HITC: Data privacy in online social networks with fine-grained access control

Ahmed Khalil Abdulla, Spiridon Bakiras

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.

Original languageEnglish
Title of host publicationSACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Pages123-134
Number of pages12
ISBN (Electronic)9781450367530
DOIs
Publication statusPublished - 28 May 2019
Event24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019 - Toronto, Canada
Duration: 3 Jun 20196 Jun 2019

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019
CountryCanada
CityToronto
Period3/6/196/6/19

    Fingerprint

Keywords

  • Access control
  • Data privacy
  • Hidden vector encryption
  • Online social networks

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Cite this

Abdulla, A. K., & Bakiras, S. (2019). HITC: Data privacy in online social networks with fine-grained access control. In SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies (pp. 123-134). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). Association for Computing Machinery. https://doi.org/10.1145/3322431.3325104