Keeping Information Safe from Social Networking Apps

Bimal Viswanath, Emre Kıcıman, and Stefan Saroiu

Abstract

The ability of third-party applications to aggregate and repurpose personal data is a fundamental privacy weakness in today’s social networking platforms. Prior work has proposed sandboxing in a hosted cloud infrastructure to prevent leakage of user information [22]. In this paper, we extend simple sandboxing to allow sharing of information among friends in a social network, and to help application developers securely aggregate user data according to differential privacy properties. Enabling these two key features requires preventing, among other subtleties, a new“Kevin Bacon” attack aimed at aggregating private data through a social network graph. We describe the significant architectural and security implications for the application framework in the

Web (JavaScript) application, backend cloud, and user data handling.

Details

Publication typeInproceedings
Published inProceedings of the Workshop on Online Social Networks (WOSN'12)
PublisherACM
> Publications > Keeping Information Safe from Social Networking Apps