Abstract
Online Social Networks (OSNs) offer free storage and social networking services through which users can communicate personal information with one another. The personal information of the users collected by the OSN provider comes with privacy problems when being monetized for advertising purposes. To protect user privacy, existing studies propose utilizing data encryption that immediately prevents OSNs from monetizing users data and hence leaves secure OSNs with no convincing commercial model. To address this problem, we propose Privado as a privacy-preserving group-based advertising mechanism to be integrated into secure OSNs to re-empower monetizing ability. Privado is run by N servers, each provided by an independent provider. User privacy is protected against an active malicious adversary controlling N − 1 providers, all the advertisers, and a large fraction of the users. We base our design on the group-based advertising notion to protect user privacy, which is not possible in the personalized variant. Our design also delivers advertising transparency; the procedure of identifying target customers is operated solely by the OSN servers without getting users and advertisers involved. We carry out experiments to examine the advertising running time under various number of servers and group sizes. We also argue about the optimum number of servers with respect to user privacy and advertising running time.
- Prabhanjan Ananth, Nishanth Chandran, Vipul Goyal, Bhavana Kanukurthi, and Rafail Ostrovsky. 2014. Achieving privacy in verifiable computation with multiple servers--without FHE and without pre-processing. In Proceedings of the International Workshop on Public Key Cryptography. Springer, 149--166.Google Scholar
Digital Library
- Randy Baden, Adam Bender, Neil Spring, Bobby Bhattacharjee, and Daniel Starin. 2009. Persona: An online social network with user-defined privacy. In Proceedings of the Annual Conference of the ACM Special Interest Group on Data Communication (SIGCOMM’09).Google Scholar
Digital Library
- Alessandro Barenghi, Michele Beretta, Alessandro Di Federico, and Gerardo Pelosi. 2014. Snake: An end-to-end encrypted online social network. In Proceedings of the IEEE International Conference on Embedded Software and Systems (ICESS’14). IEEE.Google Scholar
Digital Library
- Debmalya Biswas, Stephan Haller, and Florian Kerschbaum. 2010. Privacy-preserving outsourced profiling. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’10). IEEE.Google Scholar
Digital Library
- Marina Blanton and Fattaneh Bayatbabolghani. 2016. Efficient server-aided secure two-party function evaluation with applications to genomic computation. Proc. Privacy Enhanc. Technol. 2016, 4 (2016), 144--164.Google Scholar
Cross Ref
- Burton H. Bloom. 1970. Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13, 7 (1970), 422--426.Google Scholar
Digital Library
- Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. 2004. Public key encryption with keyword search. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 506--522.Google Scholar
Cross Ref
- Sanaz Taheri Boshrooyeh, Alptekin Küpçü, and Öznur Özkasap. 2018. PPAD: Privacy preserving group-based ADvertising in online social networks. In Proceedings of the International Federation for Information Processing (IFIP’18). IEEE, Zurich, Switzerland, 541--549.Google Scholar
- Bruce Schneier. 2015. Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition. https://www.wiley.com/en-gb/Applied+Cryptography%3A+Protocols%2C+Algorithms+and+Source+Code+in+C%2C+20th+Anniversary+Edition-p-9781119096726. 784 Pages.Google Scholar
- Sonja Buchegger, Doris Schiöberg, Le-Hung Vu, and Anwitaman Datta. 2009. PeerSoN: P2P social networking: Early experiences and insights. In Proceedings of the 2nd ACM EuroSys Workshop on Social Network Systems. ACM, 46--52.Google Scholar
Digital Library
- Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. 2015. Outsourcing secure two-party computation as a black box. In Proceedings of the Conference on Cryptology and Network Security.Google Scholar
Cross Ref
- Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. 2016. Secure outsourced garbled circuit evaluation for mobile devices. J. Comput. Secur. 24, 2 (2016), 137--180.Google Scholar
Cross Ref
- Miguel Castro and Barbara Liskov. 2002. Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst. 20, 4 (2002), 398--461.Google Scholar
Digital Library
- Ronald Cramer, Ivan Damgård, and Jesper B. Nielsen. 2001. Multiparty computation from threshold homomorphic encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 280--300.Google Scholar
- Ivan Damgård and Jesper Buus Nielsen. 2003. Universally composable efficient multiparty computation from threshold homomorphic encryption. In Proceedings of the Annual International Cryptology Conference. Springer, 247--264.Google Scholar
Cross Ref
- Ivan Damgård, Valerio Pastro, Nigel Smart, and Sarah Zakarias. 2012. Multiparty computation from somewhat homomorphic encryption. In Proceedings of the Annual Cryptology Conference. Springer, 643--662.Google Scholar
Digital Library
- Emiliano De Cristofaro, Claudio Soriente, Gene Tsudik, and Albert Williams. 2012. Hummingbird: Privacy at the time of Twitter. In Proceedings of the Conference on Security and Privacy (SP’12). IEEE.Google Scholar
Digital Library
- Ariel J. Feldman, Aaron Blankstein, Michael J. Freedman, and Edward W. Felten. 2012. Social networking with frientegrity: Privacy and integrity with an untrusted provider. In Proceedings of the USENIX Security Symposium.Google Scholar
- Amos Fiat and Adi Shamir. 1986. How to prove yourself: Practical solutions to identification and signature problems. In Proceedings of the Conference on Advances in Cryptology (CRYPTO’86). Springer, 186--194.Google Scholar
Digital Library
- Saikat Guha, Bin Cheng, and Paul Francis. 2011. Privad: Practical privacy in online advertising. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI’11).Google Scholar
- Yahya Hassanzadeh-Nazarabadi, Alptekin Küpçü, and Öznur Özkasap. 2019. LightChain: A DHT-based blockchain for resource constrained environments. arXiv preprint arXiv:1904.00375. https://arxiv.org/abs/1904.00375.Google Scholar
- Carmit Hazay and Yehuda Lindell. 2010. Efficient Secure Two-party Protocols: Techniques and Constructions. Springer Science 8 Business Media.Google Scholar
- Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, and Tomas Toft. 2011. Efficient RSA Key Generation and Threshold Paillier in the Two-Party Setting. Retrieved from https://eprint.iacr.org/2011/494.pdf.Google Scholar
- Carmit Hazay, Gert Læssøe Mikkelsen, Tal Rabin, and Tomas Toft. 2012. Efficient RSA key generation and threshold paillier in the two-party setting. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 313--331.Google Scholar
Digital Library
- Debiao He, Mimi Ma, Sherali Zeadally, Neeraj Kumar, and Kaitai Liang. 2018. Certificateless public key authenticated encryption with keyword search for industrial internet of things. IEEE Trans. Industr. Inform. 14, 8 (2018), 3618--3627.Google Scholar
Cross Ref
- Amir Herzberg and Haya Shulman. 2013. Oblivious and fair server-aided two-party computation. Info. Secur. Tech. Rep. 17, 2 (2013), 210--226.Google Scholar
Cross Ref
- Qiong Huang and Hongbo Li. 2017. An efficient public-key searchable encryption scheme secure against inside keyword guessing attacks. Info. Sci. 403 (2017), 1--14.Google Scholar
- Thomas P. Jakobsen, Jesper Buus Nielsen, and Claudio Orlandi. 2014. A framework for outsourcing of secure computation. In Proceedings of the 6th ACM Workshop on Cloud Computing Security. ACM, 81--92.Google Scholar
Digital Library
- Ari Juels. 2001. Targeted advertising...and privacy too. In Proceedings of the Cryptographers Track of the RSA Conference (CT-RSA’01). Springer.Google Scholar
Cross Ref
- Seny Kamara, Payman Mohassel, and Mariana Raykova. 2011. Outsourcing multi-party computation. IACR Cryptol. ePrint Archive: Report 2011/272. https://eprint.iacr.org/2011/272.Google Scholar
- Seny Kamara, Payman Mohassel, Mariana Raykova, and Saeed Sadeghian. 2014. Scaling private set intersection to billion-element sets. In Proceedings of the International Conference on Frontier Computing (FC). Springer.Google Scholar
Cross Ref
- Seny Kamara, Payman Mohassel, and Ben Riva. 2012. Salus: A system for server-aided secure function evaluation. In Proceedings of the ACM Computer and Communications Security Conference (CCS’12). ACM.Google Scholar
Digital Library
- Jonathan Katz and Yehuda Lindell. 2014. Introduction to Modern Cryptography. CRC Press.Google Scholar
Digital Library
- Florian Kerschbaum. 2009. Adapting privacy-preserving computation to the service provider model. In Proceedings of the SIAM Conference on Computational Science and Engineering (CSE’09). IEEE.Google Scholar
Digital Library
- Florian Kerschbaum. 2012. Collusion-resistant outsourcing of private set intersection. In Applied Computing. ACM.Google Scholar
- Florian Kerschbaum. 2012. Outsourced private set intersection using homomorphic encryption. In Proceedings of the ACM Computer and Communications Security Conference (CCS’12). ACM.Google Scholar
Digital Library
- Handan Kılınç and Alptekin Küpçü. 2015. Optimally efficient multi-party fair exchange and fair secure multi-party computation. In Proceedings of the Cryptographers’ Track at the RSA Conference. Springer, 330--349.Google Scholar
- Balachander Krishnamurthy and Craig E. Wills. 2008. Characterizing privacy in online social networks. In Proceedings of the Workshop on Online Social Networks (WOSN’08). ACM.Google Scholar
- Jiguo Li, Xiaonan Lin, Yichen Zhang, and Jinguang Han. 2017. KSF-OABE: Outsourced attribute-based encryption with keyword search function for cloud storage. IEEE Trans. Services Comput. 10, 5 (2017), 715--725.Google Scholar
Cross Ref
- Yehuda Lindell. 2007. Foundations of Cryptography, Vol. 1. https://www.cambridge.org/tr/academic/subjects/computer-science/cryptography-cryptology-and-coding/foundations-cryptography-volume-1?format=PB8isbn=9780521035361.Google Scholar
- Payman Mohassel, Ostap Orobets, and Ben Riva. 2016. Efficient server-aided 2pc for mobile phones. Proc. Privacy Enhanc. Technol. 2016, 2 (2016), 82--99.Google Scholar
Cross Ref
- Tal Moran and Moni Naor. 2010. Split-ballot voting: Everlasting privacy with distributed trust. ACM Trans. Info. Syst. Secur. 13, 2 (2010), 16.Google Scholar
- Arvind Narayanan and Vitaly Shmatikov. 2009. De-anonymizing social networks. In Security and Privacy. IEEE.Google Scholar
- Ozgur Oksuz, Iraklis Leontiadis, Sixia Chen, Alexander Russell, Qiang Tang, and Bing Wang. 2017. SEVDSI: Secure, Efficient and Verifiable Data Set Intersection. Technical Report. Cryptology ePrint Archive Report 2017/215. Retrieved from http://ia. cr/2017/215.Google Scholar
- Constantinos Patsakis, Athanasios Zigomitros, and Agusti Solanas. 2015. Privacy-aware genome mining: Server-assisted protocols for private set intersection and pattern matching. In Proceedings of the International Symposium on Computer-based Medical Systems (CBMS’15). IEEE.Google Scholar
Digital Library
- Kun Peng and Feng Bao. 2010. A shuffling scheme with strict and strong security. In Proceedings of the 4th International Conference on Emerging Security Information Systems and Technologies (SECURWARE’10). IEEE, 201--206.Google Scholar
Digital Library
- Nina Pettersen. 2016. Applications of Paillier s Cryptosystem.Master’s thesis. NTNU.Google Scholar
- Benny Pinkas, Thomas Schneider, and Michael Zohner. 2018. Scalable private set intersection based on ot extension. ACM Trans. Privacy Secur. 21, 2 (2018), 7.Google Scholar
- Krishna Sampigethaya and Radha Poovendran. 2006. A survey on mix networks and their secure applications. Proc. IEEE 94, 12 (2006), 2142--2181.Google Scholar
Cross Ref
- Berry Schoenmakers and Meilof Veeningen. 2015. Universally verifiable multiparty computation from threshold homomorphic cryptosystems. In Proceedings of the International Conference on Applied Cryptography and Network Security. Springer, 3--22.Google Scholar
Cross Ref
- Jinyuan Sun, Xiaoyan Zhu, and Yuguang Fang. 2010. A privacy-preserving scheme for online social networks with efficient revocation. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’10). IEEE.Google Scholar
Cross Ref
- Amin Tootoonchian, Stefan Saroiu, Yashar Ganjali, and Alec Wolman. 2009. Lockr: Better privacy for social networks. In Proceedings of the International Conference on Emerging Networking Experiments and Technologies (CoNEXT’09). ACM.Google Scholar
Digital Library
- Vincent Toubiana, Arvind Narayanan, Dan Boneh, Helen Nissenbaum, and Solon Barocas. 2010. Adnostic: Privacy preserving targeted advertising. In Proceedings of the Network and Distributed System Security Symposium (NDSS’10).Google Scholar
- Nikolaj Volgushev, Malte Schwarzkopf, Ben Getchell, Mayank Varia, Andrei Lapets, and Azer Bestavros. 2019. Conclave: Secure multi-party computation on big data. In Proceedings of the European Conference on Computer Systems.Google Scholar
Digital Library
- Yuan Zhang, Qingjun Chen, and Sheng Zhong. 2016. Privacy-preserving data aggregation in mobile phone sensing. IEEE Trans. Info. Forensics Secur. 11, 5 (2016), 980--992.Google Scholar
Digital Library
- Qingji Zheng and Shouhuai Xu. 2015. Verifiable delegated set intersection operations on outsourced encrypted data. In Proceedings of the IEEE International Conference on Cloud Engineering (IC2E’15). IEEE.Google Scholar
Digital Library
- Binrui Zhu, Jiameng Sun, Jing Qin, and Jixin Ma. 2017. The public verifiability of public key encryption with keyword search. In Proceedings of the International Conference on Mobile Networks and Management. Springer, 299--312.Google Scholar
- Xukai Zou, Huian Li, Yan Sui, Wei Peng, and Feng Li. 2014. Assurable, transparent, and mutual restraining e-voting involving multiple conflicting parties. In Proceedings of the IEEE International Conference on Computer Communications (INFOCOM’14). IEEE, 136--144.Google Scholar
Cross Ref
Index Terms
Privado: Privacy-preserving Group-based Advertising Using Multiple Independent Social Network Providers
Recommendations
ObliviAd: Provably Secure and Practical Online Behavioral Advertising
SP '12: Proceedings of the 2012 IEEE Symposium on Security and PrivacyOnline behavioral advertising (OBA) involves the tracking of web users' online activities in order to deliver tailored advertisements. OBA has become a rapidly increasing source of revenue for a number of web services, and it is typically conducted by ...
Strategies and struggles with privacy in an online social networking community
BCS-HCI '08: Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1Online social networking communities such as Facebook and MySpace are extremely popular. These sites have changed how many people develop and maintain relationships through posting and sharing personal information. The amount and depth of these personal ...
Can Friends Be Trusted? Exploring Privacy in Online Social Networks
ASONAM '09: Proceedings of the 2009 International Conference on Advances in Social Network Analysis and MiningIn this paper, we present a case study describing the privacy and trust that exist within a small population of online social network users. We begin by formally characterizing different graphs in social network sites like Facebook. We then determine ...






Comments