Secure Pervasive Social Communications Based on Trust in a Distributed Way

Social network has extended its popularity from the Internet to mobile domain. Pervasive social networking (PSN) supports instant social activities based on self-organized mobile ad hoc networks. PSN is useful in reality when fixed networks are unavailable or inconvenient to access or when people are in vicinity. For supporting crucial PSN activities and enhancing user privacy, securing pervasive social communications becomes important. However, a solution based on a centralized server could be inapplicable in some specific situations (e.g., disasters and military activities) and suffers from DoS/DDoS attacks and internal attacks. How to automatically control data access in a trustworthy and efficient way in PSN is a challenge. In this paper, we propose two schemes to secure communication data in PSN purely based on local trust evaluated by PSN nodes in a distributed manner. Each node can control its data based on its trust in other nodes by applying attribute-based encryption. The advantages, security, and performance of the proposed scheme are evaluated and justified through serious analysis and implementation. The results show the efficiency and effectiveness of the schemes. In addition, we developed a mobile app based on Android platform to demonstrate the applicability and social acceptance of our schemes.

[1]  Zheng Yan,et al.  Protect Pervasive Social Networking Based on Two-Dimensional Trust Levels , 2017, IEEE Systems Journal.

[2]  D DavisFred Perceived usefulness, perceived ease of use, and user acceptance of information technology , 1989 .

[3]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[4]  Jörg Ott,et al.  When does content float? Characterizing availability of anchored information in opportunistic content sharing , 2011, 2011 Proceedings IEEE INFOCOM.

[5]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[6]  Stefan Katzenbeisser,et al.  Distributed Attribute-Based Encryption , 2009, ICISC.

[7]  Jie Wu,et al.  Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers , 2011, Comput. Secur..

[8]  Yue Shen,et al.  A practical reputation system for pervasive social chatting , 2013, J. Comput. Syst. Sci..

[9]  K. Kalliojarvi,et al.  Awareness networking in wireless environments , 2009, IEEE Vehicular Technology Magazine.

[10]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[11]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[12]  Ashok Kumar Das,et al.  An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks , 2015, Secur. Commun. Networks.

[13]  Jörg Ott,et al.  Author's Personal Copy Pervasive and Mobile Computing Floating Content for Probabilistic Information Sharing , 2022 .

[14]  Yi Mu,et al.  Privacy-Preserved Access Control for Cloud Computing , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[15]  Hovav Shacham,et al.  SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[16]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[17]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[18]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[19]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[20]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[21]  Antonio F. Gómez-Skarmeta,et al.  TACIoT: multidimensional trust-aware access control system for the Internet of Things , 2016, Soft Comput..

[22]  Yue Shen,et al.  PerContRep: a practical reputation system for pervasive content services , 2014, The Journal of Supercomputing.

[23]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[24]  Ioannis G. Askoxylakis,et al.  Policy-Controlled Authenticated Access to LLN-Connected Healthcare Resources , 2018, IEEE Systems Journal.

[25]  Jin-Hee Cho,et al.  Trust threshold based public key management in mobile ad hoc networks , 2016, Ad Hoc Networks.

[26]  Jie Wu,et al.  Efficient information retrieval for ranked queries in cost-effective cloud environments , 2012, 2012 Proceedings IEEE INFOCOM.

[27]  Viswanath Venkatesh,et al.  Technology Acceptance Model 3 and a Research Agenda on Interventions , 2008, Decis. Sci..

[28]  Valtteri Niemi,et al.  Secure pervasive social networking based on multi-dimensional trust levels , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[29]  Gustavo Alonso,et al.  Enabling social networking in ad hoc networks of mobile phones , 2009, Proc. VLDB Endow..

[30]  Romit Roy Choudhury,et al.  Micro-Blog: sharing and querying content through mobile phones and social participation , 2008, MobiSys '08.