1 / 11

Persona: An Online Social Network with User-Defined Privacy

Persona: An Online Social Network with User-Defined Privacy. Randy Baden, Adam Bender, Neil Spring, Bobby Bhattacharjee, Daniel Starin. Contents . Problem Goals Glossary Group Key Management Applications. Problem. Service Provider cannot be completely trusted

asa
Télécharger la présentation

Persona: An Online Social Network with User-Defined Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Persona: An Online Social Network with User-Defined Privacy Randy Baden, Adam Bender, Neil Spring, Bobby Bhattacharjee, Daniel Starin

  2. Contents • Problem • Goals • Glossary • Group Key Management • Applications

  3. Problem • Service Provider cannot be completely trusted • The AC mechanism provided by SP is not enough • Traditional PKI methods needs many copies • Users prefer decentralized ways

  4. Goals • Encrypt by group without many copies • Precise Group control mechanism • Groups created by one user should be available for use, both in enc/dec by friends. • Decentralized structure • Can be added onto existing applications

  5. Glossary • APK: ABE public key • AMSK: ABE master secret key • ASK: ABE secret key • Access structure: a logical expression over attributes • TPK: Traditional public key • TSK: Traditional secret key (private key) • SS: storage service

  6. Group Key Management • Data is encrypted with APK, any user could retrieve the data, but can decrypt it only if he’s a member of the group. • Each Persona user is identified by a single TPK, and stores their encrypted data in storage service. Users exchange TPK and SS locations out of band.

  7. Primitives • DefineRelationship: add individuals to a group DefineRelationship(u1; attrs; u2) u1: A = ABEKeyGen(u1.AMSK , attrs) u1: C = TEncrypt(u2.TPK, A) u1: u1.SS.put(H(u2.TPK), C) u2: u1.SS.get(H(u2.TPK))

  8. Primitives • DefineTransitiveRelationship : allows a user Alice to define groups based on a group defined by another user, Bob. DefineTransitiveRelationship(u1, Bob.APK, AS, attrs) u1: A = ABEKeyGen(u1.APK, attrs) u1: C = ABEEncrypt(APK, A, AS) u1: u1.SS.put(H(AS, APK), C)

  9. Primitives • AssignRightsToIdentity(u1, rights, TPK, resource r, owner o) u1: o.chACL(r, TPK, rights)

  10. Primitives • AssignRightsToGroup AssignRightsToGroup(u1, rights, AS, r, o) u1: (TPK;TSK) = TKeyGen() u1: C = ABEEncrypt(u1.APK, (TPK;TSK), AS) u1: u1.SS.put(H(AS, APK), C) u1: AssignRightsToIdentity(u1, rights, TPK, r, o)

  11. Application • Private user data is encrypted with a symmetric key, the symmetric key is encrypted with an ABE key of a group.

More Related