TY - GEN
T1 - HITC
T2 - 24th ACM Symposium on Access Control Models and Technologies, SACMAT 2019
AU - Abdulla, Ahmed Khalil
AU - Bakiras, Spiridon
PY - 2019/5/28
Y1 - 2019/5/28
N2 - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
AB - Online Social Networks (OSNs), such as Facebook and Twitter, are popular platforms that enable users to interact and socialize through their networked devices. The social nature of such applications encourages users to share a great amount of personal data with other users and the OSN service providers, including pictures, personal views, location check-ins, etc. Nevertheless, recent data leaks on major online platforms demonstrate the ineffectiveness of the access control mechanisms that are implemented by the service providers, and has led to an increased demand for provably secure privacy controls. To this end, we introduce Hide In The Crowd (HITC), a flexible system that leverages encryption-based access control, where users can assign arbitrary decryption privileges to every data object that is posted on the OSN platforms. The decryption privileges can be assigned on the finest granularity level, for example, to a hand-picked group of users. HITC is designed as a browser extension and can be integrated to any existing OSN platform without the need for a third-party server. We describe our prototype implementation of HITC over Twitter and evaluate its performance and scalability.
KW - Access control
KW - Data privacy
KW - Hidden vector encryption
KW - Online social networks
UR - http://www.scopus.com/inward/record.url?scp=85067193318&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85067193318&partnerID=8YFLogxK
U2 - 10.1145/3322431.3325104
DO - 10.1145/3322431.3325104
M3 - Conference contribution
AN - SCOPUS:85067193318
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 123
EP - 134
BT - SACMAT 2019 - Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
PB - Association for Computing Machinery
Y2 - 3 June 2019 through 6 June 2019
ER -