TY - GEN
T1 - Arcana
T2 - 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019
AU - Narasimman, Anirudh
AU - Wang, Qiaozhi
AU - Li, Fengjun
AU - Lee, Dongwon
AU - Luo, Bo
N1 - Publisher Copyright:
© IFIP International Federation for Information Processing 2019.
PY - 2019
Y1 - 2019
N2 - Many popular online social networks, such as Twitter, Tumblr, and Sina Weibo, adopt too simple privacy models to satisfy users’ diverse needs for privacy protection. In platforms with no (i.e., completely open) or binary (i.e., “public” and “friends-only”) access control, users cannot control the dissemination boundary of the content they share. For instance, on Twitter, tweets in “public” accounts are accessible to everyone including search engines, while tweets in “protected” accounts are visible to all the followers. In this work, we present Arcana to enable fine-grained access control for social network content sharing. In particular, we target the Twitter platform and introduce the “private tweet” function, which allows users to disseminate particular tweets to designated group(s) of followers. Arcana employs Ciphertext-Policy Attribute-based Encryption (CP-ABE) to implement social circle detection and private tweet encryption so that access-controlled tweets are only readable by designated recipients. To be stealthy, Arcana further embeds the protected content as digital watermarks in image tweets. We have implemented the Arcana prototype as a Chrome browser plug-in, and demonstrated its flexibility and effectiveness. Different from existing approaches that require trusted third-parties or additional server/broker/mediator, Arcana is light-weight and completely transparent to Twitter – all the communications, including key distribution and private tweet dissemination, are exchanged as Twitter messages. Therefore, with small API modifications, Arcana could be easily ported to other online social networking platforms to support fine-grained access control.
AB - Many popular online social networks, such as Twitter, Tumblr, and Sina Weibo, adopt too simple privacy models to satisfy users’ diverse needs for privacy protection. In platforms with no (i.e., completely open) or binary (i.e., “public” and “friends-only”) access control, users cannot control the dissemination boundary of the content they share. For instance, on Twitter, tweets in “public” accounts are accessible to everyone including search engines, while tweets in “protected” accounts are visible to all the followers. In this work, we present Arcana to enable fine-grained access control for social network content sharing. In particular, we target the Twitter platform and introduce the “private tweet” function, which allows users to disseminate particular tweets to designated group(s) of followers. Arcana employs Ciphertext-Policy Attribute-based Encryption (CP-ABE) to implement social circle detection and private tweet encryption so that access-controlled tweets are only readable by designated recipients. To be stealthy, Arcana further embeds the protected content as digital watermarks in image tweets. We have implemented the Arcana prototype as a Chrome browser plug-in, and demonstrated its flexibility and effectiveness. Different from existing approaches that require trusted third-parties or additional server/broker/mediator, Arcana is light-weight and completely transparent to Twitter – all the communications, including key distribution and private tweet dissemination, are exchanged as Twitter messages. Therefore, with small API modifications, Arcana could be easily ported to other online social networking platforms to support fine-grained access control.
UR - http://www.scopus.com/inward/record.url?scp=85068221355&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85068221355&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-22312-0_19
DO - 10.1007/978-3-030-22312-0_19
M3 - Conference contribution
AN - SCOPUS:85068221355
SN - 9783030223113
T3 - IFIP Advances in Information and Communication Technology
SP - 271
EP - 285
BT - ICT Systems Security and Privacy Protection - 34th IFIP TC 11 International Conference, SEC 2019, Proceedings
A2 - Dhillon, Gurpreet
A2 - Karlsson, Fredrik
A2 - Hedström, Karin
A2 - Zúquete, André
PB - Springer New York LLC
Y2 - 25 June 2019 through 27 June 2019
ER -