Abstract
Online Social Networks (OSNs) have an infamous history of privacy and security issues. One approach to avoid the massive collection of sensitive data of all users at a central point is a decentralized architecture.
An event invitation feature – allowing a user to create an event and invite other users who then can confirm their attendance – is part of the standard functionality of OSNs. We formalize security and privacy properties of such a feature like allowing different types of information related to the event (e.g., how many people are invited/attending, who is invited/attending) to be shared with different groups of users (e.g., only invited/attending users).
Implementing this feature in a Privacy-Preserving Decentralized Online Decentralized Online is non-trivial because there is no fully trusted broker to guarantee fairness to all parties involved. We propose a secure decentralized protocol for implementing this feature, using tools such as storage location indirection, ciphertext inferences and a disclose-secret-if-committed mechanism, derived from standard cryptographic primitives.
The results can be applied in the context of Privacy-Preserving DOSNs, but might also be useful in other domains that need mechanisms for cooperation and coordination, e.g., Collaborative Working Environment and the corresponding collaborative-specific tools, i.e., groupware, or Computer-Supported Collaborative Learning.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: an online social network with user-defined privacy. In: Rodriguez, P., Biersack, E.W., Papagiannaki, K., Rizzo, L. (eds.) SIGCOMM, pp. 135–146. ACM (2009)
Buszko, D., Lee, W.H.D., Helal, A.: Decentralized ad-hoc groupware API and framework for mobile collaboration. In: GROUP, pp. 5–14. ACM (2001)
Cutillo, L.A., Molva, R., Strufe, T.: Safebook: a privacy-preserving online social network leveraging on real-life trust. IEEE Commun. 47(12), 94–101 (2009)
El-Saddik, A., Rahman, A.S.M.M., Abdala, S., Solomon, B.: PECOLE: P2P multimedia collaborative environment. Multimed. Tools Appl. 39(3), 353–377 (2008)
Famulari, A., Hecker, A.: Mantle: a novel DOSN leveraging free storage and local software. In: Guyot, V. (ed.) ICAIT 2012. LNCS, vol. 7593, pp. 213–224. Springer, Heidelberg (2013)
Freitas, M.: twister - a P2P microblogging platform. CoRR abs/1312.7152 (2013)
Gilbert, H., Handschuh, H.: Security analysis of SHA-256 and sisters. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 175–193. Springer, Heidelberg (2004)
Greschbach, B., Kreitz, G., Buchegger, S.: The devil is in the metadata - new privacy challenges in decentralised online social networks. In: PerCom Workshops, pp. 333–339. IEEE (2012)
Greschbach, B., Kreitz, G., Buchegger, S.: User search with knowledge thresholds in decentralized online social networks. In: Hansen, M., Hoepman, J.-H., Leenes, R., Whitehouse, D. (eds.) Privacy and Identity 2014. IFIP AICT, vol. 421, pp. 188–202. Springer, Heidelberg (2014)
Johnson-Lenz, P., Johnson-Lenz, T.: Groupware: coining and defining it. SIGGROUP Bull. 19(2), 34 (1998)
Kim, M.K., Kim, H.C.: Awareness and privacy in groupware systems. In: CSCWD, pp. 984–988. IEEE (2006)
Li, W.D., Ong, S.K., Fuh, J.Y.H., Wong, Y.S., Lu, Y.Q., Nee, A.Y.C.: Feature-based design in a distributed and collaborative environment. Comput. Aided Des. 36(9), 775–797 (2004)
Lunden, I.: Facebook turns off facial recognition in the EU, gets the all-clear on several points from Ireland’s data protection commissioner on its review, September 2012. http://techcrunch.com/2012/09/21/facebook-turns-off-facial-recognition-in-the-eu-gets-the-all-clear/
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2009). http://www.bitcoin.org/bitcoin.pdf
Reinhard, W., Schweitzer, J., Völksen, G., Weber, M.: CSCW tools: concepts and architectures. IEEE Comput. 27(5), 28–36 (1994)
Rodden, T., Blair, G.S.: CSCW and distributed systems: the problem of control. In: Bannon, L.J., Robinson, M., Schmidt, K. (eds.) ECSCW. Kluwer (1991)
Rowstron, A., Druschel, P.: Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, pp. 329–350. Springer, Heidelberg (2001)
Shih, G.: Facebook admits year-long data breach exposed 6 million users, June 2013. http://www.reuters.com/article/2013/06/21/net-us-facebook-security-idUSBRE95K18Y20130621
Smith, C.: Reinventing social media: Deep learning, predictive marketing, and image recognition will change everything, March 2014. http://www.businessinsider.com/social-medias-big-data-future-2014-3
Trevor, J., Koch, T., Woetzel, G.: Metaweb: bringing synchronous groupware to the world wide web. In: ECSCW, pp. 65–80 (1997)
Zhang, G., Jin, Q.: Scalable information sharing utilizing decentralized p2p networking integrated with centralized personal and group media tools. In: AINA (2), pp. 707–711. IEEE Computer Society (2006)
Zurko, M.E.: IBM Lotus Notes/Domino: Embedding Security in Collaborative Applications, Chap. 30. O’Reilly Media, Inc., Sebastopol (2005)
Acknowledgments
This research has been funded by the Swedish Foundation for Strategic Research grant SSF FFL09-0086 and the Swedish Research Council grant VR 2009-3793.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Rodríguez-Cano, G., Greschbach, B., Buchegger, S. (2015). Event Invitations in Privacy-Preserving DOSNs. In: Camenisch, J., Fischer-Hübner, S., Hansen, M. (eds) Privacy and Identity Management for the Future Internet in the Age of Globalisation. Privacy and Identity 2014. IFIP Advances in Information and Communication Technology, vol 457. Springer, Cham. https://doi.org/10.1007/978-3-319-18621-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-18621-4_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18620-7
Online ISBN: 978-3-319-18621-4
eBook Packages: Computer ScienceComputer Science (R0)