Efficient Trace and Revoke Schemes
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Information revelation and privacy in online social networks
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Communications of the ACM
Measurement and analysis of online social networks
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
NOYB: privacy in online social networks
Proceedings of the first workshop on Online social networks
Identity-based encryption with efficient revocation
Proceedings of the 15th ACM conference on Computer and communications security
FlyByNight: mitigating the privacy risks of social networking
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Attribute based proxy re-encryption with delegating capabilities
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
FaceCloak: An Architecture for User Privacy on Social Networking Sites
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Attribute based data sharing with attribute revocation
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Preserving privacy in online social networks
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Privacy Preserving Access Control with Authentication for Securing Data in Clouds
CCGRID '12 Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
Cryptographic treatment of private user profiles
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Social networking with frientegrity: privacy and integrity with an untrusted provider
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Cachet: a decentralized architecture for privacy preserving social networking with caching
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Private friends on a social networking site operated by an overly curious SNP
NSS'12 Proceedings of the 6th international conference on Network and System Security
Proxy-invisible CCA-secure type-based proxy re-encryption without random oracles
Theoretical Computer Science
Crypto-Book: an architecture for privacy preserving online identities
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
CP2: Cryptographic privacy protection framework for online social networks
Computers and Electrical Engineering
| Hi-index | 0.01 |
A promising approach to mitigate the privacy risks in Online Social Networks (OSNs) is to shift access control enforcement from the OSN provider to the user by means of encryption. However, this creates the challenge of key management to support complex policies involved in OSNs and dynamic groups. To address this, we propose EASiER, an architecture that supports fine-grained access control policies and dynamic group membership by using attribute-based encryption. A key and novel feature of our architecture, however, is that it is possible to remove access from a user without issuing new keys to other users or re-encrypting existing ciphertexts. We achieve this by creating a proxy that participates in the decryption process and enforces revocation constraints. The proxy is minimally trusted and cannot decrypt ciphertexts or provide access to previously revoked users. We describe EASiER architecture and construction, provide performance evaluation, and prototype application of our approach on Facebook.