PeerShare: A System Secure Distribution of Sensitive Data among Social Contacts

  • Marcin Nagy
  • N. Asokan
  • Jörg Ott
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8208)

Abstract

We present the design and implementation of the PeerShare, a system that can be used by applications to securely distribute sensitive data to social contacts of a user. PeerShare incorporates a generic framework that allows different applications to distribute data with authenticity and confidentiality guarantees to authorized sets of recipients, specified in terms of social relationships. By using existing interfaces in popular social networks for user authentication and social graph information, PeerShare is designed to be easy to use for both end users as well as developers of applications. We have used PeerShare already in three different applications and plan to make it available for developers.

Keywords

Data distribution social networks access control 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Asokan, N., Dmitrienko, A., Nagy, M., Reshetova, E., Sadeghi, A.-R., Schneider, T., Stelle, S.: Crowdshare: Secure mobile resource sharing. Technical Report TUD-CS-2013-0084, TU Darmstadt (April 2013)Google Scholar
  2. 2.
    Asokan, N., Dmitrienko, A., Nagy, M., Reshetova, E., Sadeghi, A.-R., Schneider, T., Stelle, S.: CrowdShare: Secure mobile resource sharing. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 432–440. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  3. 3.
    Backes, M., Maffei, M., Pecina, K.: A Security API for Distributed Social Networks. In: NDSS (2011)Google Scholar
  4. 4.
    Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: an online social network with user-defined privacy. In: SIGCOMM, pp. 135–146 (2009)Google Scholar
  5. 5.
    De Cristofaro, E., Gasti, P., Tsudik, G.: Fast and private computation of cardinality of set intersection and union. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 218–231. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Cutillo, L.A., Molva, R., Strufe, T.: Safebook: A privacy-preserving online social network leveraging on real-life trust. Comm. Mag. 47(12), 94–101 (2009)CrossRefGoogle Scholar
  7. 7.
    Evans, C., Palmer, C., Sleevi, R.: Google Inc. Public Key Pinning Extension for HTTP, IETF Internet Draft, draft-ietf-websec-key-pinning-04 (2013)Google Scholar
  8. 8.
    Gupta, A., Miettinen, M., Nagy, M., Asokan, N., Wetzel, A.: Peersense: Who is near you? In: PerCom Workshops, pp. 516–518 (2012)Google Scholar
  9. 9.
    Gutmann, P.: PKI: It’s not dead, just resting. IEEE Computer 35(8), 41–49 (2002)CrossRefGoogle Scholar
  10. 10.
    Hardt, D.: The OAuth 2.0 Authorization Framework. RFC 6749 (Proposed Standard) (October 2012)Google Scholar
  11. 11.
    Jahid, S., Nilizadeh, S., Mittal, P., Borisov, N., Kapadia, A.: DECENT: A decentralized architecture for enforcing privacy in online social networks. In: PerCom Workshops, pp. 326–332 (2012)Google Scholar
  12. 12.
    Kostiainen, K., Ekberg, J.-E., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: ASIACCS, pp. 104–115 (2009)Google Scholar
  13. 13.
    Nagy, M., Asokan, N., Ott, J.: Peershare: A system secure distribution of sensitive data among social contacts. Technical Report arXiv:1307.4046, Department of Communications and Networking, Aalto University (2013)Google Scholar
  14. 14.
    Narayanan, A.: Social keys: Transparent cryptography via key distribution over social networks. In: The IAB Workshop on Internet Privacy (2010)Google Scholar
  15. 15.
    Pitkänen, M., et al.: SCAMPI: Service platform for social aware mobile and pervasive computing. Computer Communication Review 42(4), 503–508 (2012)CrossRefGoogle Scholar
  16. 16.
    Qin, C., Bao, X., Choudhury, R.R., Nelakuditi, S.: Tagsense: a smartphone-based approach to automatic image tagging. In: Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services, MobiSys 2011, pp. 1–14. ACM, New York (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Marcin Nagy
    • 1
  • N. Asokan
    • 2
  • Jörg Ott
    • 1
  1. 1.Aalto UniversityFinland
  2. 2.University of HelsinkiFinland

Personalised recommendations