J. Camenisch, G. Karjoth, G. Neven, Franz-Stefan Preiss
{"title":"Anonymously sharing Flickr pictures with facebook friends","authors":"J. Camenisch, G. Karjoth, G. Neven, Franz-Stefan Preiss","doi":"10.1145/2517840.2517861","DOIUrl":null,"url":null,"abstract":"Many Internet users today use an electronic social network service (SNS) to share data with their friends. Most SNSs let users restrict access to their shared data, e.g., to particular groups of friends, or to users satisfying other criteria based on their attributes or relationships. Usually, however, such access control restrictions can only be applied to resources hosted on the SNS itself. In this paper, we present protocols to enable SNS users to protect access to resources that are hosted on external service providers (SPs). Our mechanisms preserve the users' privacy in the sense that (1) the SP does not learn the SNS-identities of users that share or access the resource, nor does it learn anything about the access policy that protects it, (2) the SNS does not obtain any information about the resource, and in particular, does not obtain a link to it, and (3) the SP cannot change the policy set by the owner of the resource, or test the policy on users who never requested access to the resource. We give formal definitions of these security requirements and present a cryptographic protocol based on group signatures that provably fulfills them. We also discuss to what extent our requirements can be fulfilled using the standard OAuth authorization protocol while making only minor changes to the SNS infrastructure.","PeriodicalId":406846,"journal":{"name":"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2517840.2517861","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Many Internet users today use an electronic social network service (SNS) to share data with their friends. Most SNSs let users restrict access to their shared data, e.g., to particular groups of friends, or to users satisfying other criteria based on their attributes or relationships. Usually, however, such access control restrictions can only be applied to resources hosted on the SNS itself. In this paper, we present protocols to enable SNS users to protect access to resources that are hosted on external service providers (SPs). Our mechanisms preserve the users' privacy in the sense that (1) the SP does not learn the SNS-identities of users that share or access the resource, nor does it learn anything about the access policy that protects it, (2) the SNS does not obtain any information about the resource, and in particular, does not obtain a link to it, and (3) the SP cannot change the policy set by the owner of the resource, or test the policy on users who never requested access to the resource. We give formal definitions of these security requirements and present a cryptographic protocol based on group signatures that provably fulfills them. We also discuss to what extent our requirements can be fulfilled using the standard OAuth authorization protocol while making only minor changes to the SNS infrastructure.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
