HITC

Data privacy in online social networks with fine-grained access control

Ahmed Khalil Abdulla, Spiridon Bakiras

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.

Original languageEnglish
Title of host publicationSACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages123-134
Number of pages12
ISBN (Electronic)9781450367530
DOIs
Publication statusPublished - 28 May 2019
Event24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019 - Toronto, Canada
Duration: 3 Jun 20196 Jun 2019

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019
CountryCanada
CityToronto
Period3/6/196/6/19

Fingerprint

Data privacy
Access control
Cryptography
Scalability
Servers

Keywords

  • Access control
  • Data privacy
  • Hidden vector encryption
  • Online social networks

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Cite this

Abdulla, A. K., & Bakiras, S. (2019). HITC: Data privacy in online social networks with fine-grained access control. In SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies (pp. 123-134). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). Association for Computing Machinery. https://doi.org/10.1145/3322431.3325104

HITC : Data privacy in online social networks with fine-grained access control. / Abdulla, Ahmed Khalil; Bakiras, Spiridon.

SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, 2019. p. 123-134 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abdulla, AK & Bakiras, S 2019, HITC: Data privacy in online social networks with fine-grained access control. in SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, Association for Computing Machinery, pp. 123-134, 24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019, Toronto, Canada, 3/6/19. https://doi.org/10.1145/3322431.3325104
Abdulla AK, Bakiras S. HITC: Data privacy in online social networks with fine-grained access control. In SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery. 2019. p. 123-134. (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). https://doi.org/10.1145/3322431.3325104
Abdulla, Ahmed Khalil ; Bakiras, Spiridon. / HITC : Data privacy in online social networks with fine-grained access control. SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, 2019. pp. 123-134 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).
@inproceedings{368ae7b99d124ff598f5f16f9b639a44,
title = "HITC: Data privacy in online social networks with fine-grained access control",
abstract = "Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.",
keywords = "Access control, Data privacy, Hidden vector encryption, Online social networks",
author = "Abdulla, {Ahmed Khalil} and Spiridon Bakiras",
year = "2019",
month = "5",
day = "28",
doi = "10.1145/3322431.3325104",
language = "English",
series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",
publisher = "Association for Computing Machinery",
pages = "123--134",
booktitle = "SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies",

}

TY - GEN

T1 - HITC

T2 - Data privacy in online social networks with fine-grained access control

AU - Abdulla, Ahmed Khalil

AU - Bakiras, Spiridon

PY - 2019/5/28

Y1 - 2019/5/28

N2 - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.

AB - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.

KW - Access control

KW - Data privacy

KW - Hidden vector encryption

KW - Online social networks

UR - http://www.scopus.com/inward/record.url?scp=85067193318&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067193318&partnerID=8YFLogxK

U2 - 10.1145/3322431.3325104

DO - 10.1145/3322431.3325104

M3 - Conference contribution

T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

SP - 123

EP - 134

BT - SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

PB - Association for Computing Machinery

ER -