ABSTRACT
End-users have become accustomed to the ease with which online systems allow them to exchange messages, pictures, and other files with colleagues, friends, and family. This con- venience, however, sometimes comes at the expense of hav- ing their data be viewed by a number of unauthorized par- ties, such as hackers, advertisement companies, other users, or governmental agencies. A number of systems have been proposed to protect data shared online; yet these solutions typically just shift trust to another third party server, are platform specific (e.g., work for Facebook only), or fail to hide that confidential communication is taking place. In this paper, we present a novel system that enables users to exchange data over any web-based sharing platform, while both keeping the communicated data confidential and hiding from a casual observer that an exchange of confidential data is taking place. We provide a proof-of-concept implementa- tion of our system in the form of a publicly available Fire- fox plugin, and demonstrate the viability of our approach through a performance evaluation.
- MTurk. https://www.mturk.com/.Google Scholar
- Strict origin policy. http://kb.mozillazine.org/ Security.fileuri.strict_origin_policy. Accessed on August 31, 2012.Google Scholar
- Tor. http://www.torproject.org.Google Scholar
- 2peer. http://2peer.com. Accessed on Sept. 3, 2012.Google Scholar
- L. Adkinson-Orellana, D. A. Rodriguez-Silva, F. J. Gonzalez-Castano, and D. Gonzalez-Martinez. Sharing secure documents in the cloud--a secure layer for Google Docs. In Proc. of CLOSER 2011.Google Scholar
- R. Agrawal, A. Evfimievski, and R. Srikant. Information sharing across private databases. In Proc. of ACM SIGMOD, pages 86--97, June 2003. Google ScholarDigital Library
- C. M. Au Yeung, I. Liccardi, K. Lu, O. Seneviratne, and T. Berners-Lee. Decentralization: The future of online social networking. In Proc. W3C Workshop on the Future of Social Networking, January 2009.Google Scholar
- R. Baden, A. Bender, N. Spring, B. Bhattacharjee, and D. Starin. Persona: an online social network with user-defined privacy. SIGCOMM Computing Communication Review, 39(4):135--146, 2009. Google ScholarDigital Library
- A. Barth, D. Boneh, and B. Waters. Privacy in encrypted content distribution using private broadcast encryption. In Proc. of Financial Cryptography and Data Security, pages 52--64, Feb. 2006. Google ScholarDigital Library
- F. Beato, M. Kohlweiss, and K. Wouters. Enforcing access control in social networks. In Proc. of HotPets 2009, pages 10--21, August 2009.Google Scholar
- F. Beato, M. Kohlweiss, and K. Wouters. Scramble! your social network data. In Proc. of Privacy Enhancing Technologies, Waterloo, Canada, July 2011. Google ScholarDigital Library
- F. Benevenuto, G. Magno, T. Rodrigues, and V. Almeida. Detecting spammers on Twitter. In Proc. of the 7th Annual Collaboration, Electronic Messaging, Anti-Abuse and Spam Conference, Redmond, 2010.Google Scholar
- T. Besenyei, A. M. Foldes, G. G. Gulyas, and S. Imre. StegoWeb: Towards the ideal private web content publishing tool. In Proc. of SECURWARE 2011, pages 109--114, August 2011.Google Scholar
- P. Bichsel, S. Muller, F.-S. Preiss, D. Sommer, and M. Verdicchio. Security and trust through electronic social network-based interactions. Computational Science and Engineering, IEEE International Conference on, 4:1002--1007, 2009. Google ScholarDigital Library
- D. Blei and J. Lafferty. A correlated topic model of science. Annals of Applied Statistics, 1:17--35, 2007.Google ScholarCross Ref
- D. M. Blei. Probabilistic topic models. Communications of the ACM, 55:77-84, 2012. Google ScholarDigital Library
- D. Boyd and A. Marwick. Social steganography: Privacy in networked publics. In International Communication Association, Boston, MA, May 2011.Google Scholar
- J. Callas, L. Donnerhacke, H. Finney, D. Shaw, and R. Thayer. OpenPGP Message Format. RFC 4880 (Proposed Standard), November 2007.Google Scholar
- J. Chang and D. Blei. Hierarchical relational models for document networks. Annals of Applied Statistics, 4(1):124--150, 2010.Google ScholarCross Ref
- E. Constantinides, M. del Carmen Alarcon del Amo, and C. L. Romero. Profiles of social networking sites users in the netherlands. In Proc. of HTSF 2010.Google ScholarCross Ref
- M. Conti, A. Hasani, and B. Crispo. Virtual private social networks. In Proc. of ACM CODASPY 2011. Google ScholarDigital Library
- E. D. Cristofaro, C. Soriente, G. Tsudik, and A. Williams. Hummingbird: Privacy at the time of twitter. In IEEE Security and Privacy, 2012. Google ScholarDigital Library
- L. A. Cutillo, R. Molva, and T. Strufe. Safebook: A privacy-preserving online social network leveraging on real-life trust. IEEE Communications Magazine, 47(12):94--101, 2009. Google ScholarDigital Library
- G. D'Angelo, F. Vitali, and S. Zacchiroli. Content cloaking: Preserving privacy with Google Docs and other Web applications. In Proc. of SAC 2010, pages 826--830. Google ScholarDigital Library
- Diaspora. https://joindiaspora.com/. Accessed on Sept. 3, 2012.Google Scholar
- How many users are in the Diaspora network? Data as of Sept. 6, 2012. https://diasp.eu/stats.html. Accessed on Sept. 6, 2012.Google Scholar
- DocCloak. http://www.gwebs.com/doccloak.html. Accessed on Sept. 3, 2012.Google Scholar
- J. Dwyer. Four nerds and a cry to arms against Facebook. May 11, 2010. http://www.nytimes.com/2010/05/12/nyregion/12about.html. Accessed on Sept. 3, 2012.Google Scholar
- Facebook and your privacy: Who sees the data you share on the biggest social network? Consumer Reports magazine, June 2012. http://www.consumerreports.org/cro/magazine/ 2012/06/facebook-your-privacy/index.htm. Accessed on Sept. 6, 2012.Google Scholar
- Facebook Newsroom--Key Facts. http://newsroom.fb.com/content/default.aspx?NewsAreaId=22. Accessed on Sept. 3, 2012.Google Scholar
- FireGPG. http://getfiregpg.org. Accessed on Sept. 3, 2012.Google Scholar
- C. Gaffga. DCT-watermark: Robust watermarks for color JPEG in java. https://code.google.com/p/dct-watermark/. Accessed on Sept 3., 2012.Google Scholar
- O. Goldreich, S. Goldwasser, and S. Micali. How to construct random functions. Journal of the ACM, 33(4):792--807, August 1986. Google ScholarDigital Library
- A new approach to China. Google Official Blog, http://googleblog.blogspot.com/2010/01/new-approach-to-china.html, January 13, 2010.Google Scholar
- P. Gutmann. Plug-and-play PKI: a PKI your mother can use. In Proc. of USENIX Security 2003, pages 4--4. Google ScholarDigital Library
- S. Jahid, S. Nilizadeh, P. Mittal, N. Borisov, and A. Kapadia. DECENT: a decentralized architecture for enforcing privacy in online social networks. In Proc. of SESOC 2012, 2012.Google ScholarCross Ref
- A. Kapadia. A case (study) for usability in secure email communication. Security Privacy, IEEE, 5(2):80--84, 2007. Google ScholarDigital Library
- S. Katzenbeisser and F. A. Petitcolas, editors. Information Hiding Techniques for Steganography and Digital Watermarking. Artech House, Inc., Norwood, MA, USA, 2000. Google ScholarDigital Library
- L. Kissner and D. Song. Privacy-preserving set operations. In Proc. of CRYPTO 2005, pages 241--257. Google ScholarDigital Library
- H. Krawczyk. SIGMA: The 'SIGn-and-MAc' approach to authenticated Diffie-Hellman and its use in the IKE-protocols. In Proc. of CRYPTO 2003.Google ScholarCross Ref
- B. Libert, K. G. Paterson, and E. A. Quaglia. Anonymous Broadcast Encryption: Adaptive Security and Efficient Constructions in the Standard Model. In Proc. of PKC 2012. Google ScholarDigital Library
- M. M. Lucas and N. Borisov. FlyByNight: mitigating the privacy risks of social networking. In Proc. of ACM WPES, October 2008. Google ScholarDigital Library
- W. Luo, Q. Xie, and U. Hengartner. FaceCloak: An architecture for user privacy on social networking sites. In Proc. of ICCSE 2009, pages 26--33, August 2009. Google ScholarDigital Library
- MailCloak. http://www.gwebs.com/mailcloak.html. Accessed on Sept. 3, 2012.Google Scholar
- MALLET. http://mallet.cs.umass.edu/. Accessed on August 31, 2012.Google Scholar
- A. McCallum, X. Wang, and A. Corrada-Emmanuel. Topic and role discovery in social networks with experiments on enron and academic email. Journal of Artificial Intelligence Research, 30:249-272, 2007. Google ScholarDigital Library
- Y. Oren and A. Wool. Perfect privacy for webmail with secret sharing. http://www.eng.tau.ac.il/~yos/spemail/OrenWool-SPEmail.pdf. Accessed on Sept. 6, 2012, Feb. 2009.Google Scholar
- C. Pring. 100 more social media statistics for 2012. Web Blog "the social skinny". Feb. 13, 2012. http://thesocialskinny.com/100-more-social-media-statistics-for-2012/. Accessed on Sept. 6, 2012.Google Scholar
- C. Riederer, V. Erramilli, A. Chaintreau, B. Krishnamurthy, and P. Rodriguez. For sale : your data: by : you. In Proc. of ACM HotNets-X 2011, pages 13:1--13:6. Google ScholarDigital Library
- SecreTwit. http://code.google.com/p/secretwit/. Accessed on Sept. 6, 2012.Google Scholar
- A. Tootoonchian, K. K. Gollu, S. Saroiu, Y. Ganjali, and A. Wolman. Lockr: social access control for Web 2.0. In Proc. of WOSN 2008, August 2008. Google ScholarDigital Library
- Touring Hub. http://testing.turinghub.com/. Accessed on August 31, 2012.Google Scholar
- Twitter turns six. Twitter Blog. March 21, 2012. http://blog.twitter.com/2012/03/twitter-turns-six.html. Accessed on Sept. 6, 2012.Google Scholar
- J. E. Vascellaro. Google discloses privacy glitch. WJS Blogs, March 8, 2009. http://blogs.wsj.com/digits/2009/03/08/1214/. Accessed on Sept. 6, 2012.Google Scholar
- C. Wang, N. Cao, J. Li, K. Ren, and W. Lou. Secure ranked keyword search over encrypted cloud data. In Proc. of ICDCS 2010, June 2010. Google ScholarDigital Library
- Y. Wang and G. Mori. A discriminative latent model of image region and object tag correspondence. In Proc. of NIPS 2010.Google Scholar
- D. Whiting, R. Housley, and N. Ferguson. Counter with CBC-MAC (CCM). RFC 3610, Sept. 2003. Google ScholarDigital Library
- A. Whitten and J. D. Tygar. Why Johnny can't encrypt: a usability evaluation of PGP 5.0. In Proc. of USENIX Security 1999, pages 169--184. Google ScholarDigital Library
- XPath. http://www.w3schools.com/xpath/. Accessed on Sept. 6, 2012.Google Scholar
- C. M. Zhang and V. Paxson. Detecting and analyzing automated activity on Twitter. In Proc. of PAM 2011. Google ScholarDigital Library
Index Terms
- For some eyes only: protecting online information sharing
Recommendations
BronzeGate: real-time transactional data obfuscation for GoldenGate
EDBT '10: Proceedings of the 13th International Conference on Extending Database TechnologyData privacy laws have appeared recently, such as the HIPAA laws for protecting medical records, and the PCI guidelines for protecting Credit Card information. Data privacy can be defined as maintaining the privacy of Personal Identifiable Information (...
A More Private & Secure E-Mail System using Image Steganography (EPS) and Data Mining
AICTC '16: Proceedings of the International Conference on Advances in Information Communication Technology & ComputingData mining is a practice of automatically exploring and analysis of large quantities of data in order to discover valid, potentially useful and understandable patterns in data [1]. The data provided may contain private and user sensitive data leads to ...
User-aided reader revocation in PKI-based RFID systems
ESORICS 2010Recent emergence of RFID tags capable of performing public key operations motivates new RFID applications, including electronic travel documents, identification cards and payment instruments. In this context, public key certificates form the cornerstone ...
Comments