Online social networks (OSNs) such as Facebook and Google+ have transformed the way our society communicates. However, this success has come at the cost of user privacy; in today’s OSNs, users are not in control of their own data, and depend on OSN operators to enforce access control policies. A multitude of privacy breaches has spurred research into privacy-preserving alternatives for social net- working, exploring a number of techniques for storing, disseminating, and controlling access to data in a decentralized fashion.
We propose Cachet, an architecture that provides strong security and privacy guarantees while preserving the main functionality of online social networks. In particular, Cachet protects the confidentiality, integrity and availability of user content, as well as the privacy of user relationships. Cachet uses a distributed pool of nodes to store user data and ensure availability. Storage nodes in Cachet are untrusted; we leverage cryptographic techniques such as attribute-based encryption to protect the confidentiality of data. For efficient dissemination and retrieval of data, Cachet uses a hybrid structured-unstructured overlay paradigm in which a conventional distributed hash table is augmented with social links between users. Social contacts in our system act as caches to store recent updates in the social network, and help reduce the cryptographic as well as the communication overhead in the network.
Apu Kapadia, Indiana University
Nikita Borisov, University of Illinois at Urbana-Champaign
Prateek Mittal, University of California, Berkeley
Shirin Nilizadeh, Indiana University
Sonia Jahid, University of Illinois at Urbana-Champaign
Shirin Nilizadeh, Sonia Jahid, Prateek Mittal, Nikita Borisov, and Apu Kapadia,
“Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching,”
In Proceedings of The 8th ACM International Conference on Emerging Networking Experiments and Technologies (CoNEXT ’12),
pp. 337–348, Nice, France, December 10–13, 2012.
Sonia Jahid, Shirin Nilizadeh, Prateek Mittal, Nikita Borisov, and Apu Kapadia,
“DECENT: A Decentralized Architecture for Enforcing Privacy in Online Social Networks,”
In Proceedings of the 4th IEEE International Workshop on Security and Social Networking (SESOC ’12),
pp. 326–332, Lugano, Switzerland, March 19, 2012.
Shirin Nilizadeh, Naveed Alam, Nathaniel Husted, and Apu Kapadia,
“Pythia: A Privacy Aware, Peer-to-Peer Network for Social Search,”
In Proceedings of the 2011 ACM Workshop on Privacy in the Electronic Society (WPES ’11),
pp. 43–48, Chicago, Illinois, October 17, 2011.
This material is based upon work supported by the National Science Foundation under Awards CNS-0953655 and CNS-1115693, by the Boeing Trusted Software Center at the University of Illinois, and by the National Security Agency. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the sponsors.