Skip to main content
SpringerLink
Log in

Let Only the Right One IN: Privacy Management Scheme for Social Network

(Short Paper)

  • Conference paper
Information Systems Security (ICISS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5905))

Included in the following conference series:

Abstract

Current social networking sites protect user data by making it available only to a restricted set of people, often friends. However, the concept of ‘friend’ is illusory in social networks. Adding a person to the friends list without verifying his/her identity can lead to many serious consequences like identity theft, privacy loss, etc. We propose a novel verification paradigm to ensure that a person (Bob) who sends a friend request (to Alice) is actually her friend, and not someone who is faking his identity. Our solution is based on what Bob might know and verify about Alice. We work on the premise that a friend knows a person’s preferences better than a stranger. To verify our premise, we conducted a two stage user study. Results of the user study are encouraging. We believe our solution makes a significant contribution, namely, the way it leverages the benefits of preference based authentication and challenge response schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: automated identity theft attacks on social networks. In: WWW 2009: Proceedings of the 18th international conference on World wide web, pp. 551–560. ACM, New York (2009)

    Chapter  Google Scholar 

  2. Boyd, D., Ellison, N.: Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication 13(1), 210–230 (2008)

    Article  Google Scholar 

  3. Boyd, D.: Why Youth (Heart) Social Network Sites: The Role of Networked Publics in Teenage Social Life, pp. 119–142. MIT Press, Cambridge (2007)

    Google Scholar 

  4. Grimmelmann, J.: Facebook and the social dynamics of privacy (August 2008)

    Google Scholar 

  5. Gross, R., Acquisti, A.: Information revelation and privacy in online social networks (the Facebook case). In: Proceedings of the 2005 ACM workshop on Privacy in the electronic society, pp. 71–80 (2005)

    Google Scholar 

  6. Jakobsson, M., Stolterman, E., Wetzel, S., Yang, L.: Love and authentication. In: CHI 2008: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, pp. 197–200. ACM, New York (2008)

    Chapter  Google Scholar 

  7. John, O.P., Srivastava, S.: The big five trait taxonomy: History, measurement, and theoretical perspectives, pp. 102–138. Guilford Press, New York (1999)

    Google Scholar 

  8. Just, M.: Designing and evaluating challenge-question systems. IEEE Security and Privacy 2(5), 32–39 (2004)

    Article  MathSciNet  Google Scholar 

  9. Lucas, M.M., Borisov, N.: Flybynight: mitigating the privacy risks of social networking. In: WPES 2008: Proceedings of the 7th ACM workshop on Privacy in the electronic society, pp. 1–8. ACM, New York (2008)

    Chapter  Google Scholar 

  10. Maslow, A.H.: A theory of human motivation. Psychological Review 50, 370–396 (1943)

    Article  Google Scholar 

  11. Rabkin, A.: Personal knowledge questions for fallback authentication: security questions in the era of facebook. In: SOUPS 2008: Proceedings of the 4th symposium on Usable privacy and security, pp. 13–23. ACM, New York (2008)

    Chapter  Google Scholar 

  12. Toomim, M., Zhang, X., Fogarty, J., Landay, J.A.: Access control by testing for shared knowledge. In: CHI 2008: Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, pp. 193–196. ACM, New York (2008)

    Chapter  Google Scholar 

  13. Yardi, S., Feamster, N., Bruckman, A.: Photo-based authentication using social networks. In: WOSP 2008: Proceedings of the first workshop on Online social networks, pp. 55–60. ACM, New York (2008)

    Chapter  Google Scholar 

  14. Yu, H., Gibbons, P.B., Kaminsky, M., Xiao, F.: Sybillimit: A near-optimal social network defense against sybil attacks. In: SP 2008: Proceedings of the 2008 IEEE Symposium on Security and Privacy, Washington, DC, USA, pp. 3–17. IEEE Computer Society, Los Alamitos (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. International Institute of Information Technology, Center for Security,Theory and Algorithmic Research (CSTAR), Hyderabad

    Nagaraja Kaushik Gampa, Rohit Ashok Khot & Kannan Srinathan

Authors
  1. Nagaraja Kaushik Gampa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rohit Ashok Khot
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kannan Srinathan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Electrical Engineering and Computer Science Department, University of Michigan, 48109, Ann Arbor, MI, USA

    Atul Prakash

  2. Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, India

    Indranil Sen Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gampa, N.K., Khot, R.A., Srinathan, K. (2009). Let Only the Right One IN: Privacy Management Scheme for Social Network. In: Prakash, A., Sen Gupta, I. (eds) Information Systems Security. ICISS 2009. Lecture Notes in Computer Science, vol 5905. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10772-6_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10772-6_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10771-9

  • Online ISBN: 978-3-642-10772-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation