Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita.

PublishWilla Lloyd Modified over 8 years ago

Similar presentations

Presentation on theme: "Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita."— Presentation transcript:

1 Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita Borisov, 2 Apu Kapadia 1 1.Indiana University Bloomington 2.University of Illinois at Urbana-Champaign 3.University of California, Berkeley CoNEXT 2012

2 Online Social Networks (OSNs) have revolutionized the way we communicate 2 Credit: Dave Larson, Infographic: Spring 2012 Social Media User Statistics, http://blog.tweetsmarter.com/social-media/, May 2012

3 But at the cost of privacy: Users are not in control of their data 3

4 Objective A decentralized and efficient architecture for social networking that provides strong security and privacy guarantees 4

5 Security and Privacy Requirements 5 Confidentiality Content should be accessible to only those who are authorized Integrity No one should be able to perform unauthorized updates to the data Availability User content should remain available, even if the owner is offline, and despite potential malicious attempts to destroy the data Flexible Policies Fine grained access control, e.g.,“(friend AND co-worker) OR family” Relationship Privacy Relationships between users should remain hidden from third parties Adversary model Storage nodes untrusted with data & relationships, social contacts trusted DHTs can tolerate up to 25% of malicious nodes, focus is not on routing- based attacks, Sybil or DoS attacks

6 Existing mechanisms for decentralized privacy-preserving social networking 6  Without support for encryption -Diaspora [http://joindiaspora.com] -“…barring some revolutionary design as yet unthought-of…” -LotusNet [Aiello et al. ’12]  Lack fine-grained policies -SafeBook [Cutillo et al. ’09 ], PeerSoN [Buchegger et al. ’09]  Better policies, but high overhead of revocation, trusted stores -Persona [Baden et al. ’09]  Pure gossip, less availability -[Mega et al. 2011]

7 Basic Architecture 7 A slightly different version of this architecture was presented in 4 th IEEE International Workshop on Security and Social Networking (SESOC '12), Switzerland, Mar 19, 2012.

8 Users’ Information is stored in a Distributed Hash Table (DHT) 8 Bob Alice Carol Eve Alice’s Status update Visit Alice’s status Alice’s Status update

9 9 Status Comment Video Link Cachet uses an object-oriented data structure ObjectDataPolicyReference List Status Message Object Like! Bob’s policy Alice’s Status Bob’s Comment Read Write/Delete Append

10 Attribute Based Encryption supports flexible confidentiality policies 10 friend, neighbor Bob CarolDiana AND Colleague Neighbor OR Friend colleague friend, colleague Alice  Attribute-based encryption (ABE) -User-defined attribute-based policy -We extend EASiER [Jahid et al. ‘11] (e.g., friend-of-friend attributes, thresholding)  Previous schemes do not provide flexible policies and efficient revocation

11 Providing confidentiality and integrity (read, write and append policies) 11 Alice’s status List of references to other objects Ref to Alice’s status = (objID; ABE(K; P); WPK) Ref to object n Alice’s wall … Sign with WSK Enc(K Alice, WSK) WPK ABE(ASK,AP) APK Symmetric Encrypted with K Ref to a comment Sign with ASK

12 Downloading and reconstructing a wall or an aggregated newsfeed is a lengthy process 1.Retrieve and ABDecrypt ‘update’ objects 2.Retrieve new objects from DHT 3.Decrypt updates with symmetric keys. Bob Alice Bob: Check my newsfeed Alice’s update: Ref. to Status 2000 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 Carol’s update: Ref. to Photo 54 ABDecryption Alice’s status: Status 2000 Alice’s status Status 2000 Carol’s photo 54 Carol’s photo: Photo 54 Symmetric Decryption Bob’newsfeed: Alice’s recent update Carol’s recent update. Bob’newsfeed: Alice’s recent update Carol’s recent update. 12

13 Social Caching leverage social trust relationships to reduce expensive decryption operations 13

14 Online social contacts can provide decrypted objects to contacts who also satisfy the policy 14 Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Bob Alice Carol Eve Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol Alice’s Status Read Policy: Bob and Carol

15 Need to build the social overlay first: The presence protocol is also decentralized 15 Bob Alice Carol Eve Presence object: Presence object: Presence object

16 Gossip-based social caching algorithm: A greedy approach 1.Creating the Presence Table 2.Selecting a Contact; If all contacts are visited or known to be offline, proceed to step 7 3.DHT Lookup and Connection 4.Pulling Information 5.Caching Information 6.Updating Presence Table; returning to Step 2 to locate the next social contact to connect to. 1.Performing DHT Lookups for online social contacts with No Mutual Social Contacts 16 Bob Carol Eve Diana Mary Friend# mutual friends On/Off Bob25 Carol20 Mary13 Diana7 Eve2 Friend# mutual friends On/Off Bob25 On Carol20 Mary13 Diana7 Eve2 Friend# mutual friends On/Off Bob25 On Carol20 Off Mary13 Diana7 Off Eve2 On Presence object Update object Update object Alice Presence object Update object Update object Presence object Presence object Update object Update object Presence object Update object Update object Presence object Friend# mutual friends On/Off Bob25 On Carol20 Off Mary13 On Diana7 Off Eve2 On Update object Update object

17 We built a simulator to study cache performance Newsfeed application, prototype in Java Simulation environment – FreePastry Simulator – Social graph : Facebook friendship graph from the New Orleans regional network with 63,732 nodes and 1.54 million edges – 10%, 30%, 50% online friends Based on Skype statistics, the 10-30% range is more pertinent Performance metrics – hitRate = fraction of newsfeed constructed from cache – progressiveHitRate(d) = fraction of newsfeed after d lookups 17

18 Social caching provides most of the newsfeed… …but not all of it (need the DHT) 18

19 Most of the social cache’s benefit comes from the first ~15 DHT lookups 19 The Average Progressive Hit Rate for users who have 100 to 200 social contacts

20 Speedup of loading the newsfeed: 5X-10X (25X-50X for the first 80-90% updates) 20 Even with only 10% of social contacts online, social caching provides performance improvement.

21 Discussion: Can we deploy Cachet today? Privacy issues – Users are aware of being excluded, policies to linked objects are visible – Identities of users who satisfy a particular policy will be known to all of those identities Deployment challenges – node churn, NAT Replace Facebook? – Maybe, hopefully, but not necessarily the goal – Add {c|C}achet to P2P networks that use social links – Skype, Tor, BitTorrent, … 21

22 Cachet…  is a decentralized approach for privacy-preserving OSNs  uses attribute-based encryption for flexible confidentiality and integrity policies  is a DHT and a social-overlay hybrid for better availability 22 Acknowledgments and Disclaimers This material is based upon work supported by the National Science Foundation under Awards CNS- 0953655 and CNS-1115693, by the Boeing Trusted Software Center at the University of Illinois and by the National Security Agency. These sponsors don’t necessarily share our views. Shirin Nilizadeh Prateek MittalNikita BorisovSonia Jahid

Download ppt "Cachet: A Decentralized Architecture for Privacy Preserving Social Networking with Caching Shirin Nilizadeh, 1 Sonia Jahid, 2 Prateek Mittal, 3 Nikita."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.

Luca Maria Aiello, Università degli Studi di Torino, Computer Science department 1 Tempering Kademlia with a robust identity based system.
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
Peer to Peer and Distributed Hash Tables

Peer to Peer and Distributed Hash Tables
PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.

PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval Prateek Mittal University of Illinois Urbana-Champaign Joint work with: Femi.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
UnFriendly: Multi-Party Privacy Risks in Social Networks Kurt Thomas, Chris Grier, David M. Nicol.

UnFriendly: Multi-Party Privacy Risks in Social Networks Kurt Thomas, Chris Grier, David M. Nicol.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Secure and Flexible Framework for Decentralized Social Network Services Luca Maria Aiello, Giancarlo Ruffo Università degli Studi di Torino Computer Science.

Secure and Flexible Framework for Decentralized Social Network Services Luca Maria Aiello, Giancarlo Ruffo Università degli Studi di Torino Computer Science.
DECENT: A Decentralized Architecture for Enforcing Privacy in Online Social Networks Sonia Jahid 1, Shirin Nilizadeh 2, Prateek Mittal 1, Nikita Borisov.

DECENT: A Decentralized Architecture for Enforcing Privacy in Online Social Networks Sonia Jahid 1, Shirin Nilizadeh 2, Prateek Mittal 1, Nikita Borisov.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,

FRIENDS: File Retrieval In a dEcentralized Network Distribution System Steven Huang, Kevin Li Computer Science and Engineering University of California,
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Partitioning Social Networks for Time-dependent Queries Berenice Carrasco, Yi Lu and Joana M. F. da Trindade - University of Illinois - EuroSys11 – Workshop.

Partitioning Social Networks for Time-dependent Queries Berenice Carrasco, Yi Lu and Joana M. F. da Trindade - University of Illinois - EuroSys11 – Workshop.
A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.

A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.
P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.

P2P: Advanced Topics Filesystems over DHTs and P2P research Vyas Sekar.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Object Naming & Content based Object Search 2/3/2003.

Object Naming & Content based Object Search 2/3/2003.
Privacy in Online Social Networks Sonia Jahid Department of Computer Science University of Illinois at Urbana-Champaign March 10, 2011 www.soniajahid.com.

Privacy in Online Social Networks Sonia Jahid Department of Computer Science University of Illinois at Urbana-Champaign March 10,
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Similar presentations

Ads by Google