SEDOSN: A Secure Decentralized Online Social Networking Framework

Today’s online social networking services (OSN) such as Facebook, Twitter are centralized. Users’ information may be leaked by these service providers, which results in potential privacy problems. Decentralized online social networking (DOSN) is provided to solve the problems. This paper presents a secure decentralized online social networking framework named SEDOSN. A peer-to-peer (p2p) online networking system is designed, and attribute-based encryption (ABE) technique is used. Different to existing ABE schemes which relies on a single authority or several authorities to authorize users and generating decryption keys for uses, we firstly proposed an ABE scheme with discretionary authorization. In our system, each user can authorize his friend, and generate decryption keys for his friend based on his friend’s attributes. We give our implementation and experiment results in the paper.

[1]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Alec Wolman,et al.  Lockr: social access control for web 2.0 , 2008, WOSN '08.

[4]  Sudheendra Hangal,et al.  PrPl: a decentralized social networking infrastructure , 2010, MCS '10.

[5]  Jun Ma,et al.  Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage , 2013, 2017 IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC).

[6]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[7]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[8]  Prateek Mittal,et al.  EASiER: encryption-based access control in social networks with efficient revocation , 2011, ASIACCS '11.

[9]  Nikita Borisov,et al.  Cachet: a decentralized architecture for privacy preserving social networking with caching , 2012, CoNEXT '12.

[10]  Jin Li,et al.  Privacy-Aware Attribute-Based Encryption with User Accountability , 2009, ISC.

[11]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[12]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[13]  Stefan Katzenbeisser,et al.  Distributed Attribute-Based Encryption , 2009, ICISC.

[14]  Sonja Buchegger,et al.  PeerSoN: P2P social networking: early experiences and insights , 2009, SNS '09.

[15]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[16]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[18]  Qi Xie,et al.  FaceCloak: An Architecture for User Privacy on Social Networking Sites , 2009, 2009 International Conference on Computational Science and Engineering.