Abstract

Online Social Networks (OSNs) represent today a big communication channel where users spend a lot of time to share personal data. Unfortunately, the big popularity of OSNs can be compared with their big privacy issues. Indeed, several recent scandals have demonstrated their vulnerability. Decentralized Online Social Networks (DOSNs) have been proposed as an alternative solution to the current centralized OSNs. DOSNs do not have a service provider that acts as central authority and users have more control over their information. Several DOSNs have been proposed during the last years. However, the decentralization of the social services requires efficient distributed solutions for protecting the privacy of users. During the last years the blockchain technology has been applied to Social Networks in order to overcome the privacy issues and to offer a real solution to the privacy issues in a decentralized system. However, in these platforms the blockchain is usually used as a storage, and content is public. In this paper, we propose a manageable and auditable access control framework for DOSNs using blockchain technology for the definition of privacy policies. The resource owner uses the public key of the subject to define auditable access control policies using Access Control List (ACL), while the private key associated with the subject’s Ethereum account is used to decrypt the private data once access permission is validated on the blockchain. We provide an evaluation of our approach by exploiting the Rinkeby Ethereum testnet to deploy the smart contracts. Experimental results clearly show that our proposed ACL-based access control outperforms the Attribute-based access control (ABAC) in terms of gas cost. Indeed, a simple ABAC evaluation function requires 280,000 gas, instead our scheme requires 61,648 gas to evaluate ACL rules.

Highlights

  • Today, millions of users are actively using Social Media, such as Facebook, Instagram, Twitter, etc

  • The design of a new Access Control List (ACL)-based access control model for Decentralized Online Social Networks (DOSNs), by using the Ethereum blockchain which provides a unique address for each registered account, which is used as the identity for each user in this framework

  • The same problem with a rule-based access control, such as the one proposed in [26], where authors introduce a model for the users in Online Social Networks (OSNs), where the policies are based on social type information, such as relationship type and trust, stored in a server

Read more

Summary

Introduction

Millions of users are actively using Social Media, such as Facebook, Instagram, Twitter, etc. Due to the uncertain privacy guarantees of today’s OSNs, online users are seeking for alternative data sharing techniques that offer them the possibility to gain control of their own data (i.e., to enable them to manage their data on their own), and to limit the support of the large service providers in controlling their own personal information To meet these requirements, Decentralized Online Social Networks (DOSNs) have been proposed, ranging from Peer-toPeer (P2P) decentralized solutions to hybrid solutions integrating private and external resources for storing users’ data [1, 2]. The design of a new ACL-based access control model for DOSNs, by using the Ethereum blockchain which provides a unique address for each registered account, which is used as the identity for each user in this framework.

Background and Related Work
Blockchain-based Online Social Networks
Access Control Models
Requirements Overview
Access Control Framework
The System of Smart Contracts
The Access Control Process
25: Push famsb into the misbehavior list of subject
Performance Evaluation
Evaluation cost
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call