Abstract
Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
| Original language | English |
|---|---|
| Title of host publication | SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies |
| Publisher | Association for Computing Machinery |
| Pages | 123-134 |
| Number of pages | 12 |
| ISBN (Electronic) | 9781450367530 |
| DOIs | |
| Publication status | Published - 28 May 2019 |
| Event | 24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019 - Toronto, Canada Duration: 3 Jun 2019 → 6 Jun 2019 |
Publication series
| Name | Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT |
|---|
Conference
| Conference | 24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019 |
|---|---|
| Country | Canada |
| City | Toronto |
| Period | 3/6/19 → 6/6/19 |
Fingerprint
Keywords
- Access control
- Data privacy
- Hidden vector encryption
- Online social networks
ASJC Scopus subject areas
- Software
- Computer Networks and Communications
- Safety, Risk, Reliability and Quality
- Information Systems
Cite this
HITC : Data privacy in online social networks with fine-grained access control. / Abdulla, Ahmed Khalil; Bakiras, Spiridon.
SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, 2019. p. 123-134 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - HITC
T2 - Data privacy in online social networks with fine-grained access control
AU - Abdulla, Ahmed Khalil
AU - Bakiras, Spiridon
PY - 2019/5/28
Y1 - 2019/5/28
N2 - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
AB - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
KW - Access control
KW - Data privacy
KW - Hidden vector encryption
KW - Online social networks
UR - http://www.scopus.com/inward/record.url?scp=85067193318&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85067193318&partnerID=8YFLogxK
U2 - 10.1145/3322431.3325104
DO - 10.1145/3322431.3325104
M3 - Conference contribution
AN - SCOPUS:85067193318
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 123
EP - 134
BT - SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
PB - Association for Computing Machinery
ER -