Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita.

Slides:

Advertisements

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Advertisements

Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

Peer to Peer and Distributed Hash Tables

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

UnFriendly: Multi-Party Privacy Risks in Social Networks Kurt Thomas, Chris Grier, David M. Nicol.

Enabling the Social Web Krishna P. Gummadi Networked Systems Group Max Planck Institute for Software Systems.

DECENT: A Decentralized Architecture for Enforcing Privacy in Online Social Networks Sonia Jahid 1, Shirin Nilizadeh 2, Prateek Mittal 1, Nikita Borisov.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Object Naming & Content based Object Search 2/3/2003.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Privacy in Online Social Networks Sonia Jahid Department of Computer Science University of Illinois at Urbana-Champaign March 10,

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

MuON: Epidemic Based Mutual Anonymity Neelesh Bansod, Ashish Malgi, Byung Choi and Jean Mayo.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Center for Autonomic Computing Intel Portland, April 30, 2010 Autonomic Virtual Networks and Applications in Cloud and Collaborative Computing Environments.

UT DALLAS Erik Jonsson School of Engineering & Computer Science FEARLESS engineering Security and Privacy in Social Networks Raymond Heatherly Data Security.

Sonia Jahid, Prateek Mittal, Nikita Borisov University of Illinois at Urbana-Champaign Presented by Nikita Borisov ASIACCS 2011.

Hashing it Out in Public Common Failure Modes of DHT-based Anonymity Schemes Andrew Tran, Nicholas Hopper, Yongdae Kim Presenter: Josh Colvin, Fall 2011.

Introduction to Peer-to-Peer Networks. What is a P2P network Uses the vast resource of the machines at the edge of the Internet to build a network that.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.

Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.

Introduction to Peer-to-Peer Networks. What is a P2P network A P2P network is a large distributed system. It uses the vast resource of PCs distributed.

Thesis Proposal Data Consistency in DHTs. Background Peer-to-peer systems have become increasingly popular Lots of P2P applications around us –File sharing,

On P2P Collaboration Infrastructures Manfred Hauswirth, Ivana Podnar, Stefan Decker Infrastructure for Collaborative Enterprise, th IEEE International.

Peer-to-Peer Networking. Presentation Introduction Characteristics and Challenges of Peer-to-Peer Peer-to-Peer Applications Classification of Peer-to-Peer.

A Survey on Secure Cloud Data Storage ZENG, Xi CAI, Peng

Social Networking with Frientegrity: Privacy and Integrity with an Untrusted Provider Prateek Basavaraj April 9 th 2014.

Peer to Peer Research survey TingYang Chang. Intro. Of P2P Computers of the system was known as peers which sharing data files with each other. Build.

PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.

1 Distributed Hash Tables (DHTs) Lars Jørgen Lillehovde Jo Grimstad Bang Distributed Hash Tables (DHTs)

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

Cuckoo: Towards Decentralized, Socio-Aware Online Microblogging Services and Data Measurements Tianyin Xu Yang Chen Nanjing University, University of Goettingen.

1 Security on Social Networks Or some clues about Access Control in Web Data Management with Privacy, Time and Provenance Serge Abiteboul, Alban Galland.

How far removed are you? Scalable Privacy-Preserving Estimation of Social Path Length with Social PaL Marcin Nagy joint work with Thanh Bui, Emiliano De.

Peer-to-Peer Name Service (P2PNS) Ingmar Baumgart Institute of Telematics, Universität Karlsruhe IETF 70, Vancouver.

Presented by: Sanketh Beerabbi University of Central Florida.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Peer Centrality in Socially-Informed P2P Topologies Nicolas Kourtellis, Adriana Iamnitchi Department of Computer Science & Engineering University of South.

Kaleidoscope – Adding Colors to Kademlia Gil Einziger, Roy Friedman, Eyal Kibbar Computer Science, Technion 1.

An analysis of Skype protocol Presented by: Abdul Haleem.

Enhancing Security and Privacy in Online Social Networks Sonia Jahid University of Illinois at Urbana-Champaign PhD Forum.

Paper Review: On communication Security in Wireless Ad-Hoc Sensor Networks By Toni Farley.

SocialTube: P2P-assisted Video Sharing in Online Social Networks

1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.

SybilGuard: Defending Against Sybil Attacks via Social Networks.

Plethora: Infrastructure and System Design. Introduction Peer-to-Peer (P2P) networks: –Self-organizing distributed systems –Nodes receive and provide.

Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita.

Stefanos Antaris A Socio-Aware Decentralized Topology Construction Protocol Stefanos Antaris *, Despina Stasi *, Mikael Högqvist † George Pallis *, Marios.

POND: THE OCEANSTORE PROTOTYPE S. Rea, P. Eaton, D. Geels, H. Weatherspoon, J. Kubiatowicz U. C. Berkeley.

Protocol Requirements draft-bryan-p2psip-requirements-00.txt D. Bryan/SIPeerior-editor S. Baset/Columbia University M. Matuszewski/Nokia H. Sinnreich/Adobe.

Attribute-Based Encryption With Verifiable Outsourced Decryption.

Pythia: A Privacy Aware, Peer-to-Peer Network for Social Search Shirin Nilizadeh, Naveed Alam, Nathaniel Husted, Apu Kapadia School of Informatics and.

Computer Science and Engineering 1 Mobile Computing and Security.

Peer-to-Peer Systems: An Overview Hongyu Li. Outline  Introduction  Characteristics of P2P  Algorithms  P2P Applications  Conclusion.

Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme.

Stefanos Antaris Distributed Publish/Subscribe Notification System for Online Social Networks Stefanos Antaris *, Sarunas Girdzijauskas † George Pallis.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Presented by Edith Ngai MPhil Term 3 Presentation

Copyright notice © 2008 Raul Jimenez - -

Peer to peer Internet telephony challenges, status and trend

Copyright notice © 2008 Raul Jimenez - -

CHAPTER 3 Architectures for Distributed Systems

Plethora: Infrastructure and System Design

OneSwarm: Privacy Preserving P2P

Presentation transcript:

Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita Borisov, 2 Apu Kapadia 1 1.Indiana University Bloomington 2.University of Illinois at Urbana-Champaign 3.University of California, Berkeley CoNEXT 2012

Online Social Networks (OSNs) have revolutionized the way our society communicates 2 Reference: Dave Larson, Infographic: Spring 2012 Social Media User Statistics, May 2012

But at the cost of user privacy: Users are not in control of their private data 3

Objective A decentralized and efficient architecture for social networking that provides strong security and privacy guarantees 4

Security and Privacy Requirements 5 Confidentiality Content should be accessible to only those who are authorized Integrity No one should be able to perform unauthorized updates to the data Availability User content should remain available, even if the owner is offline, and despite potential malicious attempts to destroy the data Flexible Policies Fine grained access e.g.,“(friend AND co-worker) OR family” Relationship Privacy Relationships between users should remain hidden from third parties Threat model Storage nodes untrusted with data, social contacts trusted Adversary model DHTs can tolerate up to 25% of malicious nodes, focus is not on routing- based attacks, Sybil or DoS attacks

Existing mechanisms for decentralized privacy-preserving social networking 6  Without support for encryption -Diaspora [ -LotusNet [Aiello et al. ’12]  Lack fine-grained policies -SafeBook [Cutillo et al. ’09 ] -PeerSoN [Buchegger et al. ’09]  Better policies, but high overhead of revocation, trusted stores -Persona [Baden et al. ’09]  Pure gossip, less availability -[Mega et al. 2011]

Basic Architecture 7 A slightly different version of this architecture was presented in 4 th IEEE International Workshop on Security and Social Networking (SESOC '12), Switzerland, Mar 19, 2012.

Users’ Information is stored in a Distributed Hash Table (DHT) 8 Bob Alice Carol Eve Alice’s Status update Visit Alice’s status Alice’s Status update

9 Status Comment Video Link Cachet uses an object-oriented data structure ObjectDataPolicyReference List Status Message Object Like! Bob’s policy Alice’s Status Bob’s Comment Read Write/Delete Append

Attribute Based Encryption supports flexible confidentiality policies 10 friend, neighbor Bob CarolDiana AND Colleague Neighbor OR Friend colleague friend, colleague Alice  Attribute-based encryption (ABE) -User-defined attribute-based policy -We extend EASiER [Jahid et al. ‘11] (e.g., friend-of-friend attributes, thresholding)  Previous schemes do not provide flexible policies and efficient revocation

Providing confidentiality and integrity (read, write and append policies) 11 Alice’s status List of references to other objects Ref to Alice’s status = (objID; ABE(K; P); WPK) Ref to object n Alice’s wall … Sign with WSK Enc(K Alice, WSK) WPK ABE(ASK,AP) APK Symmetric Encrypted with K Ref to a comment Sign with ASK

Downloading and reconstructing a wall or an aggregated newsfeed is a lengthy process 1.Retrieve and ABDecrypt ‘update’ objects 2.Retrieve new objects from DHT 3.Decrypt updates with symmetric keys. Bob Alice Bob: Check my newsfeed Alice’s update: Ref. to Status 2000 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 ABDecryption Alice’s status: Status 2000 Alice’s status Status 2000 Carol’s photo 54 Carol’s photo: Photo 54 Symmetric Decryption Bob’newsfeed: Alice’s recent update Carol’s recent update. Bob’newsfeed: Alice’s recent update Carol’s recent update. 12

Social Caching leverage social trust relationships to reduce expensive decryption operations 13

Online social contacts who satisfy the ABE policy are leveraged to provide cached, decrypted objects to other contacts who also satisfy the policy 14 Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Bob Alice Carol Eve Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol

Presence Protocol: Instead of centralized server keeping track of users’ presence information, a decentralized approach is applied 15 Bob Alice Carol Eve Presence object: Presence object: Presence object

Gossip-based Social Caching Algorithm: Minimize the number of ABDecryptions by dynamically learning which peers yield the most cached decrypted objects 1.Creating the Presence Table 2.Selecting a Contact; If all contacts are visited or known to be offline, proceed to step 7 3.DHT Lookup and Connection 4.Pulling Information 5.Caching Information 6.Updating Presence Table; returning to Step 2 to locate the next social contact to connect to. 1.Performing DHT Lookups for online social contacts with No Mutual Social Contacts 16 Bob Carol Eve Diana Mary Friend# mutual friends On/Off Bob3 Carol2 Mary2 Diana2 Eve1 Friend# mutual friends On/Off Bob3 On Carol2 Mary2 Diana2 Eve1 Friend# mutual friends On/Off Bob3 On Carol2 Off Mary2 Diana2 Off Eve1 On Presence object Update object Update object Alice Presence object Update object Update object Presence object Presence object Update object Update object Presence object Update object Update object Presence object Friend# mutual friends On/Off Bob3 On Carol2 Off Mary2 On Diana2 Off Eve1 On Update object Update object

Implementation and Simulation Setup Newsfeed application, prototype in Java Simulation environment – FreePastry Simulator – Social graph : Facebook friendship graph from the New Orleans regional network with 63,732 nodes and 1.54 million edges – 10%, 30%, 50% online friends Based on Skype statistics, the 10-30% range is more pertinent Performance metrics 17

Social caching provides most of update objects for viewing the newsfeed 18 Only social contacts are contacted Social Contacts and if needed FoFs are contacted

Most presence objects would be available after a few DHT lookups and decryptions 19 The Average Progressive Hit Rate for users who have 100 to 200 social contacts

Social caching decreases the latency for retrieving the newsfeed 20 Even with only 10% of social contacts online, social caching provides performance improvement. Simulation: ABDecryption takes 422ms symmetric key decryption takes 0.04ms communication latency between peers is 180ms.

Discussion Privacy issues – Users will be aware that they are being excluded from accessing an object. – Identities of users who satisfy a particular policy will be known to all of those identities. – Information about when a user comes online or offline is leaked. – Attributes and policies visible to users Deployment challenges – node churn – users behind NAT Replace Facebook? – Not necessarily – Any P2P network that leverages social links – Skype, Tor, BitTorrent, … 21

Cachet’s contributions  A hybrid combination of DHT and social contacts for information retrieval  Demonstrated that a decentralized approach to privacy- preserving social networking is practical 22 Acknowledgments This material is based upon work supported by the National Science Foundation under Awards CNS and CNS , by the Boeing Trusted Software Center at the University of Illinois and by the National Security Agency. Shirin Nilizadeh Prateek MittalNikita BorisovSonia Jahid