A centralized privacy-preserving framework for online social networks




There are some critical privacy concerns in the current online social networks (OSNs). Users' information is disclosed to different entities that they were not supposed to access. Furthermore, the notion of friendship is inadequate in OSNs since the degree of social relationships between users dynamically changes over the time. Additionally, users may define similar privacy settings for their friends in an OSN. In this paper, we present a centralized privacy-preserving framework for OSNs to address these issues. Using the proposed approach, the users enforce confidentiality and access control on the shared data while their connections/relationships with other users are kept anonymous in OSNs. In this way, the users themselves create and modify personalized privacy settings for their shared data while employing each other's privacy settings. Detailed evaluations of the proposed framework show the advantages of the proposed architecture compared to the most analogous recent approach.


[1] Boyd D., Ellison N. Social Network Sites: Definition, History, and Scholarship, Journal of Computer-Mediated Communication, 2007, 13(1): 210-230.

[2] Riphagen D. Privacy Risks for Users of Social Network Sites, Master Thesis, Delft University of Technology, 2008.

[3] Google Privacy Policy, http://www.google.com/intl/en/policies/privacy/, Accessed online on March 2013.

[4] Google+ Pages Additional Terms of Service, http://www.google.com/intl/en/+/policy/pagesterm.html, Accessed online on March 2013.

[5] Beato F., Kohlweiss M.,Wouters K. Enforcing Access Control in Social Network Sites, In: HotPETs Proc. 9th Privacy Enhancing Technologies Symp., Seattle, USA, , August 5-7, 2009, pp. 1-10.

[6] Lewis K. The Co-Evolution Of Social Network Ties And Online Privacy Behavior, Book chapter on Privacy Online: Perspectives On Privacy And Self-Disclosure in the Social Web, Springer-Verlag, 2011, pp. 91-109.

[7] Zhu Y., Hu Z., Wang H., Hu H., Ahn G-J. A Collaborative Framework for Privacy Protection in Online Social Networks, In Proc. 6th International Conference on Collaborative Computing (CollaborateCom), Chicago, Illinois, October 9-12, 2010, pp. 40-45.

[8] Jahid S., Mittal P., Borisov N. EASiER: Encryption-based Access Control in Social Net- works with Efficient Revocation, In Proc. 6th ACM Symposium on Information Computer and Communications Security (ASIACCS), Hong Kong, China, March 22-24, 2011, pp. 411-415.

[9] Raji, F., Miri, A., Davarpanah Jazi, M., Malek, B.: 'CP2: Cryptographic Privacy Protection Framework for Online Social Networks', Elsevier Computers & Electrical Engineering, Volume 39, Issue 7, 2013, pp. 22822298.

[10] Raji F., Miri A., Davarpanah Jazi M., Malek B. 'DEFF: a new architecture for private online social networks', Special Issue on Security and Privacy in Ubiquitous Computing, Journal on Security and Communication Networks (SCN), John Wiley & Sons, Volume 6, Issue 12, 2013, pp.14601470.

[11] Fatemeh Raji, Ali Miri, Mohammad Davarpanah Jazi, "Preserving Privacy in Online Social Networks", 4th Canada-France MITACS Workshop on Foundations & Practice of Security (FPS2011), 2011.

[12] Malek B., Miri A. Adaptively Secure Broadcast Encryption with Short Ciphertexts, International Journal of Network Security, 2012, 14(2): 71-79.

[13] Schneier B. Applied Cryptography, Second Edition, John Wiley & Sons, Inc., New York, USA, 1996.

[14] Seda G., Bettina B. The social web and privacy: Practices, reciprocity and conflict detection in social networks, Privacy-Aware Knowledge Discovery: Novel Applications and New Techniques, Elena Ferrari and Francesco Bonchi (eds.), Florida, USA, 2010.

[15] Toivonen R., Kovanen L., Kivela M., Onnela J-P, Saramaki J., Kaski K. A comparative study of social network models: Network evolution models and nodal attribute models, Elsevier Journal on Social Networks, 2009, 31(4): 240-254.

[16] Adamic L. A., Adar E. Friends and Neighbors on the Web, Elsevier Journal on Social Networks, 2003, 25(3): 211-230.

[17] Bonneau J., Anderson J., Church L. Privacy Suites: Shared Privacy for Social Networks, In Proc. 9th Symposium on Usable Privacy and Security (SOUPS), Mountain View, California, July 15-17, 2009, pp. 1-6.

[18] Challal Y., Seba H. Group Key Management Protocols: A Novel Taxonomy, International Journal of Information Theory, 2005, 2(2): 105-118.

[19] Challal Y. Group Communication Security, Ph.D. Thesis, University of Technology of Compiegne, 2005.

[20] Poovendran R. Key Management for Secure Multicast Communications, Ph.D. Thesis, University of Maryland, 1999.

[21] Rafaeli S., Hutchison D. A Survey of Key Management for Secure Group Communication, ACM Journal on Computing Surveys, 2003, 35(3): 309-329.

[22] Li S-Q, Wu Y. A Survey on Key Management for Multicast, In Proc. 2th International Conference on Information Technology and Computer Science (ITCS), Kiev, Ukraine, July 24-25, 2010, pp. 309-312.

[23] Google Plus user base crosses 90 million mark, http://articles.economictimes.indiatimes.com/2012-01-23/news/30655461_1_google-ceo-larry-page-users-social-networking, Accessed online on March 2013.

[24] Naor D., Naor M., Lotspiech J. Revocation and Tracing Schemes for Stateless Receivers, In Lecture Notes in Computer Science 2139, Springer-Verlag, 2001, pp. 41-62.

[25] Boneh D., Gentry C., Waters B. Collusion Resistant Broadast Encryption with short ciphrertexts and private key, In Lecture Notes in Computer Science 3621, Springer-Verlag, 2005, pp. 258-275.