Privacy-preserving data sharing scheme over cloud for social applications

Social applications are becoming one of the most popular applications for users to share data and communicate online. These applications deal with a lot of personal data, e.g., users' locations, interests and documents stored on the remote cloud storage servers. Therefore, we need to pay a deeper attention to data confidentiality and privacy. To address the problem of data confidentiality, existing solutions usually count the security requirement of data owner for data sharing in social applications. However, on the side of the data consumer or member, we want to securely and efficiently get our own interested data. Both the data owner and the member are two roles of users in data sharing applications, and there are little existing research efforts to investigate the implementation of achieving both of their requirements at the same time. In this paper, we propose DASS, a privacy-preserving DAta Sharing Scheme to comprehensively satisfy users' security requirements for social applications. Our solution consists of a fine-grained access control scheme, a dynamic social attribute management model, and a multi-user searchable encryption scheme. We have described our scheme and provided performance evaluation. Validations are done to demonstrate that our scheme is secure, fine-grained and efficient.

[1]  Gail-Joon Ahn,et al.  A collaborative framework for privacy protection in online social networks , 2010, 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2010).

[2]  Yen-Cheng Chen,et al.  ABACS: An Attribute-Based Access Control System for Emergency Services over Vehicular Ad Hoc Networks , 2011, IEEE Journal on Selected Areas in Communications.

[3]  Yuguang Fang,et al.  A Privacy-Preserving Scheme for Online Social Networks with Efficient Revocation , 2010, 2010 Proceedings IEEE INFOCOM.

[4]  Siyuan Liu,et al.  Low Complexity Cyclic Feature Recovery Based on Compressed Sampling , 2015, Int. J. Distributed Sens. Networks.

[5]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[6]  Saikat Guha,et al.  NOYB: privacy in online social networks , 2008, WOSN '08.

[7]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[8]  Ming Li,et al.  Privacy-Preserving Distributed Profile Matching in Proximity-Based Mobile Social Networks , 2013, IEEE Transactions on Wireless Communications.

[9]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[10]  Xinpeng Zhang,et al.  Verifiable Outsourcing Algorithms for Modular Exponentiations with Improved Checkability , 2016, AsiaCCS.

[11]  Jianfeng Ma,et al.  New access control systems based on outsourced attribute-based encryption , 2015, J. Comput. Secur..

[12]  George Danezis,et al.  SybilInfer: Detecting Sybil Nodes using Social Networks , 2009, NDSS.

[13]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[14]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[15]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[16]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[17]  Xin Liao,et al.  Reversible data hiding in encrypted images based on absolute mean difference of multiple neighboring pixels , 2015, J. Vis. Commun. Image Represent..

[18]  Cong Wang,et al.  Enabling Privacy-Preserving Image-Centric Social Discovery , 2014, 2014 IEEE 34th International Conference on Distributed Computing Systems.

[19]  Prateek Mittal,et al.  EASiER: encryption-based access control in social networks with efficient revocation , 2011, ASIACCS '11.

[20]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[21]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[22]  Danah Boyd,et al.  Social network sites: definition, history, and scholarship , 2007, IEEE Engineering Management Review.

[23]  Xiaohui Liang,et al.  An Efficient and Secure User Revocation Scheme in Mobile Social Networks , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[24]  Yanli Ren,et al.  Towards Efficient, Secure, and Fine-Grained Access Control System in MSNs with Flexible Revocations , 2015, Int. J. Distributed Sens. Networks.

[25]  Nikita Borisov,et al.  FlyByNight: mitigating the privacy risks of social networking , 2008, WPES '08.

[26]  Yuguang Fang,et al.  Privacy and security for online social networks: challenges and opportunities , 2010, IEEE Network.

[27]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[28]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[29]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[30]  Pieter H. Hartel,et al.  Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application , 2009, WISA.

[31]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[32]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[33]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[34]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.