Linearizability: a correctness condition for concurrent objects
ACM Transactions on Programming Languages and Systems (TOPLAS)
Managing update conflicts in Bayou, a weakly connected replicated storage system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Serverless network file systems
ACM Transactions on Computer Systems (TOCS) - Special issue on operating system principles
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
ACM Transactions on Computer Systems (TOCS)
Secure group communications using key graphs
IEEE/ACM Transactions on Networking (TON)
Building secure file systems out of byzantine storage
Proceedings of the twenty-first annual symposium on Principles of distributed computing
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proceedings of the 16th international conference on World Wide Web
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Dynamo: amazon's highly available key-value store
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Planetary-scale views on a large instant-messaging network
Proceedings of the 17th international conference on World Wide Web
NOYB: privacy in online social networks
Proceedings of the first workshop on Online social networks
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
Privacy homomorphisms for social networks with private relationships
Computer Networks: The International Journal of Computer and Telecommunications Networking
Privacy-Aware Collaborative Access Control in Web-Based Social Networks
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
FlyByNight: mitigating the privacy risks of social networking
Proceedings of the 7th ACM workshop on Privacy in the electronic society
PeerSoN: P2P social networking: early experiences and insights
Proceedings of the Second ACM EuroSys Workshop on Social Network Systems
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
De-anonymizing Social Networks
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Lockr: better privacy for social networks
Proceedings of the 5th international conference on Emerging networking experiments and technologies
PrPl: a decentralized social networking infrastructure
Proceedings of the 1st ACM Workshop on Mobile Cloud Computing & Services: Social Networks and Beyond
Super-efficient aggregating history-independent persistent authenticated dictionaries
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A privacy-preserving scheme for online social networks with efficient revocation
INFOCOM'10 Proceedings of the 29th conference on Information communications
Privacy-Aware and Highly-Available OSN Profiles
WETICE '10 Proceedings of the 2010 19th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises
Birds of a FETHR: open, decentralized micropublishing
IPTPS'09 Proceedings of the 8th international conference on Peer-to-peer systems
Efficient data structures for tamper-evident logging
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Venus: verification for untrusted cloud storage
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Depot: cloud storage with minimal trust
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
SPORC: group collaboration using untrusted cloud resources
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
EASiER: encryption-based access control in social networks with efficient revocation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Privad: practical privacy in online advertising
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Beyond one-third faulty replicas in byzantine fault tolerant systems
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Contrail: enabling decentralized social networks on smartphones
Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
Confidant: protecting OSN data without locking it up
Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
Safebook: A privacy-preserving online social network leveraging on real-life trust
IEEE Communications Magazine
Cachet: a decentralized architecture for privacy preserving social networking with caching
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Tolerating business failures in hosted applications
Proceedings of the 4th annual Symposium on Cloud Computing
Hi-index | 0.00 |
Today's social networking services require users to trust the service provider with the confidentiality and integrity of their data. But with their history of data leaks and privacy controversies, these services are not always deserving of this trust. Indeed, a malicious provider could not only violate users' privacy, it could equivocate and show different users divergent views of the system's state. Such misbehavior can lead to numerous harms including surreptitious censorship. In light of these threats, this paper presents Frientegrity, a framework for social networking applications that can be realized with an untrusted service provider. In Frientegrity, a provider observes only encrypted data and cannot deviate from correct execution without being detected. Prior secure social networking systems have either been decentralized, sacrificing the availability and convenience of a centralized provider, or have focused almost entirely on users' privacy while ignoring the threat of equivocation. On the other hand, existing systems that are robust to equivocation do not scale to the needs social networking applications in which users may have hundreds of friends, and in which users are mainly interested the latest updates, not in the thousands that may have come before. To address these challenges, we present a novel method for detecting provider equivocation in which clients collaborate to verify correctness. In addition, we introduce an access control mechanism that offers efficient revocation and scales logarithmically with the number of friends. We present a prototype implementation demonstrating that Frientegrity provides latency and throughput that meet the needs of a realistic workload.