Shirin Nilizadeh, Sonia Jahid, Prateek Mittal, Nikita Borisov, and Apu Kapadia
In Proceedings of 8th ACM International Conference on emerging Networking EXperiments and Technologies (ACM CoNEXT), Nice, France, Dec. 2012.
Online social networks (OSNs) such as Facebook and Google+ have transformed the way our society communi- cates. However, this success has come at the cost of user privacy; in today’s OSNs, users are not in control of their own data, and depend on OSN operators to enforce access control policies. A multitude of privacy breaches has spurred research into privacy-preserving alternatives for social net- working, exploring a number of techniques for storing, disseminating, and controlling access to data in a decentralized fashion. In this paper, we argue that a combination of techniques is necessary to efficiently support the complex functionality requirements of OSNs.
We propose Cachet, an architecture that provides strong security and privacy guarantees while preserving the main functionality of online social networks. In particular, Cachet protects the confidentiality, integrity and availability of user content, as well as the privacy of user relationships. Cachet uses a distributed pool of nodes to store user data and ensure availability. Storage nodes in Cachet are untrusted; we leverage cryptographic techniques such as attribute-based encryption to protect the confidentiality of data. For efficient dissemination and retrieval of data, Cachet uses a hybrid structured-unstructured overlay paradigm in which a conventional distributed hash table is augmented with social links between users. Social contacts in our system act as caches to store recent updates in the social network, and help reduce the cryptographic as well as the communication overhead in the network.
We built a prototype implementation of Cachet in the FreePastry simulator. To demonstrate the functionality of existing OSNs we implemented the ‘newsfeed’ application. Our evaluation demonstrates that (a) decentralized architectures for privacy preserving social networking are feasible, and (b) use of social contacts for object caching results in significant performance improvements.
Peer-to-peer social network, Data privacy and security: confidentiality, integrity and security, Distributed hash tables: FreePastry simulator, Applied crypto: Attribute-based access control and public-key crypto, Algorithm.
The 4th IEEE International Workshop on Security and Social Networking (SESOC '12), Lugano, Switzerland, Mar 19, 2012.
A multitude of privacy breaches, both accidental and malicious, have prompted users to distrust centralized providers of online social networks (OSNs) and investigate decentralized solutions. We examine the design of a fully decen- tralized (peer-to-peer) OSN, with a special focus on privacy and security. In particular, we wish to protect the confidentiality, integrity, and availability of user content and the privacy of user relationships.
We propose DECENT, an architecture for OSNs that uses a distributed hash table to store user data, and features cryptographic protections for confidentiality and integrity, as well as support for flexible attribute policies and fast revocation. DECENT ensures that neither data nor social relationships are visible to unauthorized users and provides availability through replication and authentication of updates. We evaluate DECENT through simulation and experiments on the PlanetLab network and show that DECENT is able to replicate the main functionality of current centralized OSNs with manageable overhead.
In Proceedings of 2011 ACM Workshop on Privacy in the Electronic Society (WPES '11), pp. 43--48, Chicago, Illinois, October 17, 2011.
Emerging "live social search" systems such as Aardvark.com allow users to pose questions to their social network in real time. People can thus obtain answers from real humans for questions that prove too complex for web searches. Centralized systems that broker such queries and answers, however, do not provide adequate privacy. The success of these systems will be limited since users may avoid asking or answering questions related to sensitive topics such as health, political activism, or even innocuous questions which may make the querier seem ignorant.
Since social search systems leverage the structure of the social network to better match askers and answerers, standard ideas that hide this structure such as "connect to Aardvark via Tor" fall short. Thus new techniques are needed to preserve the privacy of askers and answerers beyond the currently understood anonymity techniques. We explore the new and unique challenges for privacy, and propose Pythia, a decentralized architecture based on "controlled flooding" to enable privacy-enhanced social search that retains some degree of social network structure.
Peer-to-peer question and answering system, User privacy and anonymity: expertise and interest unlinkability, Network Science: social communities, Privacy enhancing technologies: Onion routing, Anonymity set, and controlled flooding, Algorithms, and Simulations.