Online social networks (OSNs) suffer from various security and privacy problems. The main source of the security problems is the central service provider that observes users' data and relationships. Distributed OSN (DOSN) is an alternative approach where users control their data without having any central service provider. In DOSNs, for the sake of data availability, users replicate or cache data in other users of the OSN. The replica nodes are indeed another kind of service provider in a small scale and with a local view. Therefore, even though decentralization removes the global view of the single provider, it results in having several small ones. By this claim, centralized and distributed OSNs have several common security concerns. Although there exist prior studies discussing and classifying security issues, a fine grained classification of various state-of-the-art solutions is not available. In this paper, we focus on the data privacy, data integrity, and secure social search solutions for centralized and distributed OSNs. Furthermore, we discuss open security problems and concerns, that can be used as future research directions.
Services provided as free by Online Social Networks (OSN) come with privacy concerns. Users' information kept by OSN providers are vulnerable to the risk of being sold to the advertising firms. To protect user privacy, existing proposals utilize data encryption, which prevents the providers from monetizing users' information. Therefore, the providers would not be financially motivated to establish secure OSN designs based on users' data encryption. Addressing these problems, we propose the first Privacy Preserving Group-Based Advertising (PPAD) system that gives monetizing ability for the OSN providers. PPAD performs profile and advertisement matching without requiring the users or advertisers to be online, and is shown to be secure in the presence of honest but curious servers that are allowed to create fake users or advertisers. We also present advertisement accuracy metrics under various system parameters providing a range of security-accuracy trade-offs.
Despite the large number of privacy-preserving aggregation protocols in the Smart Grid, there is no common methodology for evaluating and comparing their privacy guarantees. Protocol discussion often lacks a formal evaluation of the proposed privacy guarantees. In order to transfer the wellestablished formal methodology of game-based proofs to the Smart Grid domain, in this paper, we present (i) a game-based privacy definition which addresses the privacy requirement to be captured in an aggregation protocol (the definition may be used or extended for other protocols); (ii) we exemplify our game-based proof technique for two aggregation protocols, and (iii) we provide a novel and compact way to visualize and easily compare the privacy guarantees of different protocols. We employ two sample protocols that reflect the basis of the most common approaches currently found in the energy aggregation literature. In summary, we contribute a guideline on how to conduct formal evaluations for protocol developers as well as an easy-to-understand way to assess the privacy guarantees of different aggregation protocols for non-experts.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.