Skip to main content
SpringerLink
Log in

Supporting Data Privacy in P2P Systems

  • Chapter
  • First Online:
Security and Privacy Preserving in Social Networks

Part of the book series: Lecture Notes in Social Networks ((LNSN))

Abstract

Peer-to-Peer (P2P) systems have been very successful for large-scale data sharing. However, sharing sensitive data, like in online social networks, without appropriate access control, can have undesirable impact on data privacy. Data can be accessed by everyone (by potentially untrusted peers) and used for everything (e.g., for marketing or activities against the owner’s preferences or ethics). Hippocratic databases (HDB) provide an effective solution to this problem, by integrating purpose-based access control for privacy protection. However, the use of HDB has been restricted to centralized systems. This chapter gives an overview of current solutions for supporting data privacy in P2P systems and develops in more detail a complete solution based on HDB.

Work partially funded by the DataRing project of the French ANR.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Organization for Economic Co-operation and Development. One of the world’s largest and most reliable source of comparable statistics on economic and social data (http://www.oecd.org/).

  2. 2.

    www.shanoir.org/.

  3. 3.

    http://www.medscape.com/connect/.

  4. 4.

    http://www.carenity.com.

  5. 5.

    http://diybio.org.

  6. 6.

    http://office.microsoft.com/en-us/sharepoint-workspace.

  7. 7.

    http://usenet-news.net/.

  8. 8.

    http://antsp2p.sourceforge.net/.

  9. 9.

    http://mute-net.sourceforge.net.

  10. 10.

    These systems are not meant for massive data sharing, thus information about data disclosure for requesters is not available.

  11. 11.

    Anonymizer is an online service that attempts to make activity on the Internet untraceable. It accesses the Internet on the user’s behalf, protecting personal information by hiding the source identifying information. http://www.anonymizer.com/.

  12. 12.

    Freenet does not use access control techniques thus key distribution is not restricted.

  13. 13.

    Microsoft kept their right to collect some information about the use of the Office SharePoint Workspace software and other activities “outside” of workspaces, as explained in their privacy statement at http://office.microsoft.com/en-us/help/privacy-supplement-for-microsoft-office-groove-2007-HA010085213.aspx.

  14. 14.

    In [5, 35], authors have treated peer identification. We are fully aware of the impact of identification on user privacy. However, peer identities do not necessarily reveal users real identities, thus user privacy can be somehow protected.

  15. 15.

    To distinguish data keys from peer keys, we prefix peer keys with letter P.

  16. 16.

    http://www.oasis-opencsa.org/sca http://www.obeo.fr/pages/sca/.

  17. 17.

    http://peerunit.gforge.inria.fr/.

  18. 18.

    http://www.grid5000.fr/.

References

  1. Agrawal, R., Bird, P., Grandison, T., Kiernan, J., Logan, S., Rjaibi, W.: Extending relational database systems to automatically enforce privacy policies. In: IEEE Conference on Data Engineering (ICDE), Tokyo, Japan (2005)

    Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic databases. In: Very Large Databases (VLDB), Hong Kong, China (2002)

    Google Scholar 

  3. Akbarinia, R., Martins, V., Pacitti, E., Valduriez, P.: Design and implementation of APPA. In: Baldoni, R., Cortese, G., Davide, F. (eds.) Global Data Management. IOS Press, pp. 98–123 (2006)

    Google Scholar 

  4. Byun, J.W., Li:, N.: Purpose based access control for privacy protection in relational database systems. Very Large Databases (VLDB) J. 17(4) (2008)

    Google Scholar 

  5. Castro, M., Druschel, P., Ganesh, A., Rowstron, A., Wallach, D.S.: Secure routing for structured peer-to-peer overlay networks. In: Operating Systems Design and Implementation (OSDI), Boston, MA (2002)

    Google Scholar 

  6. Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Comm. ACM 24(2) (1981)

    Google Scholar 

  7. Choffnes, D.R., Duch, J., Malmgren, D., Guierma, R., Bustamante, F.E., Amaral, L.: SwarmScreen: privacy through plausible deniability in P2P systems. Tech. rep., Northwestern EECS University (March 2009)

    Google Scholar 

  8. Clarke, I., Miller, S.G., Hong, T.W., Sandberg, O., Wiley, B.: Protecting free expression online with freenet. IEEE Internet Comput. 6(1) (2002)

    Google Scholar 

  9. Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The Platform for Privacy Preferences 1.0 (P3P1.0) Specification (2002)

    Google Scholar 

  10. Daswani, N., Garcia-Molina, H., Yang, B.: Open problems in data-sharing peer-to-peer systems. In: International Conference on Database Theory (ICDT), Siena, Italy (2003)

    Google Scholar 

  11. Garton, L., Haythornthwaite, C., Wellman, B.: Studying online social networks. J. Comput. Mediat. Comm. 3(1) (1997)

    Google Scholar 

  12. Hand, S., Roscoe, T.: Mnemosyne: peer-to-peer steganographic storage. In: International Peer To Peer Systems Workshop (IPTPS), Cambridge, MA (2002)

    Google Scholar 

  13. Howell, F., McNab, R.: Simjava: a discrete event simulation library for Java. In: International Conference on Web-Based Modeling and Simulation, San Diego, CA (1998)

    Google Scholar 

  14. Isdal, T., Piatek, M., Krishnamurthy, A., Anderson, T.: Privacy-preserving P2P data sharing with oneswarm. Tech. rep., University of Washington (2009)

    Google Scholar 

  15. Jawad, M.: Data privacy in P2P systems. Ph.D. thesis, Université de Nantes (2011)

    Google Scholar 

  16. Jawad, M., Serrano-Alvarado, P., Valduriez, P.: Protecting data privacy in structured P2P networks. In: Data Management in Grid and P2P Systems (Globe), Linz, Austria (2009)

    Google Scholar 

  17. Jawad, M., Serrano-Alvarado, P., Valduriez, P., Drapeau, S.: A data privacy service for structured P2P systems. In: Mexican International Conference in Computer Science (ENC), MĂ©xico D.F., MĂ©xico (2009)

    Google Scholar 

  18. Jawad, M., Serrano-Alvarado, P., Valduriez, P., Drapeau, S.: Data privacy in structured P2P systems with PriServ. In: Bases de Données Avancées (BDA), Namur, Begium (2009)

    Google Scholar 

  19. Jawad, M., Serrano-Alvarado, P., Valduriez, P., Drapeau, S.: Privacy support for sensitive data sharing in P2P systems. In: Bases de Données Avancées (BDA), demonstration paper, Rabat, Morocco (2011)

    Google Scholar 

  20. Karjoth, G., Schunter, M., Waidner, M.: Platform for enterprise privacy practices: privacy-enabled management of customer data. In: Workshop on Privacy Enhancing Technologies, San Francisco, CA (2002)

    Google Scholar 

  21. Kleinberg, J., Papadimitriou, C.H., Raghavan, P.: On the value of private information. In: Theoretical Aspects of Rationality and Knowledge (TARK), Siena, Italy (2001)

    Google Scholar 

  22. Kubiatowicz, J., Bindel, D., Chen, Y., Czerwinski, S.E., Eaton, P.R., Geels, D., Gummadi, R., Rhea, S.C., Weatherspoon, H., Weimer, W., Wells, C., Zhao, B.Y.: OceanStore: An architecture for global-scale persistent storage. In: Architectural Support for Programming Languages and Operating Systems (ASPLOS), Cambridge, MA (2000)

    Google Scholar 

  23. Langheinrich, M.: A P3P Preference Exchange Language (APPEL1.0) Specification (2001)

    Google Scholar 

  24. Liberty Alliance Project, Privacy Preference Expression Languages (PPELs). http://projectliberty.org/liberty/content/download/371/2670/file/Final_PPEL_White_Paper.pdf

  25. LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.J.: Limiting disclosure in hippocratic databases. In: Very Large Databases (VLDB), Toronto, Canada (2004)

    Google Scholar 

  26. Mell, P., Grance, T.: The NIST definition of cloud computing. Natl. Inst. Stand. Tech. 53(6) (2009)

    Google Scholar 

  27. Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: Very Large Databases (VLDB), Berlin, Germany (2003)

    Google Scholar 

  28. Nejdl, W., Wolf, B., Qu, C., Decker, S., Sintek, M., Naeve, A., Nilsson, M., Palmér, M., Risch, T.: Edutella: A P2P networking infrastructure based on RDF. In: ACM World Wide Web Conference (WWW), Hawaii, USA (2002)

    Google Scholar 

  29. Ozsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 3rd edn. Springer, New York (2011)

    Google Scholar 

  30. 1.1.0 P3P Purposes of Data Collection Elements. http://p3pwriter.com/LRN_041.asp

  31. Pfitzmann, A., Hansen, M.: A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. Tech. rep., Dresden University of Technology (2009)

    Google Scholar 

  32. Roncancio, C., del Pilar Villamil, M., Labbé, C., Serrano-Alvarado, P.: Data sharing in DHT based P2P systems. Trans. Large Scale Data Knowl. Centered Syst. I 5740 (2009)

    Google Scholar 

  33. Rowstron, A., House, G.: Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility. In: Symposium on Operating Systems Principles (SOSP), Banff, Alberta, Canada (2001)

    Google Scholar 

  34. Rowstron, A.I.T., Druschel, P.: Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: ACM/IFIP/USENIX Middleware Conference (MIDDLEWARE), Heidelberg, Germany (2001)

    Google Scholar 

  35. Ryu, S., Butler, K., Traynor, P., McDaniel, P.: Leveraging identity-based cryptography for node ID assignment in structured P2P systems. In: Advanced Information Networking and Applications Workshops (AINA), Niagara Falls, Canada (2007)

    Google Scholar 

  36. Stoica, I., Morris, R., Karger, D.R., Kaashoek, M.F., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup service for internet applications. In: ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM), San Diego, CA (2001)

    Google Scholar 

  37. Stubblefield, A., S.Wallach, D.: Dagster: Censorship-Resistant Publishing without Replication. Tech. rep., Rice University (2001)

    Google Scholar 

  38. Tatarinov, I., Ives, Z.G., Madhavan, J., Halevy, A.Y., Suciu, D., Dalvi, N.N., Dong, X., Kadiyska, Y., Miklau, G., Mork, P.: The piazza peer data management project. ACM Spec. Interest Group Manag. Data (SIGMOD) Rec. 32(3) (2003)

    Google Scholar 

  39. Waldman, M., Mazières, D.: Tangler: a censorship-resistant publishing system based on document entanglements. In: Computer and Communications Security (CCS), Philadelphia, PA (2001)

    Google Scholar 

  40. Westin, A.F.: Privacy and Freedom. Atheneum, New York (1967)

    Google Scholar 

  41. Zhao, B.Y., Huang, L., Stribling, J., Rhea, S.C., Joseph, A.D., Kubiatowicz, J.: Tapestry: a resilient global-scale overlay for service deployment. IEEE J. Sel. Areas Comm. 22(1) (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LINA, University of Nantes, Nantes, France

    Mohamed Jawad & Patricia Serrano-Alvarado

  2. INRIA and LIRMM, University of Montpellier, Montpellier, France

    Patrick Valduriez

Authors
  1. Mohamed Jawad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patricia Serrano-Alvarado
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Patrick Valduriez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohamed Jawad .

Editor information

Editors and Affiliations

  1. LIUPPA Laboratory, University of Pau and Adour Countries, Anglet, France

    Richard Chbeir

  2. Ticket Laboratory, Antonine University, Baabda, Lebanon

    Bechara Al Bouna

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Wien

About this chapter

Cite this chapter

Jawad, M., Serrano-Alvarado, P., Valduriez, P. (2013). Supporting Data Privacy in P2P Systems. In: Chbeir, R., Al Bouna, B. (eds) Security and Privacy Preserving in Social Networks. Lecture Notes in Social Networks. Springer, Vienna. https://doi.org/10.1007/978-3-7091-0894-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-7091-0894-9_7

  • Published:

  • Publisher Name: Springer, Vienna

  • Print ISBN: 978-3-7091-0893-2

  • Online ISBN: 978-3-7091-0894-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation