Abstract
In the last decade or so, we have experienced a tremendous proliferation and popularity of different Social Networks (SNs), resulting more and more user attributes being stored in such SNs. These attributes represent a valuable asset and many innovative online services are offered in exchange of such attributes. This particular phenomenon has allured these social networks to act as Identity Providers (IdPs). However, the current setting unnecessarily imposes a restriction: a user can only release attributes from one single IdP in a single session, thereby, limiting the user to aggregate attributes from multiple IdPs within the same session. In addition, our analysis suggests that the manner by which attributes are released from these SNs is extremely privacy-invasive and a user has very limited control to exercise her privacy during this process. In this article, we present Social Anchor, a system for attribute aggregation from social networks in a privacy-friendly fashion. Our proposed Social Anchor system effectively addresses both of these serious issues. Apart from the proposal, we have implemented Social Anchor following a set of security and privacy requirements. We have also examined the associated trust issues using a formal trust analysis model. Besides, we have presented a formal analysis of its protocols using a state-of-the-art formal analysis tool called AVISPA to ensure the security of Social Anchor. Finally, we have provided a performance analysis of Social Anchor.
Highlights
A plethora of different types of Social Networks (SNs) have emerged in recent years providing a wide variety of online services in different domains with different use-cases
We present a formal analysis of Social Anchor protocols using a state-of-the-art protocol verification tool called AVISPA [3], [4] to ensure the security of its underlying protocols
An asset is the abstract or physical resource in a system that needs to be protected from an adversary [28]. It is the resource for which a threat exists and represents the target of the adversary in the system. we have identified a few assets for an Identity Management System (IMS) in [2]
Summary
A plethora of different types of Social Networks (SNs) have emerged in recent years providing a wide variety of online services in different domains with different use-cases. A recent study indicated that social networks users reached around 22.7 billions in 2017 [1] With such deep integration in our lives, these social networks are increasingly being used in different application domains. We provide a brief background of Identity and the related concepts of Identity Management and Identity Management systems This will help the readers to understand how different attributes in any social network make up the notion of identities for users in the corresponding social networks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
