Date post: | 13-Jul-2015 |
Category: |
Technology |
Upload: | atosworldline |
View: | 741 times |
Download: | 1 times |
17/11/2011CARTES & IDentificationAntoine Fressancourt
The case of privacy in social networks Antoine Fressancourtnetworks
▶ Rising concern around privacy in social networks– Use of private information for
advertising purposes– Applications gaining access to
more and more personal more and more personal information
– Usage tracking using referral buttons
– Access to information directly using URL, content not ciphered
▶ More and more complex to manage– Groups– Possibility to specify target groups
on social network updates Adapted from The History Of Facebook’s
2
on social network updatesDefault Privacy Settings by Matt McKeon
17/11/2011CARTES & IDentificationAntoine Fressancourt
A recent case: Europe vs Facebook Antoine FressancourtEurope vs. Facebook
▶ Case raised by Max ▶ Case raised by Max Schrems, a 24 years old law student against Facebook
▶ Discovered that Facebook keeps track of every digital trace of a user, even when they are “deleted”are deleted
3
17/11/2011CARTES & IDentificationAntoine Fressancourt
Highlighted issuesAntoine Fressancourt
Those examples tend to highlight two issues
PrivacyPrivacyinside the social network itself
Data privacy fromData privacy fromoutside the social network
4
17/11/2011CARTES & IDentificationAntoine Fressancourt
Anatomy of a social networkFunctional building blocks Antoine FressancourtFunctional building blocks
Identity Management of user d i l d ib
Profile(s)
Identity credentials and attributes
Role management for users i.e. how they want to appearic
y
Profile(s)
Social graph
how they want to appear
Management of a user’srelationshipsy
pol
g p
Messaging
relationships
Synchronous and asynchronousmessages for a userPr
ivac
g g
Repository
g
Storage of documents associated to a user
P
5
17/11/2011CARTES & IDentificationAntoine Fressancourt
Potential solutionsAntoine Fressancourt
P i Cypher information Privacy inside the social
t k it lf
Cypher information inside the network itselfto protect from the SNS
providernetwork itself provider
Use identityData privacy from
outside the
Use identitymanagement concepts and zero knowledge
approaches to securesocial network approaches to secureexchanges with external
sites
6
17/11/2011CARTES & IDentificationAntoine Fressancourt
Privacy inside the social networkReview of academic solutions Antoine FressancourtReview of academic solutions
Mainly two families of approaches:
▶ « add-in » applications▶ « add-in » applications
– FlyByNight: Re-Encryption proxy, El Gamal encryption, AES
– NOYB: Replace each attribute of a given user by an attribute of another member of its social network
– FaceCloak: Dictionnary, MAC
▶ « Privacy by Design » social networks▶ « Privacy by Design » social networks
– Persona: Attribute-Based Encryption
– EASiER: Attribute-Based Encryption
– A Collaborative Framework for Privacy Protection in Online Social Network: El Gamal
Cryptographic Treatment of Private User Profiles: Broadcast Encryption
7
– Cryptographic Treatment of Private User Profiles: Broadcast Encryption
17/11/2011CARTES & IDentificationAntoine Fressancourt
Our proposal Solving the « inside » privacy issue Antoine FressancourtSolving the « inside » privacy issue
Using a Cypher text Policy AttributeBased Encryption (CP-ABE) scheme to Based Encryption (CP ABE) scheme to cypher the data inside the social network
▶ Advantagesll d f l b d– Allows us to define privacy policies based
on fine grained predicates– Englobate both Identity-based encryption
and Identity based broadcast encryptionsand Identity based broadcast encryptions– Ease of deployment given our objectives
▶ Drawback– Keys and cypher texts are longer than in
simpler, IBE schemes– Heavy management of cryptographic keys
8
17/11/2011CARTES & IDentificationAntoine Fressancourt
What is IBE?Identity based encryption Antoine FressancourtIdentity based encryption
▶ Identity based encryption:
▶ Proposed by Shamir in 1984
▶ Encrypt a message using any arbitrary string as the key. (Message)[email protected]
▶ The string can be a representation of the user’s identity
▶ Principle:▶ Alice encrypt a message with
Bob’s e-mail addressh▶ Bob asks a PKG (Private Key
Generator) to provide a private key associated to his e-mail address.
AuthenticationPrivate Key
PKG
9
17/11/2011CARTES & IDentificationAntoine Fressancourt
What is ABE?Attribute based encryption Antoine FressancourtAttribute based encryption
▶ Attribute based encryption is a generalisation of identity based encryption
▶ Encryption according
AND
▶ Encryption according attributes:▶ Personal: age, town, name…▶ Relational: colleague, family,
+18 y.o+18 y.oOR
friends, …
▶ Ciphertext-policy ABE: ▶ Cipher text possesses access ▶ Cipher text possesses access
structure▶ Saving structures
ColleagueColleague FranceFrance
10
17/11/2011CARTES & IDentificationAntoine Fressancourt
Privacy outside the social networkWhat is needed Antoine FressancourtWhat is needed
Possibility to register on websites with credentials Use case of identity websites with credentials
provided to the social network
Use case of identity management systems
Social network External sitesSocial network External sites
Recovery of user data in various ways ( logs,
cookies, …)
Need to conform to regulation, risk related to user
acceptance
11
cookies, …) acceptance
17/11/2011CARTES & IDentificationAntoine Fressancourt
What is Identity Management?Antoine Fressancourt
▶ Technologies, policies and practices used to control paccess to a resource by a third party.
▶ Three entities:UserUser
▶ Identity Provider (IdP): maintains and gives access to a user’s credentialsS i P id (SP) ▶ Service Provider (SP): Consumes attributes provided by an IdP
▶ User: Controls the distribution IdPIdP SPSPof its credentials by the IdP
12
17/11/2011CARTES & IDentificationAntoine Fressancourt
Use of identity management in a social network context Antoine Fressancourtsocial network context
Use of concepts popularized by Idemix and UproveIdemix and Uprove▶ Anonymous credentials▶ Zero-knowledge protocol
P otocol in hich a p o e sho s to a Random value
– Protocol in which a prover shows to a verifier that he possesses an information without revealing it.
– Introduced by Goldwasser Micali and erif
ier
rove
r
Challenge
Introduced by Goldwasser, Micali and Rackoff in 1984.
▶ Minimal Disclosure
VePr
Response
How to perform the proof calculation?
Generation on the fly using a zero
k l d il
13
proof calculation? knowledge compiler
17/11/2011CARTES & IDentificationAntoine Fressancourt
CACE: A zero knowledge compilerAntoine Fressancourt
Computer Aided CryptographyEngineering:▶ European Project▶ ∑-protocols▶ Composition techniques▶ Certificates
14
17/11/2011CARTES & IDentificationAntoine Fressancourt
Our proposal Solving the « outside » privacy issue Antoine FressancourtSolving the « outside » privacy issue
Use of Identity Managementplatform and protocolsplatform and protocols
▶ Ensure minimal disclosure of privateinformation
▶ Framework to manage the disclosure of user credentials
Integration of a zero knowledgeg gcompiler
▶ Computing zero knowledge proofs on the flyy
▶ Enhance the protection of privateinformation through minimal disclosure.
15
17/11/2011CARTES & IDentificationAntoine Fressancourt
To concludeAntoine Fressancourt
▶ Social networks raise a number of issues related to data security and privacyprivacy
▶ Two kinds of privacy issues– From inside the social network itself– From external sites outside the social network
▶ Inside privacy isssues can be solved by using ABE to protect data and give it access only to authorized contactsgive it access only to authorized contacts
▶ Outside privacy issues can be solved by using identity management protocols and systems
▶ Overall, better management of data privacy in future social network services deployed using emerging standards
16
Thank you
Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGridare registered trademarks of Atos SA. June 2011
© 2011 Atos. Confidential information owned by Atos, to be used by
17/11/2011
© y , ythe recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.