privacy of relationship information, and can operate offline during the path discovery phase.

A Survey of Security and Privacy in Online Social Networks

The challenges that providers face in maintaining the proper operation of an online social network including minimizing spam messages, and reducing the number of sybil accounts are covered.

Security and Privacy in Online Social Networks-A Survey

The challenges that providers face in maintaining the proper operation of an online social network including minimizing spam messages, and reducing the number of sybil accounts are covered.

CoSMeDis: A Distributed Social Media Platform with Formally Verified Confidentiality Guarantees

A framework for composing a class of information flow security guarantees in a distributed system, applicable to input/output automata is formalized and instantiated this framework to confidentiality properties for CoSMeDis's sources of information: posts, friendship requests, and friendship status.
...

References

SHOWING 1-10 OF 50 REFERENCES

Privacy preserving social networking through decentralization

This paper points to the centralized architecture of existing on-line social networks as the key privacy issue and suggests a solution that aims at avoiding any centralized control and leverages the trust relationships that are part of the social network application itself.

De-anonymizing Social Networks

A framework for analyzing privacy and anonymity in social networks is presented and a new re-identification algorithm targeting anonymized social-network graphs is developed, showing that a third of the users who can be verified to have accounts on both Twitter and Flickr can be re-identified in the anonymous Twitter graph.

A Privacy-Preserving Scheme for Online Social Networks with Efficient Revocation

A privacy-preserving scheme for data sharing in OSNs, with efficient revocation for deterring a contact's access right to the private data once the contact is removed from the social group is proposed.

Privacy-Preserving Relationship Path Discovery in Social Networks

This paper provides techniques to instantiate one of the core functionalities of social networks: discovery of paths between individuals, and preserves the privacy of relationship information, and can operate offline during the path discovery phase.

Persona: an online social network with user-defined privacy

This work presents Persona, an OSN where users dictate who may access their information, and describes an implementation of Persona that replicates Facebook applications and shows how Persona provides the functionality of existing online social networks with additional privacy benefits.

Lockr: better privacy for social networks

Lockr is presented, a system that improves the privacy of centralized and decentralized online content sharing systems and how it is integrated with Flickr, a centralized OSN, and BitTorrent, a decentralized one is shown.

Anonymous Webs of Trust

The concept of anonymous webs ofTrust is introduced - an extension of webs of trust where users can authenticate messages and determine each other's trust level without compromising their anonymity.

Pseudo Trust: Zero-Knowledge Authentication in Anonymous P2Ps

This work proposes a zero-knowledge authentication scheme called pseudo trust (PT), where each peer, instead of using its real identity, generates an unforgeable and verifiable pseudonym using a one-way hash function.

Privacy-Aware Access Control in Social Networks: Issues and Solutions

The aim of this chapter is to first discuss which are the requirements of privacy-aware access control to OSN resources and then to review the literature in view of the identified requirements.

Onion Routing for Anonymous and Private Internet Connections

In this article, the prototype network is processing more than 1 million Web connections per month from more than six thousand IP addresses in twenty countries and in all six main top level domains.