Confidant: Protecting OSN Data without Locking It Up

  • Dongtao Liu
  • Amre Shakimov
  • Ramón Cáceres
  • Alexander Varshavsky
  • Landon P. Cox
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7049)


Online social networks (OSNs) are immensely popular, but participants are increasingly uneasy with centralized services’ handling of user data. Decentralized OSNs offer the potential to address user’s anxiety while also enhancing the features and scalability offered by existing, centralized services. In this paper, we present Confidant, a decentralized OSN designed to support a scalable application framework for OSN data without compromising users’ privacy. Confidant replicates a user’s data on servers controlled by her friends. Because data is stored on trusted servers, Confidant allows application code to run directly on these storage servers. To manage access-control policies under weakly-consistent replication, Confidant eliminates write conflicts through a lightweight cloud-based state manager and through a simple mechanism for updating the bindings between access policies and replicated data.


Decentralization Onlie Social Networks Peer-to-peer Cloud 


  1. 1.
    Baden, R., et al.: Persona: an online social network with user-defined privacy. In: SIGCOMM 2009 (2009)Google Scholar
  2. 2.
    Bolosky, W., et al.: Feasibility of a serverless distributed file system deployed on an existing set of desktop pcs. SIGMETRICS (2000)Google Scholar
  3. 3.
    Chun, H., et al.: Comparison of online social relations in volume vs interaction: a case study of cyworld. In: IMC 2008 (2008)Google Scholar
  4. 4.
    Dean, J., et al.: Mapreduce: simplified data processing on large clusters. Commun. ACM (2008)Google Scholar
  5. 5.
    Douglas, T., et al.: Managing update conflicts in bayou, a weakly connected replicated storage system. In: SOSP (1995)Google Scholar
  6. 6.
    Shi, E., et al.: Multi-dimensional range query over encrypted data. In: IEEE Symposium on Security and Privacy (2007)Google Scholar
  7. 7.
    Fabbri, D., et al.: Privatepond: Outsourced management of web corpuses. In: WebDB (2009)Google Scholar
  8. 8.
    Facebook site info from,
  9. 9.
    Facebook statistics,
  10. 10.
    Gilbert, E., et al.: Predicting tie strength with social media. In: CHI 2009 (2009)Google Scholar
  11. 11.
    Golding, R.A.: A weak-consistency architecture for distributed information services. Computing Systems (1992)Google Scholar
  12. 12.
    Lampson, B.W.: Hints for computer system design. IEEE Software (1983)Google Scholar
  13. 13.
    Liu, D., Shakimov, A., Cáceres, R., Varshavsky, A., Cox, L.P.: Confidant: Protecting OSN Data without Locking it Up. Technical Report TR-2010-04, Duke University, Department of Computer Science, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA (August 2010)Google Scholar
  14. 14.
    Noble, B., Satyanarayanan, M.: An empirical study of a highly available file system. In: SIGMETRICS (1994)Google Scholar
  15. 15.
    Puhol, J., et al.: The little engine(s) that could: Scaling online social networks. In: SIGCOMM 2010 (2010)Google Scholar
  16. 16.
    Puttaswamy, K., Zhao, B.: Preserving privacy in location-based mobile social applications. In: HotMobile (2010)Google Scholar
  17. 17.
    Ramasubramanian, V., et al.: Cimbiosys: a platform for content-based partial replication. In: NSDI 2009 (2009)Google Scholar
  18. 18.
    Sala, A., et al.: Measurement-calibrated graph models for social network experiments. In: WWW 2010 (2010)Google Scholar
  19. 19.
    Saroiu, S., et al.: Measuring and analyzing the characteristics of napster and gnutella hosts. Multimedia Syst. (2003)Google Scholar
  20. 20.
    Song, D., et al.: Practical techniques for searches on encrypted data. In: IEEE Symposium on Security and Privacy (2000)Google Scholar
  21. 21.
    The Economist. Primates on facebook (February 2009)Google Scholar
  22. 22.
    Tootoonchian, A., et al.: Lockr: better privacy for social networks. In: CoNEXT 2009 (2009)Google Scholar
  23. 23.
    Tran, D., et al.: Friendstore: cooperative online backup using trusted nodes. In: SocialNets 2008 (2008)Google Scholar
  24. 24.
    Viswanath, B., et al.: On the evolution of user interaction in facebook. In: WOSN (2009)Google Scholar
  25. 25.
    Wilson, C., et al.: User interactions in social networks and their implications. In: EuroSys 2009 (2009)Google Scholar
  26. 26.
    Winsborough, W., et al.: Towards practical automated trust negotiation. In: Policy 2002 (2002)Google Scholar
  27. 27.
    Wobber, T., et al.: Policy-based access control for weakly consistent replication. In: EuroSys 2010 (2010)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Dongtao Liu
    • 1
  • Amre Shakimov
    • 1
  • Ramón Cáceres
    • 2
  • Alexander Varshavsky
    • 2
  • Landon P. Cox
    • 1
  1. 1.Duke UniversityUSA
  2. 2.AT&T Labs

Personalised recommendations