RecGuard: A Blockchain-based Privacy Preservation System for Safeguarding Personal Data of Online Social Network Users with Enhanced Efficiency and Security

Online Social Network (OSN) data is often collected by the third parties for various purposes. One of the problems in such practices is how to measure the privacy breach to assure secure users. However, the recent works on privacy estimation are not systematic enough and are mainly focus on the traditional datasets, such as bank data and hospital data. Compared with these closed environments, the open APIs and lower register barriers make OSNs an open environment. Thus the openness of OSN makes more User Generated Content (UGC) like blogs and remarks be achieved easily by adversaries. In this paper, we analyzed the background knowledge in OSNs and proposed a general privacy estimation model facing OSNs data based on linear regression. In particular, our model takes the content knowledge of adversary into consideration. Considered the high dimension of content knowledge, which could cause high computational overhead, we optimized our model by Principal Component Analysis (PCA).

As per recent progress, online social network (OSN) users have grown tremendously worldwide, especially in the wake of the COVID-19 pandemic. Today, OSNs have become a core part of many people’s daily lifestyles. Therefore, increasing dependency on OSNs encourages privacy requirements to protect users from malicious sources. OSNs contain sensitive information about each end user that intruders may try to leak for commercial or non-commercial purposes. Therefore, ensuring different levels of privacy is a vital requirement for OSNs. Various privacy preservation methods have been introduced recently at the user and network levels, but ensuring k-anonymity and higher privacy model requirements such as l-diversity and t-closeness in OSNs is still a research challenge. This study proposes a novel method that effectively anonymizes OSNs using multiple-graph-properties-based clustering. The clustering method introduces the goal of achieving privacy of edge, node, and user attributes in the OSN graph. This clustering approach proposes to ensure k-anonymity, l-diversity, and t-closeness in each cluster of the proposed model. We first design the data normalization algorithm to preprocess and enhance the quality of raw OSN data. Then, we divide the OSN data into different clusters using multiple graph properties to satisfy the k-anonymization. Furthermore, the clusters ensure improved k-anonymization by a novel one-pass anonymization algorithm to address l-diversity and t-closeness privacy requirements. We evaluate the performance of the proposed method with state-of-the-art methods using a “Yelp real-world dataset”. The proposed method ensures high-level privacy preservation compared to state-of-the-art methods using privacy metrics such as anonymization degree, information loss, and execution time.

Online social networks (OSNs) contain data about users, their relations, interests and daily activities and the great value of this data results in ever growing popularity of OSNs. There are two types of OSNs data, semantic and topological. Both can be used to support decision making processes in many applications such as in information diffusion, viral marketing and epidemiology. Online Social network analysis (OSNA) research is used to maximize the benefits gained from OSNs’ data. This paper provides a comprehensive study of OSNs and OSNA to provide analysts with the knowledge needed to analyse OSNs. OSNs’ internetworking was found to increase the wealth of the analysed data by depending on more than one OSN as the source of the analysed data. Paper proposes a generic model of OSNs’ internetworking system that an analyst can rely on. Two different data sources in OSNs were identified in our efforts to provide a thorough study of OSNs, which are the OSN User data and the OSN platform data. Additionally, we propose a classification of the OSN User data according to its analysis models for different data types to shed some light into the current used OSNA methodologies. We also highlight the different metrics and parameters that analysts can use to evaluate semantic or topologic OSN user data. Further, we present a classification of the other data types and OSN platform data that can be used to compare the capabilities of different OSNs whether separate or in a OSNs’ internetworking system. To increase analysts’ awareness about the available tools they can use, we overview some of the currently publically available OSNs’ datasets and simulation tools and identify whether they are capable of being used in semantic, topological OSNA, or both. The overview identifies that only few datasets includes both data types (semantic and topological) and there are few analysis tools that can perform analysis on both data types. Finally paper present a scenario that shows that an integration of semantic and topologic data (hybrid data) in the OSNA is beneficial.

Problem setting. In order to build an innovative society, it is necessary to develop legal norms and regulators aimed at protecting privacy and controlling personal data. In addition, the need to ensure effective and reliable protection of personal data in the conditions of rapid technological development, globalization and the growing threat of cybercrime is becoming more urgent. The need for the development of legal norms, the introduction of innovative technologies and the raising of public awareness become important tasks for ensuring privacy and protection of personal data. The study also aims to identify and analyze the main challenges facing the field of personal data protection, such as cybercrime, hacker attacks, globalization and cross borders. Legal norms and regulations aimed at protecting privacy are also analyzed, as well as the potential opportunities of new technologies that can increase the level of protection of personal data. Аnalysis of recent researches and publications. The problems of legal protection of personal data have recently become the subject of research by an increasing number of scientists, both lawyers and representatives of other fields of knowledge. In particular, such scientists as: S. Hlibko, T. Egorova-Lutchenko, K. Yefremova, O. Korvat, V. Kokhan, M. Haustova devote their attention to the study of these issues. etc. Purpose of the research is to develop possible ways of legal protection of personal data in view of today’s challenges related to this issue. The article aims to consider the development of technologies and the growth of the volume of personal data as the main factors affecting the need for effective protection of privacy and security of this data. The article is aimed at expanding the understanding of the problem and providing recommendations for improving the protection of privacy and security of personal data in the future. article’s main body. According to the preamble to the Agreement between Ukraine and the European Union on the participation of Ukraine in the European Union program “Digital Europe” (2021-2027), the important supporting role of digital infrastructure, including in the field of cyber security, is recognized to ensure inextricably linked transformation processes and digital leadership of the European Union. The purpose of concluding the Agreement is to establish mutually beneficial cooperation in order to strengthen and support the deployment of reliable and secure digital capabilities in the Union in the field, including cyber security. It is recognized that mutual participation in each other’s programs for the implementation of digital technologies should ensure mutual benefits for the Parties, while observing a high level of data protection, digital rights, etc. In accordance with paragraph 12 of Article 2 of Annex III to the Agreement, the exchange of information between the European Commission or OLAF and the competent state authorities of Ukraine must take place with due consideration of confidentiality requirements. Personal data included in the exchange of information must be transferred in accordance with the current legal norms on data protection of the Party making the transfer. According to paragraph 49 of the preamble of Regulation (EU) 2021/694 of the European Parliament and of the Council of April 29, 2021 on the establishment of the Digital Europe Program, digital transformation should allow citizens to access, use and securely manage their personal data across borders, regardless of their location or data location. According to point 60 of the preamble, by providing a single set of rules that are directly applicable in the legal systems of the Member States, Regulation (EU) 2016/679 guarantees the free flow of personal data between Member States and strengthens the trust and security of individuals, two indispensable elements of a true Digital Single Market . All actions taken within the framework of the Program, which involve the processing of personal data, must contribute to the smooth implementation of this Regulation, for example, in the field of artificial intelligence and distributed ledger technologies (for example, blockchain). These actions should support the development of digital technologies that meet data protection obligations both by design and by default. In addition, according to paragraph 69 of the preamble, this Regulation respects fundamental rights and adheres to the principles recognized in the Charter of Fundamental Rights of the European Union, in particular regarding the protection of personal data, etc. In the Charter of Fundamental Rights of the European Union (2016/C 202/02) dated June 7, 2016, Chapter II “Freedoms” contains Article 8, which is entitled “Protection of personal data”, according to which it is assumed that everyone has the right to the protection of personal data data concerning him. Such data must be processed fairly for specific purposes and on the basis of the consent of the person concerned or on another legal basis established by law. Everyone has the right to access the data that has been collected about him and the right to correct it. Compliance with these rules is subject to control by an independent body. In addition, Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data establishes rules relating to the protection of natural persons with regard to the processing of personal data, as well as rules, relating to the free movement of personal data, and protects the fundamental rights and freedoms of natural persons and, in particular, their right to protection of personal data. Today in Ukraine, the main legislative act in this area is the Law of June 1, 2010 No. 2997-VI “On the Protection of Personal Data”. Article 11 of the Law of Ukraine “On Information” specifies what information about a natural person (personal data) is. In turn, the legal and organizational bases for ensuring the protection of the vital interests of a person and citizen, society and the state, national interests of Ukraine in cyberspace, the main goals, directions and principles of state policy in the field of cyber security, the powers of state bodies, enterprises, institutions, organizations, individuals and citizens in this area, the basic principles of coordination of their cyber security activities are defined in the Law of Ukraine “On Basic Principles of Cyber Security of Ukraine”. In addition, relations in the field of information protection in information, electronic communication and information and communication systems are regulated by the Law of Ukraine “On the Protection of Information in Information and Communication Systems”. In turn, the Concept of the development of e-governance in Ukraine, as well as the Law of Ukraine “On the National Informatization Program” defines e-governance. In addition, in 2021, the Law of Ukraine “On Public Electronic Registers” was adopted, which defines the State electronic platform for maintaining public electronic registers. On April 18, 2023, by a resolution of the Cabinet of Ministers of Ukraine, the Regulation on the information system “Software platform for the deployment and support of state electronic registers” was approved, as well as the Procedure for using the software “Software platform for the deployment and support of state electronic registers”. conclusions and prospects for the development. The protection of digital personal data requires the development of appropriate technical and regulatory tools, as well as judicial practice of prosecution for violations of the order of their use. It is possible to create a database or registry for private electronic/digital platforms, with the help of which or which would control their activities, including regarding the protection of personal data. At the same time, at the regulatory and legal level, it is necessary to provide that a mandatory condition for the creation and functioning of an Internet platform is its registration in such a database / such a register, and a mandatory condition for registration is confirmation of technical capabilities to ensure the protection of personal data of platform users. It is necessary to define at the regulatory level the list and mechanisms of acquisition of digital rights, their implementation, protection, compensation and responsibility for their violation. The protection of personal data should be considered one of the digital rights of a person and a citizen. The development of digitalization in a legal state must inevitably be accompanied by the development of the legal framework, in particular, the emergence, consolidation, definition and protection of digital rights of individuals and legal entities. Digital rights are a multifaceted category, they become connected and interwoven with other rights defined and established in the norms of different branches of law. The multifaceted nature of the “digital rights” category implies the separation and delimitation of various categories of digital rights, their distribution into appropriate types, for example, “personal digital rights”, “financial digital rights”, etc. It should be quite natural to form a separate element in the general system of law, such as digital law, as a set of legal norms regulating social relations related to the circulation of (including personal) data in digital networks.

Recommender systems have become an integral part of many social networks and extract knowledge from a user’s personal and sensitive data both explicitly, with the user’s knowledge, and implicitly. This trend has created major privacy concerns as users are mostly unaware of what data and how much data is being used and how securely it is used. In this context, several works have been done to address privacy concerns for usage in online social network data and by recommender systems. This paper surveys the main privacy concerns, measurements and privacy-preserving techniques used in large-scale online social networks and recommender systems. It is based on historical works on security, privacy-preserving, statistical modeling, and datasets to provide an overview of the technical difficulties and problems associated with privacy preserving in online social networks.

Online Social Networks (OSNs) have become integral to modern life, enabling people to communicate, share information, and stay connected over vast distances. However, the rising use of OSNs has sparked significant concerns regarding the privacy and security of user data. This paper presents an innovative method for strengthening data privacy and security in cloud-enabled OSNs utilizing an E-ABE system. The proposed solution employs flow graph analysis to verify relationships, ensuring secure user data exchange while offering fine-grained access control. This approach addresses the limitations of existing methods, which often fail to provide comprehensive privacy and security measures. By leveraging cryptographic techniques and secure communication protocols, the E-ABE model allows for the controlled sharing of sensitive information, ensuring that only authorized users can access data. The system's design includes roles for Cloud Service Providers (CSPs), Trusted Attribute Authorities (TAAs), and end-users (followers and followees), each contributing to the overall security framework. Experimental results demonstrate the effectiveness of the proposed method in reducing key generation time, data encryption and decryption time, and communication costs while maintaining high levels of authorization accuracy. This research contributes to the field by providing a robust solution for protecting user data in cloud-based OSNs, highlighting its potential for broader application in other domains requiring stringent data privacy and security measures.

Online Social Networks (OSNs) have been gaining tremendous growth and popularity in the last decade, as they have been attracting billions of users from all over the world. Such networks generate petabytes of data from the social interactions among their users and create many management and scalability challenges. OSN users share common interests and exhibit strong community structures, which create complex dependability patterns within OSN data, thus, make it difficult to partition and distribute in a data center environment. Existing solutions, such as, distributed databases, key-value stores and auto scaling services use random partitioning to distribute the data across a cluster, which breaks existing dependencies of the OSN data and may generate huge inter-server traffic. Therefore, there is a need for intelligent data allocation strategy that can reduce the network cost for various OSN operations. In this paper, we present a gossip-based partitioning and replication scheme that efficiently splits OSN data and distributes the data across a cluster. We achieve fault tolerance and data locality, for one-hop neighbors, through replication. Our main contribution is a social graph placement strategy that divides the social graph into predefined size partitions and periodically updates the partitions to place socially connected users together. To evaluate our algorithm, we compare it with random partitioning and a state-of-the-art solution SPAR. Results show that our algorithm generates up to four times less replication overhead compared to random partitioning and half the replication overhead compared to SPAR.

Online Social Networks (OSNs) have become major platform for social interactions, sharing personal experiences and providing other services. OSN providers provide significant services to its user for free of cost. Various privacy control mechanisms for users have been provided by OSNs to decide who can view their personal information. User’s sensitive information could be leaked even when privacy rules are properly set by the service providers. Various users’ data are collaborated for different analysing purposes. Many threats arise to user data in OSN. This paper discusses various types of threats that arise to user data and the technique which overcomes the attacks made on the user data.

Online social networks (OSN) contain data about persons or objects including private information and user generated labels. We study two problems on managing OSN data. Data is often shared with trusted parties. Still, data has to be adapted so that it does not trivially reveal identities of the users and their interactions. We formulate this problem of “masking” data by deliberately introducing uncertainty and trading it off with the utility of data for useful analyses. We present methods for masking static and dynamic OSN data and show high accuracy in experiments for answering a variety of queries over the masked data. User-generated labels have many uncertainties due to missing values, synonyms, and so on. The problem of Label Set Enhancing captures the task of reducing these uncertainties, by inferring missing values, replacing labels for larger concept labels and so on. We present first known, efficient, iterative solutions to this problem where the labels form a hierarchy. Our evaluations show significant benefits in using a hierarchy for reducing uncertainty in label sets in OSN data.

Online social networks (OSNs) have rapidly become a prominent and widely used service, offering a wealth of personal and sensitive information with significant security and privacy implications. Hence, OSNs are also an important--and popular--subject for research. To perform research based on real-life evidence, however, researchers may need to access OSN data, such as texts and files uploaded by users and connections among users. This raises significant ethical problems. Currently, there are no clear ethical guidelines, and researchers may end up (unintentionally) performing ethically questionable research, sometimes even when more ethical research alternatives exist. For example, several studies have employed "fake identities" to collect data from OSNs, but fake identities may be used for attacks and are considered a security issue. Is it legitimate to use fake identities for studying OSNs or for collecting OSN data for research? We present a taxonomy of the ethical challenges facing researchers of OSNs and compare different approaches. We demonstrate how ethical considerations have been taken into account in previous studies that used fake identities. In addition, several possible approaches are offered to reduce or avoid ethical misconducts. We hope this work will stimulate the development and use of ethical practices and methods in the research of online social networks.

Several applications (e.g., Instagram, PiCsMu) integrate existing Online Social Networks (OSN) into the core of their solutions to explore social information. Although this integration enables more accurate social recommendation systems, the collection and monitoring of relevant OSN data by third-party applications is a challenging management task, since OSNs (a) impose rate restrictions to their Application Programming Interface (API) calls, (b) do not provide detailed information about specific OSN features, and (c) may provide incomplete or not up-to-date OSN data. Therefore, this paper covers the design, prototyping, and evaluation of JSocialLib, a new meta-API library for collecting OSN data from existing OSNs. It provides (1) an interaction- and (2) a location-based method in support of social recommendations systems.

Recent trends in ubiquitous computing target to provide user-controlled servers, providing a single point of access for managing different personal data in different Online Social Networks (OSNs), i.e. profile data and resources from various social interaction services (e.g., LinkedIn, Facebook, etc.). Ideally, personal data should remain independent of the environment, e.g., in order to support flexible migration to new landscapes. Such information interoperability can be achieved by ontology-based information representation and management. In this paper we present achievements and experiences of the di.me project, with respect to access control and privacy preservation in such systems. Special focus is put on privacy issues related to linkability and unwanted information disclosure. These issues could arise for instance when collecting and integrating information of different social contacts and their live streams (e.g., activity status, live posts, etc.). Our approach provides privacy recommendations by leveraging (1) the detection of semantic equivalence between contacts as portrayed in online profiles and (2) NLP techniques for analysing shared live streams. The final results after 3 years are presented and the portability to other environments is shortly discussed.

Access control is one of the crucial aspects in information systems security. Authorizing access to resources is a fundamental process to limit potential privacy violations and protect users. The nature of personal data in online social networks (OSNs) requires a high-level of security and privacy protection. Recently, OSN-specific access control models (ACMs) have been proposed to address the particular structure, functionality and the underlying privacy issues of OSNs. In this survey chapter, the essential aspects of access control and review the fundamental classical ACMs are introduced. The specific OSNs features and review the main categories of OSN-specific ACMs are highlighted. Within each category, the most prominent ACMs and their underlying mechanisms that contribute enhancing privacy of OSNs are surveyed. Toward the end, more advanced issues of access control in OSNs are discussed. Throughout the discussion, different models and highlight open problems are contrasted. Based on these problems, the chapter is concluded by proposing requirements for future ACMs.

This paper looks at the problem of privacy in the context of Online Social Networks (OSNs). In particular, it examines the predictability of different types of personal information based on OSN data and compares it to the perceptions of users about the disclosure of their information. To this end, a real life dataset is composed. This consists of the Facebook data (images, posts and likes) of 170 people along with their replies to a survey that addresses both their personal information, as well as their perceptions about the sensitivity and the predictability of different types of information. Importantly, we evaluate several learning techniques for the prediction of user attributes based on their OSN data. Our analysis shows that the perceptions of users with respect to the disclosure of specific types of information are often incorrect. For instance, it appears that the predictability of their political beliefs and employment status is higher than they tend to believe. Interestingly, it also appears that information that is characterized by users as more sensitive, is actually more easily predictable than users think, and vice versa (i.e. information that is characterized as relatively less sensitive is less easily predictable than users might have thought).

Online Social Networks (OSNs) have been gaining tremendous growth and popularity in the last decade, as they have been attracting billions of users from all over the world. Such networks generate petabytes of data from the social interactions among their users and create many management and scalability challenges. OSN users share common interests and exhibit strong community structures, which create complex dependability patterns within OSN data, thus, make it difficult to partition and distribute in a data center environment. Existing solutions, such as, distributed databases, key-value stores and auto scaling services use random partitioning to distribute the data across a cluster, which breaks existing dependencies of the OSN data and may generate huge inter-server traffic. Therefore, there is a need for intelligent data allocation strategy that can reduce the network cost for various OSN operations. In this paper, we present a gossip-based partitioning and replication scheme that efficiently splits OSN data and distributes the data across a cluster. We achieve fault tolerance and data locality, for one-hop neighbors, through replication. Our main contribution is a social graph placement strategy that divides the social graph into predefined size partitions and periodically updates the partitions to place socially connected users together. To evaluate our algorithm, we compare it with random partitioning and a state-of-the-art solution SPAR. Results show that our algorithm generates up to four times less replication overhead compared to random partitioning and half the replication overhead compared to SPAR.