Event Invitations in Privacy-Preserving DOSNs
Online Social Networks (OSNs) have an infamous history of privacy and security issues. One approach to avoid the massive collection of sensitive data of all users at a central point is a decentralized architecture.
An event invitation feature – allowing a user to create an event and invite other users who then can confirm their attendance – is part of the standard functionality of OSNs. We formalize security and privacy properties of such a feature like allowing different types of information related to the event (e.g., how many people are invited/attending, who is invited/attending) to be shared with different groups of users (e.g., only invited/attending users).
Implementing this feature in a Privacy-Preserving Decentralized Online Decentralized Online is non-trivial because there is no fully trusted broker to guarantee fairness to all parties involved. We propose a secure decentralized protocol for implementing this feature, using tools such as storage location indirection, ciphertext inferences and a disclose-secret-if-committed mechanism, derived from standard cryptographic primitives.
The results can be applied in the context of Privacy-Preserving DOSNs, but might also be useful in other domains that need mechanisms for cooperation and coordination, e.g., Collaborative Working Environment and the corresponding collaborative-specific tools, i.e., groupware, or Computer-Supported Collaborative Learning.
KeywordsEvent invitation Privacy Decentralized Online Social Networks
This research has been funded by the Swedish Foundation for Strategic Research grant SSF FFL09-0086 and the Swedish Research Council grant VR 2009-3793.
- 1.Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: an online social network with user-defined privacy. In: Rodriguez, P., Biersack, E.W., Papagiannaki, K., Rizzo, L. (eds.) SIGCOMM, pp. 135–146. ACM (2009)Google Scholar
- 2.Buszko, D., Lee, W.H.D., Helal, A.: Decentralized ad-hoc groupware API and framework for mobile collaboration. In: GROUP, pp. 5–14. ACM (2001)Google Scholar
- 6.Freitas, M.: twister - a P2P microblogging platform. CoRR abs/1312.7152 (2013)Google Scholar
- 8.Greschbach, B., Kreitz, G., Buchegger, S.: The devil is in the metadata - new privacy challenges in decentralised online social networks. In: PerCom Workshops, pp. 333–339. IEEE (2012)Google Scholar
- 11.Kim, M.K., Kim, H.C.: Awareness and privacy in groupware systems. In: CSCWD, pp. 984–988. IEEE (2006)Google Scholar
- 13.Lunden, I.: Facebook turns off facial recognition in the EU, gets the all-clear on several points from Ireland’s data protection commissioner on its review, September 2012. http://techcrunch.com/2012/09/21/facebook-turns-off-facial-recognition-in-the-eu-gets-the-all-clear/
- 14.Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2009). http://www.bitcoin.org/bitcoin.pdf
- 16.Rodden, T., Blair, G.S.: CSCW and distributed systems: the problem of control. In: Bannon, L.J., Robinson, M., Schmidt, K. (eds.) ECSCW. Kluwer (1991)Google Scholar
- 18.Shih, G.: Facebook admits year-long data breach exposed 6 million users, June 2013. http://www.reuters.com/article/2013/06/21/net-us-facebook-security-idUSBRE95K18Y20130621
- 19.Smith, C.: Reinventing social media: Deep learning, predictive marketing, and image recognition will change everything, March 2014. http://www.businessinsider.com/social-medias-big-data-future-2014-3
- 20.Trevor, J., Koch, T., Woetzel, G.: Metaweb: bringing synchronous groupware to the world wide web. In: ECSCW, pp. 65–80 (1997)Google Scholar
- 21.Zhang, G., Jin, Q.: Scalable information sharing utilizing decentralized p2p networking integrated with centralized personal and group media tools. In: AINA (2), pp. 707–711. IEEE Computer Society (2006)Google Scholar
- 22.Zurko, M.E.: IBM Lotus Notes/Domino: Embedding Security in Collaborative Applications, Chap. 30. O’Reilly Media, Inc., Sebastopol (2005) Google Scholar