Social networking sites have deeply changed the perception of the web in the last years. Although the current approach to build social networking systems is to create huge centralized systems owned by a single company, such strategy has many drawbacks, e.g., lack of privacy, lack of anonymity, risks of censorship and operating costs. These issues contrast with some of the main requirements of information systems, including: (i) confidentiality, i.e., the interactions between a user and the system must remain private unless explicitly public; (ii) integrity; (iii) accountability; (iv) availability; (v) identity and anonymity. Moreover, social networking platforms are vulnerable to many kind of attacks: (i) masquerading, which occurs when a user disguises his identity and pretends to be another user; (ii) unauthorized access; (iii) denial of service; (iv) repudiation, which occurs when a user participates in an activity and later claims he did not; (v) eavesdropping; (vi) alteration of data; (vii) copy and replay attacks; and, in general, (viii) attacks making use of social engineering techniques. In order to overcome both the intrinsic defects of centralized systems and the general vulnerabilities of social networking platforms, many different approaches have been proposed, both as federated (i.e., consisting of multiple entities cooperating to provide the service, but usually distinct from users) or peer-to-peer systems (with users directly cooperating to provide the service); in this work the most interesting ones were reviewed. Eventually, the authors present their own approach to create a solid distributed social networking platform consisting in a novel peer-to-peer system that leverages existing, widespread and stable technologies such as distributed hash tables and BitTorrent. The topics considered in detail are: (i) anonymity and resilience to censorship; (ii) authenticatable contents; (iii) semantic interoperability using activity streams and weak semantic data formats for contacts and profiles; and (iv) data availability.
Distributed Social Platforms for Confidentiality and Resilience / Franchi, Enrico; Tomaiuolo, Michele. - (2013), pp. 114-136. [10.4018/978-1-4666-3926-3.ch006]
Distributed Social Platforms for Confidentiality and Resilience
FRANCHI, Enrico;TOMAIUOLO, Michele
2013-01-01
Abstract
Social networking sites have deeply changed the perception of the web in the last years. Although the current approach to build social networking systems is to create huge centralized systems owned by a single company, such strategy has many drawbacks, e.g., lack of privacy, lack of anonymity, risks of censorship and operating costs. These issues contrast with some of the main requirements of information systems, including: (i) confidentiality, i.e., the interactions between a user and the system must remain private unless explicitly public; (ii) integrity; (iii) accountability; (iv) availability; (v) identity and anonymity. Moreover, social networking platforms are vulnerable to many kind of attacks: (i) masquerading, which occurs when a user disguises his identity and pretends to be another user; (ii) unauthorized access; (iii) denial of service; (iv) repudiation, which occurs when a user participates in an activity and later claims he did not; (v) eavesdropping; (vi) alteration of data; (vii) copy and replay attacks; and, in general, (viii) attacks making use of social engineering techniques. In order to overcome both the intrinsic defects of centralized systems and the general vulnerabilities of social networking platforms, many different approaches have been proposed, both as federated (i.e., consisting of multiple entities cooperating to provide the service, but usually distinct from users) or peer-to-peer systems (with users directly cooperating to provide the service); in this work the most interesting ones were reviewed. Eventually, the authors present their own approach to create a solid distributed social networking platform consisting in a novel peer-to-peer system that leverages existing, widespread and stable technologies such as distributed hash tables and BitTorrent. The topics considered in detail are: (i) anonymity and resilience to censorship; (ii) authenticatable contents; (iii) semantic interoperability using activity streams and weak semantic data formats for contacts and profiles; and (iv) data availability.File | Dimensione | Formato | |
---|---|---|---|
Distributed-Social-Platforms-for-Confidentiality-and-Resilience.pdf
non disponibili
Tipologia:
Documento in Post-print
Licenza:
NON PUBBLICO - Accesso privato/ristretto
Dimensione
512 kB
Formato
Adobe PDF
|
512 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.