Abstract
The popularity of Social Networking Sites (SNS) is growing rapidly, with the largest sites serving hundreds of millions of users and their private information. The privacy settings of these SNSs do not allow the user to avoid sharing some information (e.g., name and profile picture) with all the other users. Also, no matter the privacy settings, this information is always shared with the SNS (that could sell this information or be hacked). To mitigate these threats, we recently introduced the concept of Virtual Private Social Networks (VPSNs).
In this work we propose the first complete architecture and implementation of VPSNs for Facebook. In particular, we address an important problem left unexplored in our previous research—that is the automatic propagation of updated profiles to all the members of the same VPSN. Furthermore, we made an in-depth study on performance and implemented several optimization to reduce the impact of VPSN on user experience.
The proposed solution is lightweight, completely distributed, does not depend on the collaboration from Facebook, does not have a central point of failure, it offers (with some limitations) the same functionality as Facebook, and apart from some simple settings, the solution is almost transparent to the user. Thorough experiments, with an extended set of parameters, we have confirmed the feasibility of the proposal and have shown a very limited time-overhead experienced by the user while browsing Facebook pages.
- Aimeur, E., Gambs, S., and Ho, A. 2009. Upp: User privacy policy for social networking sites. In Proceedings of the International Conference on Internet and Web Applications and Services (ICIW'09). 267--272. Google Scholar
Digital Library
- Aimeur, E., Gambs, S., and Ho, A. 2010. Towards a privacy-enhanced social networking site. In Proceedings of the International Conference on Availability, Reliability, and Security (ARES'10). 172--179.Google Scholar
- AOL. 2011. Web page test. http://www.webpagetest.org/.Google Scholar
- Archiveexploits. 2012. Facebook's servers was hacked again by inj3ct0r team. http://inj3ct0r.com/exploits/13403.Google Scholar
- Baden, R., Bender, A., Spring, N., Bhattacharjee, B., and Starin, D. 2009. Persona: an online social network with user-defined privacy. In Proceedings of the ACM SIGCOMM Data Communications Festival(SIGCOMM'09). 135--146. Google Scholar
Digital Library
- Beato, F., Kohlweiss, M., and Wouters, K. 2011. Scramble! your social network data. In Proceedings of the 11th International Conference on Privacy Enhancing technologies (PETS'11). 211--225. Google Scholar
Digital Library
- Boyd, D. M. and Ellison, N. B. 2007. Social network sites: Definition, history, and scholarship. J. Comput.-Mediated Commun. 13, 1, Article 11.Google Scholar
Digital Library
- Carminati, B., Ferrari, E., Morasca, S., and Taibi, D. 2011. A probability-based approach to modeling the risk of unauthorized propagation of information in on-line social networks. In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11). 51--62. Google Scholar
Digital Library
- Carzaniga, A., Rosenblum, D. S., and Wolf, A. L. 2001. Design and evaluation of a wide-area event notification service. ACM Trans. Comput. Syst. 19, 3, 332--383. Google Scholar
Digital Library
- Conti, M., Hasani, A., and Crispo, B. 2011. Virtual private social networks. In ACM Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11). 39--50. Google Scholar
Digital Library
- Cutillo, L. A., Molva, R., and Strufe, T. 2009. Safebook: A privacy-preserving online social network leveraging on real-life trust. IEEE Comm. Mag. 47, 12, 94--101. Google Scholar
Digital Library
- Daniel, G., Maxwell, S., Raphael, S., and Ilya, Z. 2010. Diaspora*. http://www.joindiaspora.com/.Google Scholar
- De Cristofaro, E., Soriente, C., Tsudik, G., and Williams, A. 2011. Hummingbird: Privacy at the time of twitter. Cryptology ePrint Archive, Report 2011/640. http://eprint.iacr.org/.Google Scholar
- Durr, M., Werner, M., and Maier, M. 2010. Re-socializing online social networks. In Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & International Conference on Cyber, Physical and Social Computing (GreenCom-CPSCom'10). 786--791. Google Scholar
Digital Library
- Dybwad, B. 2010. Facebook and others caught sending user data to advertisers. http://mashable.com/2010/05/20/facebook-caught-sending-user-data-to-advertisers/.Google Scholar
- Facebook. 2012a. http://www.facebook.com.Google Scholar
- Facebook. 2012b. Facebook data use policy. http://www.facebook.com/about/privacy/.Google Scholar
- Felt, A. and Evans, D. 2008. Privacy protection for social networking apis. In Proceedings of the Workshop on Web 2.0 Security and Privacy (W2SP'08).Google Scholar
- Figueiredo, R. J., Boykin, P. O., Juste, P. S., and Wolinsky, D. 2008. Integrating overlay and social networks for seamless p2p networking. In Proceedings of the IEEE International Conference on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE'08). 93--98. Google Scholar
Digital Library
- Foundation, X. S. 2012. Xep-0060: Publish-subscribe. http://xmpp.org/extensions/xep-0060.html.Google Scholar
- Ganguly, A., Agrawal, A., Boykin, P. O., and Figueiredo, R. 2006. Ip over p2p: enabling self-configuring virtual ip networks for grid computing. In Proceedings of the International Parallel and Distributed Processing Symposium (IPDPS'06). 49--49. Google Scholar
Digital Library
- Golbeck, J. 2009. Trust and nuanced profile similarity in online social networks. ACM Trans. Web 3, 12:1--12:33. Google Scholar
Digital Library
- Gross, R. and Acquisti, A. 2005. Information revelation and privacy in online social networks. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES'05). 71--80. Google Scholar
Digital Library
- Guha, S., Tang, K., and Francis, P. 2008. Noyb: Privacy in online social networks. In Proceedings of the 1st Workshop on Online Social Networks (WOSN'08). 49--54. Google Scholar
Digital Library
- Hasani, A. 2012. Virtual private social networks website. http://sites.google.com/site/fbprivacy2010/.Google Scholar
- Hay, M., Miklau, G., Jensen, D., Weis, P., and Srivastava, S. 2007. Anonymizing social networks. Tech. rep. 07-19, University of Massachusetts Amherst.Google Scholar
- Isode.com. 2012. M-link server. http://www.isode.com/products/m-link.html.Google Scholar
- Jabberes.Org. 2011. http://www.jabberes.org/servers/.Google Scholar
- Jin, L., Takabi, H., and Joshi, J. B. 2011. Towards active detection of identity clone attacks on online social networks. In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11). ACM, 27--38. Google Scholar
Digital Library
- Kacimi, M., Ortolani, S., and Crispo, B. 2009. Anonymous opinion exchange over untrusted social networks. In Proceedings of the 2nd ACM EuroSys Workshop on Social Network Systems (SNS'09). 26--32. Google Scholar
Digital Library
- Korolova, A., Motwani, R., Nabar, S. U., and Xu, Y. 2008. Link privacy in social networks. In Proceedings of the International Conference on Information and Knowledge Management (CIKM'08). 289--298. Google Scholar
Digital Library
- Kumari, P., Pretschner, A., Peschla, J., and Kuhn, J.-M. 2011. Distributed data usage control for web applications: a social network implementation. In Proceedings of the ACM Conference on Data and Application Security and Privacy (ACM CODASPY'11). 85--96. Google Scholar
Digital Library
- Lucas, M. M. and Borisov, N. 2008. Flybynight: Mitigating the privacy risks of social networking. In Proceedings of the ACM Workshop on Privacy in the Electronic Society (WPES'08). 1--8. Google Scholar
Digital Library
- Luo, W., Xie, Q., and Hengartner, U. 2009. Facecloak: An architecture for user privacy on social networking sites. In Proceedings of the International Conference on Computational Science and Engineering (CSE'09). 26--33. Google Scholar
Digital Library
- McCune, J. M., Perrig, A., and Reiter, M. K. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the IEEE Symposium on Security and Privacy (S&P'05). 110--124. Google Scholar
Digital Library
- Mislove, A., Viswanath, B., Gummadi, K. P., and Druschel, P. 2010. You are who you know: Inferring user profiles in online social networks. In Proceedings of the ACM International Conference on Web Search and Data Mining (WSDM'10). 251--260. Google Scholar
Digital Library
- Mozilla. 2012a. Chrome registration. https://developer.mozilla.org/en-US/docs/Chrome_Registration#content accessible.Google Scholar
- Mozilla. 2012b. Http requests observers. https://developer.mozilla.org/en-US/docs/Setting_HTTP_request_headers.Google Scholar
- Mozilla. 2012c. Observer notifications. https://developer.mozilla.org/en/Observer_Notifications.Google Scholar
- Mozilla. 2012d. Venkman javascript debugger project page. https://developer.mozilla.org/en-US/docs/Venkman.Google Scholar
- Mozilla. 2012e. Xpcom nsiprocess interface. https://developer.mozilla.org/en-US/docs/Code_snippets/Running_applications.Google Scholar
- Narayanan, A. and Shmatikov, V. 2009. De-anonymizing social networks. In Proceedings of the IEEE Symposium on Security and Privacy (S&P'09). 173--187. Google Scholar
Digital Library
- Paci, F., Mecella, M., Ouzzani, M., and Bertino, E. 2011. Acconv -- an access control model for conversational web services. ACM Trans. Web 5, 13:1--13:33. Google Scholar
Digital Library
- Primelife. 2011. Clique. http://clique.primelife.eu/.Google Scholar
- Reay, I., Dick, S., and Miller, J. 2009. A large-scale empirical study of p3p privacy policies: Stated actions vs. legal obligations. ACM Trans. Web 3, 6:1--6:34. Google Scholar
Digital Library
- Rowstron, A., Kermarrec, A.-M., Castro, M., and Druschel, P. 2001. Scribe: The design of a large-scale event notification infrastructure. In Proceedings of the Third International COST264 Workshop on Networked Group Communication. 30--43. Google Scholar
Digital Library
- Saint-Andre, P. 2010. Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence. http://xmpp.org/rfcs/rfc3921.html.Google Scholar
- Saint-Andre, P. 2011a. Extensible Messaging and Presence Protocol (XMPP): Core. RFC 6120.Google Scholar
- Saint-Andre, P. 2011b. Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence. RFC 6121.Google Scholar
- Sorniotti, A. and Molva, R. 2010. Secret interest groups (sigs) in social networks with an implementation on Facebook. In Proceedings of the ACM Symposium on Applied Computing (SAC'10). 621--628. Google Scholar
Digital Library
- Tabakoff, N. 2009. Facebook users are sitting ducks for identity theft. http://www.dailytelegraph.com.au/news/facebook-users-sitting-ducks-for-identity-theft/story-e6freuy9-122580713389/.Google Scholar
- TheCoccinella.Org. 2011. http://thecoccinella.org/servers/servers_by_pubsub_pep.html.Google Scholar
- van Amstel, B., Groeneveld, F., and Borsboom, B. 2010. Please rob me. http://pleaserobme.com/.Google Scholar
- Vu, L.-H., Aberer, K., Buchegger, S., and Datta, A. 2009. Enabling secure secret sharing in distributed online social networks. In Proceedings of the Annual Computer Security Applications Conference (ACSAC'09). 419--428. Google Scholar
Digital Library
- Wolfe-Wylie, W. 2010. The harm of facebook pictures. http://www.torontosun.com/life/2010/08/10/14978476.html.Google Scholar
- XMPP Protocol. 2011. http://xmpp.org//.Google Scholar
- XMPP.org. 2011. http://xmpp.org/services/.Google Scholar
- Young, A. L. and Quan-Haase, A. 2009. Information revelation and internet privacy concerns on social network sites: a case study of Facebook. In Proceedings of the 4th International Conference on Communities and Technologies (C&T'09). 265--274. Google Scholar
Digital Library
- Yuksel, A. S., Yuksel, M. E., and Zaim, A. H. 2010. An approach for protecting privacy on social networks. In Proceedings of the International Conference on Systems and Networks Communications (ICSNC'10). 154--159. Google Scholar
Digital Library
- Zheleva, E. and Getoor, L. 2009. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In Proceedings of the International World Wide Web Conference (WWW'09). 531--540. Google Scholar
Digital Library
Index Terms
Virtual private social networks and a facebook implementation
Recommendations
Virtual private social networks
CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacySocial Networking Sites (SNSs) are having a significant impact on the social life of many people - even beyond the millions of people that use them directly. These websites usually allow users to present a profile of themselves through a long list of ...
Uses and gratifications of social networking sites for bridging and bonding social capital
Applying uses and gratifications theory (UGT) and social capital theory, our study examined users of four social networking sites (SNSs) (Facebook, Twitter, Instagram, and Snapchat), and their influence on online bridging and bonding social capital. ...
What happens on Facebook stays on Facebook? The implications of Facebook interaction for perceived, receiving, and giving social support
Facebook interaction is positively related to receiving social support on Facebook.Facebook interaction is positively related to giving social support on Facebook.Facebook interaction is not associated with perceived social support in general.Receiving ...






Comments