Friday, November 15, 2019
Secure Encounter-based Mobile Social Networks
Secure Encounter-based Mobile Social Networks ABSTRACT: Encounter-based social networks and encounter-based systems link users who share a location at the same time, as opposed to the traditional social network paradigm of linking users who have an offline friendship. This new approach presents challenges that are fundamentally different from those tackled by previous social network designs. In this paper, we explore the functional and security requirements for these new systems, such as availability, security, and privacy, and present several design options for building secure encounter-based social networks. To highlight these challenges we examine one recently proposed encounter-based social network design and compare it to a set of idealized security and functionality requirements. We show that it is vulnerable to several attacks, including impersonation, collusion, and privacy breaching, even though it was designed specifically for security. Mindful of the possible pitfalls, we construct a flexible framework for secure encounter-base d social networks, which can be used to construct networks that offer different security, privacy, and availability guarantees. We describe two example constructions derived from this framework, and consider each in terms of the ideal requirements. Some of our new designs fulfill more requirements in terms of system security,reliability, and privacy than previous work. We also evaluate real-world performance of one of our designs by implementing a proof-of-concept iPhone application called MeetUp. Experiments highlight the potential of our system and hint at the deployability of our designs on a large scale EXISTING SYSTEM: Early work assumed that the parties could communicate over a public but authenticated channel or, equivalently, assumed a passive adversary. This assumption was relaxed in later work, which considered an active adversary who could modify all messages sent between the two parties.In the Traditional Social network site present a dra-matically different set of challenges, not the least of which are security and privacy of users and authenticity of the other party in a conversation. Guarantees that are trivial in traditional social networks, such as authenticity (ensuring one is com-municating with the desired person), become open problems in encounter-based networks. Additionally, requirements like anonymityââ¬âa feature that is not needed in most traditional online social networks based on prior face-to-face contactââ¬â need to be considered in encounter-based networks. This is desirable because users would expect information about people they happen to meet to stay private. Fu rthermore, since people do not automatically place their trust in others simply based on presence in the same location, it is also desirable to reveal the minimum amount of information required for future secure communication. Sharing detailed personal information is not the primary goal of encounter-based networks, but can of course be easily implemented if both users agree upon the successful verified encounter.. PROPOSED SYSTEM: In proposed system we consider fundamental requirements for encounter-based social networks. We note that in addition to basic functionality like high availability, scalability, and robustness to failure, these systems should provide several security guarantees, including privacy in the form of unlinkability of users sharing an encounter, confidentiality of data exchanged among encounter participants, and authentication of both users in a two-party conversation. We construct a flexible frame-work for secure encounter-based social networks, which can be used to construct networks that offer different security, privacy , and availability guarantees. We describe two example constructions derived from this framework, and consider each in terms of the ideal requirements. Some of our new designs fulfill more requirements in terms of system security, reliability, and privacy than previous work. The first experience of interaction you want to provide an incoming user are the updates and responses about his activity in the system. This keeps the user updated about whatââ¬â¢s going on in here. Although encounter-based systems appear very analogous to existing social networks, they present a considerably different set of challenges, out of which are security and privacy of users and authenticity of the other party in a conversation are important. Assurances that are trivial in traditional social networks, such as authenticity (ensuring one is communicating with the desired person), become unwrapped problems in encounter-based networks. Additionally, requirements like obscurityââ¬âa feature that is not needed in most usual online social networks based on prior face-to-face contactââ¬âneed to be considered in encounter-based networks. This is desirable because users would look forward for information about people they happen to meet to stay private. Also, since people do not automatically place their faith in others simply based on presence in the same location, it is also desirable to disclose the minimum amount of information required for future secure communication . Sharing complete personal information is not the primary goal of encounter-based networks, but can of-course be easily put into practice if both users agree upon the successful verified encounter. we consider basic requirements for encounter-based social networks in addition to basic functionality like high availability, scalability, privacy security. We propose specific design architecture for encounter-based social network. In this architecture suggest two possible implementation, each conspicuous a balance between performance and security. To highlights of challenges it was designed for specifically secure centralized server. ARCHITECTURE: MODULES: Privacy or unlink ability. The privacy of two parties sharing an encounter must be protected, even from others in the vicinity who may also participate in simultaneous encounters. In this case, privacy means that an external adversary (even one taking part in the encounter or colluding with a ââ¬Å"bulletin boardâ⬠or rendezvous server to be used in latter phase) who is not one of the two users of interest should not be able to conclusively determine that two users have made a connection. Authenticity Meaning that when two users decide to make a connection, they should be assured that messages indeed originate from each other. Confidentiality Meaning that information exchanged between two users should be accessible only to them. Availability. As such, the infrastructure to exchange encounter information should be accessible most of the time. The unavailability of individual users should not affect the availability of other users. Since the time at which encounter parties check for potential encounters associated with their activities could be arbitrary, the encounter-based social network is more sensitive to availability than conventional social networks. Scalability. With typical social networks being large in size, any potential social network design, including those based on encounters, should scale to support a large number of simultaneous users. This requires minimizing dependence on a centralized entity.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.