Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.

Published byDuane Freeman Modified over 9 years ago

Similar presentations

Presentation on theme: "Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security."— Presentation transcript:

1 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security Virginia Tech -Nikhil Komawar Dec 7, 2011

2 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 2 Outline

3 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 3 Outline

4 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  COPS: Privacy is the main concern in amongst individuals which form overlapping communities.  Accidental disclosure of sensitive information  Lack of awareness of privacy expectations  Whether a disclosure meets privacy expectations  Can there be a system which will allow us to do these things transparently?  The domain of social networks have communities: Subscriptions in FB, Circles in Google+ - a good place to implement this idea! 4 Motivation

5 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 5 Outline

6 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 6 Community Oriented Privacy System (COPS) Community ACommunity B A1 B1 A2 A2,B1 A1,B1

7 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 7 Circles Concept in Google+ Charlie’s circle C Bob’s circle B Alice’s circle A Alice’s post Bob’s post Charlie’s post Community

8 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 8 Outline

9 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Some explorations for possible implementation:  Directly using the exposed APIs by Google for plus.google.com domain.  How a browser renders the HTML – putting a handle inside the browser?  Use some HTML parsing libraries which come with Open Source browsers 9 Walkthrough of the semester

10 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Taking input from the users for creating the condensed community.  Parsing of the HTML elements.  Autonomous agents running on individual machines communicating with each other.  Preventing possible breach – account login information is needed by the agent. 10 Overview of the System

11 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  (Final Selection of components)  OAuth (OAuth2) for authenticating the agent without exposing credentials.  Selenium – backbone of the implementation!  Python based GUI (Tkinter)  Socket communication using python  Firebug for looking at the source code of the google+ webpage 11 Anatomy of the implementation

12 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 12 OAuth protocol Resource Owner Resource Server Authorization Server Client Auth Req Auth Grant Credential Req Protected Resource Access Token

13 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 13 OAuth protocol Reference - http://code.google.com/p/google-api-python-client/wiki/HowAuthenticationWorks FlowCredentialsStorage Key used for AuthObject storing the steps to obtain credentials Storing key for retrieval

14 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  At a basic level, the process is as follows:  Your application requests access and gets an unauthorized request token from Google's authorization server.  Google asks the user to grant you access to the required data.  Your application gets an authorized request token from the authorization server.  You exchange the authorized request token for an access token.  You use the access token to request data from Google's service access servers. 14 OAuth protocol

15 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 15 Some OAuth2 code used

16 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 16 As a result…

17 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 17 And …

18 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  A firefox plug-in which is used for automated testing for websites  Also, a standalone library - can be used to operate on different browsers like Chrome, IE  Can perform the following actions:  Navigation  Locating elements  Perform actions  Remote use 18 Selenium

19 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Navigation  Moving between windows and frames driver.switch_to_window(“docs.google.com")  Pop up handling alert = driver.switch_to_alert()  History and location driver.forward() driver.back()  Locating elements  element = driver.find_element_by_id(“Circles")  We can also locate by name, Xpath, class, link text  Cookies  Drag and Drop (Driver is the handle on the browser) 19 Selenium contd… Reference: Selenium Python Bindings Documentation, Release 2.3 by Selenium Project Team

20 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Perform actions  We have seen some navigation actions  Also drag and drop  elem.send_keys(“COPS") // circle name as COPS  A few other like handling exceptions, alerts, etc.  Remote use  A server which enables to use multiple browsers at the same time (Chrome, FF, IE)  Send the script to be run on the remote server 20 Selenium contd…

21 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 21 Study of page source code

22 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 22 Source for “add new person” class in the HTML

23 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 23 Some Selenium code

24 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 24 Some Selenium code

25 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 25 GUI

26 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 26 Outline

27 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science An interface to independently interact with the Google+ interface  Although, integrating with the website – would be first preference,  alternately, a more feasible research prototype giving us flexibility as well would be:  An agent independent with the website  GUI for the input and prompts  Alternate login method without exposing the credentials  Flexibility to extend the features :-  Possibility to use the same for other web rendered utilities 27 What has been achieved?

28 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary (Impact)  Future work 28 Outline

29 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Initial approach to use the google+ APIs unsuccessful:  Limited APIs available  Do not have write provisions  Access to only the public information  Does not provide all the desired functionalities.  With the fast development phase code could fail to run in the changed environment with the desired performance  One language/platform which makes all the functionalities available.  Robustness within the system – some implementation details need:  Ability to handle corner cases like exceptions, client down, retry, etc. 29 Some roadblocks…

30 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary  Future work 30 Outline

31 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Theoretical foundations of the COPS concept in the social networks can be supported by this prototype system.  This can serve us as a model to implement the COPS concept in the other collaboration tools.  Provide some reusable code like GUI, OAuth2 library integration.  Understanding the behavior of the browser to render the website. 31 Impact

32 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  Motivation  Introduction  Implementation  Overall Picture  Challenges  Summary  Future work 32 Outline

33 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science  GUI based handle on all elements of the system.  Robustness:-  Cases for exception handling.  Communication channel amongst all running agents.  Storage module to keep the COPS related information.  Ability to scale the interface to a larger group of people. 33 Possible enhancements …

34 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 34 Communication code (to be modified further) …

35 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science 35 Communication code (to be modified further) … Client code Server code

36 Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Q&A 36 Thank You!

Download ppt "Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security."

Similar presentations

The Internet and the Web

The Internet and the Web
Fusing Online Commerce and Social Network: Enhance Social Shopping Experience via Desktop Application A Master Project Presented By Ning Song.

Fusing Online Commerce and Social Network: Enhance Social Shopping Experience via Desktop Application A Master Project Presented By Ning Song.
A Toolbox for Blackboard Tim Roberts

A Toolbox for Blackboard Tim Roberts
HTML5 Haptics Standardization

HTML5 Haptics Standardization
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Lesson 4: Web Browsing.

Lesson 4: Web Browsing.
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.

Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
Project 1 Introduction to HTML.

Project 1 Introduction to HTML.
Microsoft ASP.NET AJAX - AJAX as it has to be Presented by : Rana Vijayasimha Nalla CSCE Grad Student.

Microsoft ASP.NET AJAX - AJAX as it has to be Presented by : Rana Vijayasimha Nalla CSCE Grad Student.
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
1st Project Introduction to HTML.

1st Project Introduction to HTML.
Selenium – Testing Tool. What is Selenium? Selenium is a robust set of tools that supports rapid development of test automation for web-based applications.

Selenium – Testing Tool. What is Selenium? Selenium is a robust set of tools that supports rapid development of test automation for web-based applications.
269200 Web Programming Language Dr. Ken Cosh Week 1 (Introduction)

Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
HTML 1 Introduction to HTML. 2 Objectives Describe the Internet and its associated key terms Describe the World Wide Web and its associated key terms.

HTML 1 Introduction to HTML. 2 Objectives Describe the Internet and its associated key terms Describe the World Wide Web and its associated key terms.
July 25, 2005 PEP Workshop, UM 2005 1 A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.

July 25, 2005 PEP Workshop, UM A Single Sign-On Identity Management System Without a Trusted Third Party Brian Richardson and Jim Greer ARIES Lab.
Client/Server Architectures

Client/Server Architectures
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.
Chapter 1 Introduction to HTML, XHTML, and CSS

Chapter 1 Introduction to HTML, XHTML, and CSS
Computer Concepts 2014 Chapter 7 The Web and E-mail.

Computer Concepts 2014 Chapter 7 The Web and .

Similar presentations

Ads by Google