xBook:Redesigningprivacycontrolinsocialnetworkingplatforms资源-CSDN文库

3星 · 超过75%的资源需积分: 10 197 浏览量 2010-01-27 11:36:10 上传评论收藏 1.88MB PDF 举报

标题与描述均聚焦于“xBook：在社交网络平台中重新设计隐私控制”的主题，而这一议题在现代互联网社会中显得尤为重要。随着社交网络从单一的服务提供商转变为支持第三方应用程序的平台，用户对个人数据安全的关注日益增加。xBook项目正是在这样的背景下诞生，旨在为社交网络应用提供一个全新的框架，以保护用户的隐私，同时保持现有社交网络的功能性。 ### 重要知识点详述 #### 1. 社交网络与第三方应用的信任问题传统上，用户将大量个人信息托付给社交网络平台，基于对这些平台隐私政策的信任。然而，随着第三方应用程序的兴起，用户被要求同样信任每一个使用中的应用，这导致了隐私泄露的风险。由于第三方应用可能未经充分审核，或存在安全性不足的问题，用户的数据可能因应用开发者的行为不当而遭受损失。 #### 2. xBook框架的核心理念 xBook项目提出了一种创新框架，用于构建尊重用户隐私的社交网络应用。该框架利用信息流模型来限制不信任的应用程序对所接收信息的操作权限，从而在保持现有社交网络功能的同时，增强用户数据的安全性。通过平台原型的展示，xBook证实了其设计的可行性，并通过开发示例应用进一步评估了平台的实用性。 #### 3. 设计与实现的挑战 xBook在设计和实施过程中面临了多重挑战，不仅包括安全方面的考量，还有非安全因素。安全挑战主要涉及如何在不影响用户体验的前提下，确保数据传输过程中的机密性和完整性。而非安全挑战则可能涉及到用户体验设计、性能优化等方面，确保平台既安全又高效。 #### 4. 隐私意识的提升随着在线私人信息量的增加，用户的隐私担忧也在不断增长。一些人因为在线社交行为而遭受严重后果，如学生因在线不当言论被罚款，甚至有政治人物因社交媒体上的争议图片被迫辞职。这些事件凸显了隐私保护的重要性，促使人们更加重视在线数据的管理。 ### 结论 xBook项目针对社交网络平台隐私控制的重新设计，不仅体现了技术领域的创新，更回应了现代社会中用户对个人数据保护的迫切需求。通过建立一套新的隐私保护框架，xBook不仅增强了数据安全性，也促进了社交网络平台与用户之间的信任关系，为未来社交网络的发展提供了有价值的参考和启示。

资源推荐

资源详情

资源评论

xBook: Redesigning Privacy Control in Social Networking Platforms

Kapil Singh

∗

Sumeer Bhola

∗

Wenke Lee

School of Computer Science Google School of Computer Science

Georgia Institute of Technology sumeer@acm.org Georgia Institute of Technology

ksingh@cc.gatech.edu wenke@cc.gatech.edu

Abstract

Social networking websites have recently evolved from

being service providers to platforms for running third

party applications. Users have typically trusted the so-

cial networking sites with personal data, and assume that

their privacy preferences are correctly enforced. However,

they are now being asked to trust each third-party applica-

tion they use in a similar manner. This has left the users’

private information vulnerable to accidental or malicious

leaks by these applications.

In this work, we present a novel framework for build-

ing privacy-preserving social networking applications that

retains the functionality offered by the current social net-

works. We use information ﬂow models to control what

untrusted applications can do with the information they

receive. We show the viability of our design by means

of a platform prototype. The usability of the platform is

further evaluated by developing sample applications using

the platform APIs. We also discuss both security and non-

security challenges in designing and implementing such a

framework.

1 Introduction

Social networking sites have transformed the way peo-

ple express themselves on the Internet and have become

a door to the social life of many individuals. Users are

contributing more and more content to these sites in or-

der to express themselves as part of their proﬁles and to

contribute to their social circles online. While this builds

up the online identity for the user, it also leaves the data

vulnerable to be misused, as an example, for targeted ad-

vertising and sale.

More private data online has lead to growing privacy

concerns for the users, and some have faced extreme

repercussions for sharing their private information on

these networking sites. For example, students have been

ﬁned for their online social behavior [29]; a mayor was

forced to resign because of a controversial Myspace pic-

ture [32]. There are numerous such cases, and these inci-

dents clearly underline the importance of privacy control

∗

Part of the work was done when the ﬁrst author was an intern and

the second author was an employee at IBM Research T.J. Watson.

in social networks.

With the advent of Web 2.0 technologies, web appli-

cation development has become much more distributed

with a growing number of users acting as developers and

source of online content. This trend has also inﬂuenced

social networks that now act as platforms allowing de-

velopers to run third-party content on top of their frame-

work. Facebook opened up for third-party application

development by releasing its development APIs in May

2007 [22]. Since the release of the Facebook platform,

several other sites have joined the trend by supporting

Google’s OpenSocial [10], a cross-site social network de-

velopment platform.

These third-party applications further escalate the pri-

vacy concerns as user data is shared with these applica-

tions. Typically, there is no or minimal control over what

user information these applications are allowed to access.

In most cases, these applications are hosted on third party

servers that are difﬁcult to monitor. As a result, it is not

feasible to police the data being leaked from the applica-

tion after the data is shared with the application. There

have been several reported cases where users’ private in-

formation was leaked by the applications, either due to

intentional leaks [21] or due to vulnerabilities in the ap-

plication [26].

Most social networking platforms, such as Facebook,

currently provide the applications with full access to user

proﬁle information. This permission is granted in Face-

book when the user adds the application, which requires

the user to make a trust decision. Setting ﬁne-grained ac-

cess control policies for an application, even if they were

supported, would be a complex task. Furthermore, access

control policies are not sufﬁcient in enforcing the privacy

of an individual: once an application is permitted by a

user’s access control policy, it has possession of the user’s

data and can freely leak this information anytime for per-

sonal gains. For example, a popular Facebook applica-

tion, Compare Friends, that promised users’ privacy in

exchange for opinions on their friends later started sell-

ing this information [35].

In this paper, we are concerned with protecting the

users’ private information from leaks by third-party ap-

plications. We present a mechanism that controls not only

what the third-party applications can access, but also what

these applications can do with the data that they are al-

lowed to access. We propose and implement a new frame-

work called xBook that provides a hosting service to the

applications and enforces information ﬂow control within

the framework. xBook provides three types of enforce-

ment that encapsulate the privacy requirements in a typ-

ical social network setting: (1) user-user access control

(e.g., access to only friends) for data ﬂowing within one

application, (2) information sharing outside xBook with

external parties; and (3) protection of the application’s

proprietary data. While (1) and (2) protects the privacy

of a user from information leaks, (3) prevents the applica-

tion’s proprietary data or algorithm from being leaked to

the application users.

The third-party applications are redesigned in such a

way that they have access to all the data they require (al-

lowing them to perform their functionality) and at the

same time, not allowing these applications to pass this

data to an external entity unless it is approved by the user.

Our framework enforces that the applications make these

communications explicit to the user so that he is more in-

formed before approving an application.

There are several challenges associated with the design

of our xBook framework:

Conﬁnement. The execution of application code needs

to be conﬁned. This problem needs to be dealt with inde-

pendently on the client side within the browser and on the

server side in the web server. We use “the web server” as

a conceptual entity to represent one or more servers.

Mediation. All communication from and within an ap-

plication needs to be mediated by the xBook platform for

permissible information ﬂow. To this end, we developed

a labeling model that enforces user-deﬁned security poli-

cies. High-level policies speciﬁed by the user are con-

verted to low-level labels enforced by xBook.

Programmability. The programming abstraction to the

application writers should be practical and easy to use.

xBook provides a set of simple APIs in line with the ex-

isting social networking platforms.

Portability. The requirements imposed by xBook on the

application design should not break the existing applica-

tions. In other words, it should be feasible to port most

functionality of typical applications to xBook with little

effort.

We show the viability of our framework design by im-

plementing a working prototype of our xBook system and

porting some of the popular applications from existing so-

cial networks, such as Facebook, on top of the framework.

We also demonstrate a practical deployment strategy of

our system by porting our framework itself as an appli-

cation on Facebook. Our system is available online [33].

We evaluate the security of our platform by illustrating

some possible application scenarios, and how xBook en-

sures privacy control in such cases. We also create some

synthetic attacks that attempt to exploit the platform to

leak information. Our results illustrate that xBook can

successfully prevent all such attacks. Our performance

results further demonstrate that xBook’s privacy control

mechanism incurs negligible overhead for typical social

networking applications.

The rest of the paper is organized as follows. Sec-

tion 2 motivates our work by analyzing some privacy is-

sues with the current social networking platforms. We

present an overview of our xBook framework in Section

3. Section 4 and 5 discuss the implementation details of

xBook’s client-side and server-side components, respec-

tively. Our labeling model is described in Section 6. Sec-

tion 7 presents the evaluation results. We discuss the limi-

tations of our work in Section 8, followed by related work

in Section 9. Finally, Section 10 concludes the paper.

2 Background

2.1 Social Networking Platforms

Social networks are the backbone of the online social

life of many Internet users. These networks have ex-

panded their development scope by allowing third-party

developers to write their own applications, which in turn

can be accessed and executed via the social network. An

application is an entity that provides some value-added

service to the user, and it requires user’s proﬁle data to

perform its functionality. For example, a simple horo-

scope application generates daily horoscope based on

user’s birth information.

Facebook is one popular network that has pioneered the

concept of the social network as a platform. The applica-

tions bring value both to the platform and its users in pro-

viding new features. Applications are deployed on their

own servers and Facebook only acts as a proxy for in-

tegrating the applications’ output to its own pages. The

growing popularity of applications on Facebook has en-

ticed other networks, such as Google’s Orkut, to start sup-

porting applications. The Orkut platform model is based

on the OpenSocial framework [18]. OpenSocial provides

a set of APIs for its partner sites (which it refers to as

“containers”) to implement. An application that is built

for one container should be able to run with few modiﬁ-

cations on other partner sites. The APIs allow third parties

to have access to the social graph and personal user data.

For the rest of the paper, we use the Facebook case as an

example; similar concepts apply to other social network-

ing platforms.

2.2 Privacy Issues with Current Designs

Facebook supports customized policies for user-user

access control, but currently provides no control on what

(a) (b) (c)

Figure 1: Application architecture for: (a) current platforms. (b) xBook platform. (c) xBook on Facebook.

user proﬁle data can be accessed by third party applica-

tions. Applications run on their own servers that have no

control administered by Facebook (Figure 1(a)). Appli-

cations need data to perform their functionality; they can

request user data from the social platform and store it at

their own servers. Facebook discourages storing user data

on the application’s own servers by barring it in their li-

cense agreement [5], but there is no way of enforcing it in

Facebook’s current architecture.

Application developers have access to a user’s data

even when they are not friends with the user. Unlike

a regular friend relationship, this relationship is neither

symmetric nor transparent: the application developer has

access to the user’s information, but the user does not nec-

essarily know who the application developer is.

Before adding an application, the users are required to

agree to a service agreement that allows the application to

have access to their proﬁle data. This general agreement

is presented for every application, and no other speciﬁc

information is provided about the application. Since a ma-

jority of the applications are known not to exploit users’

personal data, the users tend to add any application, effec-

tively defeating the purpose behind the service agreement.

Additionally, second-degree permissions that allow appli-

cations to have access to the proﬁles of the users’ friends

add another layer of complexity.

There have been several reported incidents where users’

information was leaked due to a vulnerability in the appli-

cation [26]. The platform is trusting all third party devel-

opers, but the trust is misplaced since there is no restric-

tion on who is allowed to develop an application. One of

the most popular Facebook applications, TopFriends, had

a vulnerability that allowed any user of TopFriends to see

the proﬁle of another user, even if they are not friends with

each other [26]. Private information of some high proﬁle

users was leaked. Facebook’s response to this controversy

was that they expect third party applications to follow their

policies, which is not acceptable considering that there is

no effective way to police the application developers.

User data has a lot of commercial value to market-

ing companies, competing networking sites, and identity

thieves. Therefore, it is not surprising that many applica-

tions have been observed to intentionally leak user data to

external parties for proﬁt [21]. Other surveys have also

discovered similar violations based on an application’s

externally-visible behavior [19]. The situation could be

even worse as it is not feasible to determine how many

other applications violate the user’s privacy with internal

data collection.

Social networking sites have a responsibility to protect

user data that has been entrusted to them. The current ap-

proach is to legally bind the third parties using a Terms

of Service (TOS) agreement [4]. However, it is not possi-

ble to monitor the path of information once the informa-

tion has been released to these parties. Therefore, social

networks can not rely on untrusted third parties follow-

ing their TOS agreements to protect user privacy. Instead,

privacy policies should be enforced by the platform and

applied to all data that has been entrusted to the social

networking site. Our platform design, xBook, is one step

forward in this direction.

Felt et al. [19] have proposed a solution to proxy the

user information in the form of tags to the third-party ap-

plications. These applications do not have access to user

data and instead use pre-deﬁned tags to format their output

being displayed to the user. Their solution limits the ca-

pability of some important and popular applications, such

as the horoscope application, that perform processing on

user data beyond just displaying it. Our work enforces no

such restriction on the application behavior.

3 xBook Overview

xBook is an architectural framework for building social

networks that prevents untrusted third-party applications

from leaking users’ private information. The applications

are hosted on xBook’s trusted platform (Figure 1(b)), and

xBook provides complete mediation for all communica-

tion to and from these applications.

In a social network setting, an application might com-

municate with entities outside the xBook system, called

external entities, to perform speciﬁc tasks. For exam-

ple, the horoscope application may communicate with

www.tarot.com to receive horoscopes for every sun-

sign. The application also encapsulates its own data or

algorithm that needs to be protected from untrusted users.

In the xBook framework, applications are designed as a

set of components; a component being the smallest granu-

larity of application code monitored by xBook. A compo-

nent is chosen based on what information the component

has access to and what external entity it is allowed to com-

municate with. In the horoscope application, one compo-

剩余17页未读，继续阅读

评论收藏

内容反馈

tcczsw

2014-02-08

很有用，关于网络隐私

irobert0126

粉丝: 1
资源: 19

xBook: Redesigning privacy control in social networking platform...

最新资源

xBook: Redesigning privacy control in social networking platform...

xbook:阅读综合性书籍和文具库-开源

xBook:xBook是考古数据库的框架-开源

xbook2:xbook2是一个基于x86处理器的32位操作系统，实现内置的基础功能，可以拿来学习操作系统知识

xbook是一个基于x86架构的32位操作系统，运行在PC电脑上，目前主要通过虚拟机测试开发

xbook2是一个基于x86处理器的32位操作系统，实现了大量的基础功能，可以拿来学习操作系统知识。-Linux开发

BookOS，一个小型的操作系统，基于xbook2操作系统内核

BookOS:BookOS是一个基于xbook2内核的微型操作系统，您可以使用它来学习！

xbook2是一个基于x86处理器的32位操作系统，实现了大量的基础功能，可以拿来学习操作系统知识

毕设&课设&项目&实训-基于xbook2操作系统内核。.zip

xbook2.zip_操作系统开发_C/C++__操作系统开发_C/C++_

C#中如何插入照片到Excel

cyberarticle-5.3 离线帮助

xbookmaker汉化版

C# 将数据写入到Excel

C#操作Excel源代码

面向对象课程设计报告-绘本之家（用c++实现图书管理系统）

JTBC网站内容管理系统jenfy美化版

Qt 5实现串口调试助手 （源工程文件、0积分下载）

【SystemVerilog】路科验证V2学习笔记（全600页）.pdf

AutoSAR标准协议4.2.2

光伏-储能并网系统仿真.rar

XCP协议的规范文档

GD32替换STM32注意事项.pdf

NPPJSONViewer.zip

蓝牙BLE协议中文版.pdf

CANoe通过CAPL脚本实现自动测试

AD20官方中文教程.pdf

完整版 Microsoft.ACE.OLEDB.12.0 驱动下载.rar

电路分析基础第二版PDF电子书免费下载

qt样式表一键生成（花狗Fdog）

最新资源

Qt 5实现串口调试助手（源工程文件、0积分下载）