Abstract
Social network sites (SNS) allow users to share information with friends, family, and other contacts. However, current SNS sites such as Facebook or Twitter assume that users trust SNS providers with the access control of their data. In this paper we propose Scramble, the implementation of a SNS-independent Firefox extension that allows users to enforce access control over their data. Scramble lets users define access control lists (ACL) of authorised users for each piece of data, based on their preferences. The definition of ACL is facilitated through the possibility of dynamically defining contact groups. In turn, the confidentiality and integrity of one data item is enforced using cryptographic techniques. When accessing a SNS that contains data encrypted using Scramble, the plugin transparently decrypts and checks integrity of the encrypted content.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
(Under)mining Privacy in Social Networks, Google Inc. (2008)
Acquisti, A., Gross, R.: Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook (2006)
Tootoonchian, G.S.A., Hatahet, A.Z.: Fine grained access control in online social networks. Technical report (2007)
Barth, A., Boneh, D., Waters, B.: Privacy in encrypted content distribution using private broadcast encryption. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 52–64. Springer, Heidelberg (2006)
Bichsel, P., Müller, S., Preiss, F.-S., Sommer, D., Verdicchio, M.: Patrik Bichsel, Samuel Müller, Franz-Stefan Preiss, Dieter Sommer, and Mario Verdicchio. Security and trust through electronic social network-based interactions. In: IEEE International Conference on Computational Science and Engineering, vol. 4, pp. 1002–1007 (2009)
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)
Bonneau, J., Preibusch, S.: The privacy jungle: On the market for data protection in social networks. In: The Eighth Workshop on the Economics of Information Security, WEIS 2009 (2009)
Conti, M., Hasani, A., Crispo, B.: Virtual private social networks. In: Proceedings of the First ACM Conference on Data and Application Security and Privacy, ACM CODASPY 2011 (page to appear) (2011)
Danezis, G.: Inferring privacy policies for social networking services. In: AISec 2009: Proceedings of the 2nd ACM workshop on Security and artificial intelligence, pp. 5–10. ACM, New York (2009)
Eclipse Foundation: Eclipse public license (epl) frequently asked questions (2007) (accessed December 2007)
Goffman, E.: The Presentation of Self in Everyday Life. Doubleday, Garden City, New York (1959)
Gross, R., Acquisti, A.: Information revelation and privacy in online social networks (the Facebook case). In: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pp. 71–80 (2005)
Guha, S., Tang, K., Francis, P.: Noyb: privacy in online social networks. In: WOSN 2008: Proceedings of the first workshop on Online social networks, pp. 49–54. ACM, New York (2008)
Khajeh-Hosseini, A., Sommerville, I., Sriram, I.: Research challenges for enterprise cloud computing. In: CoRR, abs/1001.3257 (2010)
Krishnamurthy, B., Wills, C.E.: Characterizing privacy in online social networks. In: WOSN 2008: Proceedings of the First Workshop on Online Social Networks, pp. 37–42. ACM, New York (2008)
Lucas, M.M., Borisov, N.: Flybynight: mitigating the privacy risks of social networking. In: Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society (WPES), pp. 1–8. ACM Press, New York (2008)
Luo, W., Xie, Q., Hengartner, U.: FaceCloak: An architecture for user privacy on social networking sites. In: 2009 International Conference on Computational Science and Engineering (CSE), vol. 3, pp. 26–33. IEEE, Los Alamitos (2009)
Sun, S.-T., Beznosov, K.: Open problems in web 2.0 user content sharing (June 2009)
New York Times. Facebook privacy: A bewilldering tangle of options, http://www.nytimes.com/interactive/2010/05/12/business/facebook-privacy.html
van den Berg, B., Leenes, R.: Audience segregation in social network sites. In: SocialCom/PASSAT, pp. 1111–1116 (2010)
Whitten, A., Tygar, J.D.: Why johnny can’t encrypt: a usability evaluation of pgp 5.0. In: Proceedings of the 8th conference on USENIX Security Symposium, vol. 8, pp. 14–14. USENIX Association, Berkeley (1999)
Zimmermann, P.R.: The official PGP users guide. MIT Press, Cambridge (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beato, F., Kohlweiss, M., Wouters, K. (2011). Scramble! Your Social Network Data. In: Fischer-Hübner, S., Hopper, N. (eds) Privacy Enhancing Technologies. PETS 2011. Lecture Notes in Computer Science, vol 6794. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22263-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-22263-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22262-7
Online ISBN: 978-3-642-22263-4
eBook Packages: Computer ScienceComputer Science (R0)