Abstract
With the wide use of online social networks (OSNs), the problem of data privacy has attracted a lot of attention from not only the research community but also the general public. To meet the privacy needs of OSNs, we present a new framework for protecting information published through online social network websites through encryption by taking into account special features of OSNs. In this framework, autonomous private communities, called as zones, are set up by one or a set of mutually-trusted users collaboratively without any third party intervention. Sensitive information (i.e., posts, photos, etc.) within a zone can only be accessed by authorized members of the zone. A user joins a zone by obtaining a permission from an authorized zone member and uses it along with her private key to access contents inside the zone. One striking feature about our design of permission is that it is not secret information and thus can be left in the user's account in the OSN. Compared with prior work, this design of public permission greatly reduces user-side overhead on secret key management as a user only needs to maintain one secret key and use as many public permissions as she wants to access contents in different zones. Furthermore, our framework allows efficient access permission delegation and revocation. We develop a prototype to evaluate its computation performance in an acceptable level. Meanwhile, we prove that our construction is semantically secure against chosen plaintext attack, existential forgery attack and key forgery attack.
Highlights
Online social networks (OSNs) such as Facebook, LinkedIn, and Twitter are becoming increasingly popular and accessing these sites has become part of the daily routine of millions of users
OUR CONTRIBUTIONS To meet the privacy needs of OSN, we present AutoZone, a framework for protecting information published through OSN websites through encryption by taking into account the dual roles OSN users have and the special features of OSN communication
OVERVIEW OF AutoZone ARCHITECTURE we introduce AutoZone, a private OSN architecture which allows secure sharing of data among community members via group key management and message encryption
Summary
Our private OSN model could be built on existing social network platforms, such as Facebook, Orkut, etc, which usually allow developers to create ‘‘applications’’ to extend the types of information that can be stored, manipulated, and shared using social network interfaces. The basic steps involved in the revocation is as follows: for a set R of revoked members (who can be determined by their public labels), by using the zone key along with her private key, the users in KM or FAM can invoke the algorithm Revocation(ski, pmj(i), gkj, R, M ) to encrypt the message M. This is only a temporary revocation in the sense, a user is only revoked regarding to this specific message.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
