Cryptography Based Privacy Protection Mechanism for Online Social Networks
0
Citation
6
Reference
20
Related Paper
Abstract:
The wide use of online social networks (OSNs) such as Facebook, Google+, Twitter, etc., where users interact with each other by sharing their personal information. On-line social network applications severely suffer from various security and privacy exposures. One of the important issues in OSNs is that how user privacy is protected because OSN providers have full control over users’ data. The OSN providers typically store users’ information permanently; the privacy controls mechanism in OSNs offer limited options to users for customizing, managing and defining access policies for their data over the network. An efficient privacy protection mechanism is important for OSNs that can be used to protect the privacy of online social relationships and users’ data from third parties. Cryptographic privacy protection mechanism shifts the control over data sharing back to the users by providing them with flexible and dynamic access policies. Also the proposed Validation Check Module focuses on handling the human attacks by providing an additional level of security, including auto-locking features to protect the user’s account in online social network. This mechanism provides enhanced security features from both automated program attacks and the human attacks.Keywords:
Information sensitivity
Protection mechanism
Privacy software
Social network (sociolinguistics)
Data Sharing
Cite
Online social networks (OSNs) have analyses large growth in recent years and become a saturation for hundreds of millions of Internet users. These OSNs offer to enforce attractive means for digital social interactions and information contribution, but also increase a number of security and privacy issues. Right to use manage mechanism is provide to restrict shared data, they currently do not provide any mechanism to minimize problem of multiuser shared data. To this end, we propose an approach to enable the protection of shared data associated with multiple users in OSNs. We gives a platform to user to share their data in secure manner. We also discuss a proof-of-concept prototype of approach as part of a framework on social network and provide usability study and system evaluation of our method.
Data Sharing
Cite
Citations (0)
The use of online social networks is one of daily activity for people. OSNs' users share contents which sometimes has other users' information on. This type of data sharing is called co-owned data sharing and it is one of the most popular reasons for privacy leakages in OSNs platforms. OSNs' users claim that the responsibility of preserving users' privacy should be taken by those platforms. To do so, there are different approaches taken by OSNs for protecting users' privacy and providing the most secure environment to their users. This study proposes a model which should be adopted by OSNs platforms for a more secure environment. The model is developed on top of a hypothesis, the proof of the hypothesis is done with analysis on two questionnaires. Results of the analysis show that group decision making and reputation systems are needed to have more secure online social network platforms.
Reputation system
Data Sharing
Social network (sociolinguistics)
Cite
Citations (0)
Online Social Networks (OSN) have become widely popular in recent years. OSN enable people to connect with their friends based on sharing information about their personal life. There are some serious privacy problems that need to be resolved in existing OSN: Firstly, there has to be a method to protect user-generated data from OSN providers. Secondly, a fully flexible and dynamic access control mechanism should exist to protect private data against attackers and unauthorized friends. Thirdly, the aforementioned access control system should be efficient in managing the privacy policies of OSN users. To meet these requirements, this paper presents a privacy protection solution for OSN with a customizable privacy control. In the proposed approach, the users keep control of their data without any help from the OSN provider or a trusted third party. The introduced scheme employs identity based broadcast encryption (IBBE) system to communicate the private data to intended OSN users. The privacy and efficiency analysis show the proposed architecture is a great improvement over existing approaches in preserving the privacy of OSN users.
Broadcast encryption
Privacy software
Data Sharing
Cite
Citations (15)
Privacy software
Privacy Protection
Cite
Citations (5)
Privacy Protection
Information leakage
Privacy software
Information sensitivity
Information flow
Cite
Citations (1)
Online Social Networking (OSN) services such as Facebook and Twitter are immensely popular. Their users entrust them with sensitive data such as friends lists, pictures and messages. This data can be directly shared with other users or can be handed to the third-party applications for further processing. Our work focuses on on the many privacy and trust issues that OSNs present. More specifically, we are interested in studying users' privacy in OSNs under various trust and attack models.
Privacy Protection
Cite
Citations (0)
Online Social Networks (OSNs) are inherently designed to enable people to share personal and public information and make social connections with others. These OSNs provides digital social interactions and social as well as personal information sharing, but in sharing a number of security and privacy problems raised. While OSNs allow users to restrict access to shared data, they currently do not provide any mechanism to totally enforce privacy issue solver associated with multiple users. To this end, we propose an approach to enable the protection of shared data associated with multiple users in OSNs. We formulate an access control model to capture the essence of multiparty authorization requirements, along with a multiparty policy specification scheme and a policy enforcement mechanism. Besides we also implement a proof-of-concept prototype which is called as MController (multi controller) having contributor, stakeholder and disseminator controllers along with owner controller.
Data Sharing
Cite
Citations (0)
Millions of people use On-line social networks (OSNs) every day and privacy of sensitive personal information is a major concern. Although OSNs provide policies and mechanisms to allow users to control who can view their data, these efforts may not be sufficient under various privacy attacks. In this paper, we study the disclosure of private information concealed on a social network under an information extraction attack. The novelty of this attack is that it combines web search with information extraction and data mining techniques to discover private information that is hidden on a social network by considering web pages outside of the given social network. We also define a quantitative measure of the risk of privacy disclosure under this and other similar attacks, given the privacy policy and protection mechanism of a social network website. We show that with some public information of a victim from a social network, it is not too difficult for the adversary to utilize this attack to find other private information of the victim hidden on the social network. Our results call for further study of the strength of privacy protection mechanisms of online social networks, and the development of new and more effective protection methods.
Private information retrieval
Social network (sociolinguistics)
Information sensitivity
Privacy software
Protection mechanism
Cite
Citations (5)
In recent
years, online social network services (OSNs) have gained wide adoption and
become one of the major platforms for social interactions, such as building
up relationship, sharing personal experiences, and providing other services.
A huge number of users spend a large amount of their time in online social
network sites, such as Facebook, Twitter, Google+, etc. These sites allow the
users to express themselves by creating their personal profile pages online.
On the profile pages, the users can publish various personal information such
as name, age, current location, activity, photos, etc. Sharing the personal
information can motivate the interaction among the users and their friends.
However, the personal information shared by users in OSNs can disclose the
private information about these users and cause privacy and security issues.
This dissertation focuses on investigating the leakage of privacy and the
disclosure of face biometrics due to sharing personal information in OSNs.
The first work in this dissertation investigates the effectiveness of privacy
control mechanisms against privacy leakage from the perspective of
information flow. These privacy control mechanisms have been deployed in
popular OSNs for users to determine who can view their personal information.
Our analysis reveals that the existing privacy control mechanisms do not
protect the flow of personal information effectively. By examining
representative OSNs including Facebook, Google+, and Twitter, we discover a
series of privacy exploits. We find that most of these exploits are inherent
due to the conflicts between privacy control and OSN functionalities. The
conflicts reveal that the effectiveness of privacy control may not be
guaranteed as most OSN users expect. We provide remedies for OSN users to
mitigate the risk of involuntary information leakage in OSNs. Finally, we
discuss the costs and implications of resolving the privacy exploits. In
addition to the privacy leakage, sharing personal information in OSNs can
disclose users’ face biometrics and compromise the security of systems, such
as face authentication, which rely on the face biometrics. In the second
work, we investigate the threats against real-world face authentication
systems due to the face biometrics disclosed in OSNs. We make the first
attempt to quantitatively measure the threat of OSN-based facial disclosure
(OSNFD). We examine real-world face-authentication systems designed for both
smartphones, tablets, and laptops. Interestingly, our results find that the
percentage of vulnerable images that can be used for spoofing attacks is
moderate, but the percentage of vulnerable users that are subject to spoofing
attacks is high. The difference between the face authentication systems
designed for smartphones/tablets and laptops is also significant. In our user
study, the average percentage of vulnerable users is 64% for laptop-based
systems, and 93% for smartphone/tablet-based systems. This evidence suggests
that face authentication may not be suitable to use as an authentication
factor, as its confidentiality has been significantly compromised due to
OSNFD. In order to understand more detailed characteristics of OSNFD, we
further develop a risk estimation tool based on logistic regression to extract
key attributes affecting the success rate of spoofing attacks. The OSN users
can use this tool to calculate risk scores for their shared images so as to
increase their awareness of OSNFD. This dissertation makes contributions on
understanding the potential risks of private information disclosure in OSNs.
On one hand, we analyze the underlying reasons which make the privacy control
deployed in OSNs vulnerable against privacy leakage. On the other hand, we
reveal that the face biometrics can be disclosed in OSNs and compromise the
security of face authentication systems.
Publication
Private information retrieval
Information leakage
Information sensitivity
Social network (sociolinguistics)
Cite
Citations (0)
Popularity
Social network (sociolinguistics)
Information Sharing
Cite
Citations (3)