Advertisement

Wireless Networks

, Volume 24, Issue 4, pp 1055–1069 | Cite as

Common friends discovery for multiple parties with friendship ownership and replay-attack resistance in mobile social networks

  • Shin-Yan Chiou
Article

Abstract

Social networking sites have emerged as a powerful tool for maintaining contact and sharing information between people, allowing users to quickly and easily communicate and interact over the Internet. However, such services have raised serious privacy concerns, especially in terms of ensuring the security of users’ personal information in the process of data exchange while also allowing for effective and complete data matching. Many studies have examined privacy matching issues and proposed solutions which could be applied to the current private matching issue. However, these solutions are almost entirely based on dual-matching designs. Therefore, this paper proposes a tripartite privacy matching protocol between common friends. In contexts with multiple users, this protocol searches for matching problems for common friends to produce a new solution. This approach does not rely on a trusted third party, and can be used on most mobile devices. In addition to providing outstanding operating performance and effective communication, this approach also accounts for context-specific privacy preservation, mutual authentication, mutual friendship certification, prevention of privacy spoofing and replay attack resistance, allowing users to safely and effectively identify mutual friends. The proposed methods are shown to be secure and efficient, and are implemented in mobile phones that allow users to find common friends securely in seconds. To the best of our knowledge, this is the first work done on mobile common friends discovery for three parties with advanced privacy preservation.

Keywords

Mobility Social networks Privacy Security Friendship 

Notes

Acknowledgments

This work is partially supported by the Ministry of Science and Technology under Grant MOST 104-2221-E-182-012 and by the CGMH project under Grant BMRPB46. The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers, which have improved the presentation.

References

  1. 1.
    Agrawal, R., Evfimievski, A., & Srikant, R. (2003). Information sharing across private databases. In Proceedings of the 2003 ACM SIGMOD international conference on Management of data (pp. 86–97). ACM, New York, NY.Google Scholar
  2. 2.
    Amin, R., & Biswas, G. (2015). A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis. Journal of Medical Systems, 39(3), 1–17.CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Canetti, R., & Krawczyk, H. (1996). Keying hash functions for message authentication. In Advances in cryptologyXCRYPTO96 (pp. 1–15). Springer.Google Scholar
  4. 4.
    Chi, J., Lv, Z., Zhang, M., Li, H., Hong, C., & Feng, D. (2014). A novel privacy-preserving group matching scheme in social networks. In Web-age information management (pp. 336–347). Springer.Google Scholar
  5. 5.
    Chiou, S. Y., & Chen, Y. C. (2014). A mobile, dynamic, and privacy-preserving matching system for car and taxi pools. Mathematical Problems in Engineering, 2014.Google Scholar
  6. 6.
    Chiou, S. Y., & Huang, Y. H. (2013). Mobile common friends discovery with friendship ownership and replay-attack resistance. Wireless Networks. doi: 10.1007/s11276-013-0577-x.Google Scholar
  7. 7.
    Chiou, S. Y., & Luo, C. S. (2014). An authenticated privacy-preserving mobile matchmaking protocol based on social connections with friendship ownership. Mathematical Problems in Engineering, 2014, 1–12.Google Scholar
  8. 8.
    Chiou, S. Y., Ying, Z., & Liu, J. (2016). Improvement of a privacy authentication scheme based on cloud for medical environment. Journal of Medical Systems, 40(4), 1–15.CrossRefGoogle Scholar
  9. 9.
    Chu, C. H. (2014). Preference-aware coding data broadcast in delay tolerant networks. Wireless Networks, 20(7), 1825–1838.CrossRefGoogle Scholar
  10. 10.
    Cutillo, L., Molva, R., & Strufe, T. (2009). Privacy preserving social networking through decentralization. In Sixth international conference on wireless on-demand network systems and services, 2009. WONS 2009. (pp. 145–152). IEEE.Google Scholar
  11. 11.
    De Rango, F., Socievole, A., & Marano, S. (2014). Exploiting online and offline activity-based metrics for opportunistic forwarding. Wireless Networks, 21(4), 1163–1179.Google Scholar
  12. 12.
    Du, J., Kranakis, E., Ponce, O. M., & Rajsbaum, S. (2016). Neighbor discovery in a sensor network with directional antennae. Adhoc and Sensor Wireless Networks, 30, 261–286.Google Scholar
  13. 13.
    Farràs, O., Domingo-Ferrer, J., & Blanco-Justicia, A. (2014). Privacy-preserving trust management mechanisms from private matching schemes. In Data privacy management and autonomous spontaneous security (pp. 390–398). Springer.Google Scholar
  14. 14.
    Freedman, M. J., Nissim, K., & Pinkas, B. (2004). Efficient private matching and set intersection. In International conference on the theory and applications of cryptographic techniques (pp. 1–19). Springer.Google Scholar
  15. 15.
    Hajli, N., & Lin, X. (2014). Exploring the security of information sharing on social networking sites: The role of perceived control of information. Journal of Business Ethics, 133(1), 111–123.CrossRefGoogle Scholar
  16. 16.
    Keegan, B. C., & Ahmad, M. A. (2014). Dark sides of social networking. In Encyclopedia of social network analysis and mining (pp. 319–332). Springer.Google Scholar
  17. 17.
    Kim, S. K., Yoon, J. H., Lee, J., Jang, G. Y., & Yang, S. B. (2016). A cooperative forwarding scheme for social preference-based selfishness in mobile social networks. Wireless Networks, 22(2), 537–552.CrossRefGoogle Scholar
  18. 18.
    Li, Y., Tygar, J. D., & Hellerstein, J. M. (2005). Computer security in the 21st century, chapter 3. New York: Springer.Google Scholar
  19. 19.
    Michael, K. (2014). Reconnaissance and social engineering risks as effects of social networking. Encyclopedia of Social Network Analysis and Mining, 1533–1538.Google Scholar
  20. 20.
    Mishra, D., Das, A. K., Chaturvedi, A., & Mukhopadhyay, S. (2015). A secure password-based authentication and key agreement scheme using smart cards. Journal of Information Security and Applications, 23, 28–43.CrossRefGoogle Scholar
  21. 21.
    Pietiläinen, A., Oliver, E., LeBrun, J., Varghese, G., & Diot, C. (2009) Mobiclique: Middleware for mobile social networking. In Proceedings of the 2nd ACM workshop on online social networks (pp. 49–54). ACM.Google Scholar
  22. 22.
    Shen, C. C. (2015). Why do they use social networking site: Social capital and transaction cost perspectives. In Proceedings of the 2010 academy of marketing science (AMS) annual conference (pp. 256–256). Springer.Google Scholar
  23. 23.
    Socievole, A., De Rango, F., & Caputo, A. (2014). Wireless contacts, facebook friendships and interests: Analysis of a multi-layer social network in an academic environment. In Wireless days (WD), 2014 IFIP (pp. 1–7). IEEE.Google Scholar
  24. 24.
    Wang, Y., Vasilakos, A. V., Jin, Q., & Ma, J. (2014). Survey on mobile social networking in proximity (MSNP): Approaches, challenges and architecture. Wireless Networks, 20(6), 1295–1311.CrossRefGoogle Scholar
  25. 25.
    Wang, Y., Vasilakos, A. V., Jin, Q., & Ma, J. (2014). A wi-fi direct based p2p application prototype for mobile social networking in proximity (MSNP). In 2014 IEEE 12th international conference on dependable, autonomic and secure computing (DASC) (pp. 283–288). IEEE.Google Scholar
  26. 26.
    Wang, Y., & Xu, J. (2014). Overview on privacy-preserving profile-matching mechanisms in mobile social networks in proximity (MSNP). In 2014 ninth Asia joint conference on information security (ASIA JCIS) (pp. 133–140). IEEE.Google Scholar
  27. 27.
    Wikipedia: Replay attack. (2012). http://en.wikipedia.org/wiki/Replay_attack/.
  28. 28.
    Xie, Q., & Hengartner, U. (2011). Privacy-preserving matchmaking for mobile social networking secure against malicious users. In 2011 ninth annual international conference on privacy, security and trust (PST) (pp. 252–259). IEEE.Google Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.Chang Gung UniversityTao-YuanTaiwan

Personalised recommendations