POP-SNAQ: Privacy-preserving Open Platform for Social Network Application Queries Brian Thompson Huijun Xiong
Online Social Networks Use of OSNs continues to increase
Online Social Networks To accommodate growing needs, a greater variety of OSNs has appeared
Motivation Need a way to collect info from many different OSNs and provide it to the user in a clean and organized fashion Must also be careful not to compromise users’ privacy!
Brian and Huijun at the Concert
Current Solution: many individual queries “Where is my friend Huijun?” Face book My Space iLike Motivation
“Where is my friend Huijun?” QUERY ALL Motivation Our Proposed Solution: cross-network query
POP-SNAQ Privacy-preserving Open Platform for Social Network Application Queries provides a unified framework that supports cross-network queries uses a common language employs security measures to protect users’ privacy
POP-SNAQ Privacy-preserving Open Platform for Social Network Application Queries provides a unified framework that supports cross-network queries uses a common language employs security measures to protect users’ privacy
POP-SNAQ System architecture
POP-SNAQ Privacy-preserving Open Platform for Social Network Application Queries provides a unified framework that supports cross-network queries uses a common language employs security measures to protect users’ privacy
POP-SNAQ OpenSocial –By Google –A common API for social network apps –“Develop once, Use Everywhere” –Supported by >20 social networks
POP-SNAQ Privacy-preserving Open Platform for Social Network Application Queries provides a unified framework that supports cross-network queries uses a common language employs security measures to protect users’ privacy
POP-SNAQ Communication Model
POP-SNAQ server-side app means OSNs have control over release of data –filter data before releasing –limit output to public profile info –“Free Input, Selective Output” two kinds of filtering 1)based on user preferences 2)based on social network preferences
POP-SNAQ text-to-image conversion –performed server-side –built into communication protocol open source implementations already available –GD library imagettftext() protects against large-scale data harvesting attacks
To evaluate our project, we compare it with an existing system: Analysis of POP-SNAQ Facebook Connect
similar platform to Facebook Apps allows information sharing between Facebook and external websites enables external websites to access Facebook’s user database potential websites must first be reviewed and approved by Facebook
THE BATTLE POP-SNAQFacebook Connect
BATTLE 1: Utility direct access to user database access all public profile info two-way communication single-network solution filtered access to user database apps can use private info too! one-way communication cross-network solution POP-SNAQFacebook Connect TIE!
BATTLE 2: Openness approve apps after careful inspection look into every submission... eventually applications are automatically approved accept every submission immediately POP-SNAQFacebook Connect POP-SNAQ WINS!
BATTLE 3: Privacy privacy enforced by policies manually check for data abuse external website controls data flow to users privacy enforced by technology built-in protection against abuse social networks control data flow to users POP-SNAQFacebook Connect POP-SNAQ WINS!
VICTORY: POP-SNAQ! POP-SNAQFacebook Connect
VICTORY: POP-SNAQ! Sounds great! But can it be true? Is POP-SNAQ just a dream, or can it be reality?
Simulation Hold on to your seats!
Conclusions POP-SNAQ is a solution to the problem of performing cross-network queries Achieves a balance between providing utility and protecting users’ privacy Improves on existing solution of Facebook Connect Future work: Requires implementation of extended OpenSocial API
Questions?