Privacy Analysis of a Hidden Friendship Protocol | SpringerLink
Skip to main content
Springer Nature Link
Log in

Privacy Analysis of a Hidden Friendship Protocol

  • Conference paper
  • First Online:
Data Privacy Management and Autonomous Spontaneous Security (DPM 2013, SETOP 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8247))

  • 1395 Accesses

Abstract

Friendship relations are a defining property of online social networks. On the one hand, and beyond their cultural interpretation, they sustain access control mechanisms and are privacy-enhancing by limiting the proliferation of personal information. On the other hand, the publicity of friendship links is privacy-invasive. We outline a distributed authentication protocol based on hidden friendship links that has been suggested in earlier work. We then investigate its formalisation and, using model-checking, we carry out a mechanised analysis of the protocol that enables the revision and rectification of the earlier version. We thus demonstrate more generally how model-checking and epistemic logic can be used for the detection of privacy and security vulnerabilities in authentication protocols for social networks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005). http://www.avispa-project.org/publications.html

  2. Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56, 131–133 (1995)

    Article  MATH  Google Scholar 

  3. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8, 18–36 (1990)

    Article  Google Scholar 

  4. Brickley, D., Miller, L.: FOAF Vocabulary Specification 0.97. Namespace document, January 2010

    Google Scholar 

  5. Bonneau, J., Preibusch, S.: The privacy jungle: on the market for data protection in social networks. In: The Ninth Workshop on the Economics of Information Security (WEIS 09), March 2009

    Google Scholar 

  6. Blanchet, B., Smyth, B.: ProVerif 1.85: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial (2011)

    Google Scholar 

  7. Cohen, M., Dam, M.: A complete axiomatization of knowledge and cryptography. In: Proceedings of the 22nd IEEE Symposium on Logic in Computer Science (LICS 2007), 10–12 July 2007, Wroclaw, Poland, pp. 77–88. IEEE Computer Society (2007)

    Google Scholar 

  8. Dam, M.: A little knowledge goes a bit further. invited talk. In: Annual Meeting of Priority Program RS3 – Reliably Secure Software Systems (2011)

    Google Scholar 

  9. Facebook. Updates on your new privacy tools (2009)

    Google Scholar 

  10. Federated Social Web Europe. Federated social architectures and protocols, privacy on the federated social web (2011)

    Google Scholar 

  11. FOAF project. The Friend of a Friend (FOAF) project (2010)

    Google Scholar 

  12. Kammüller, F., Mapp, G., Patel, S., Sani, A.S.: Engineering security pro tocols with modelchecking – radius-sha256 and secured simple protocol. In: International Conference on Internet Monitoring and Protection, ICIMP’12 (2012)

    Google Scholar 

  13. Kammüller, F., Probst, C.W.: Invalidating policies using structural information. In: Workshop on Research in Insider Threats WRIT’13 - IEEE CS Security and Privacy Workshops, SPW (2013)

    Google Scholar 

  14. Lomuscio, A., Qu, H., Raimondi, F.: MCMAS: a model checker for the verification of multi-agent systems. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 682–688. Springer, Heidelberg (2009)

    Google Scholar 

  15. MySpace. Profile 2.0 launch - check it out :) (2008)

    Google Scholar 

  16. Preibusch, S., Beresford, A.R.: Establishing distributed hidden friendship relations. In: Seventeenth International Workshop on Security Protocols (2009)

    Google Scholar 

  17. Stanford Encyclopedia of Philosophy. Epistemic logic (2006)

    Google Scholar 

  18. Zheleva, E., Getoor, L.: To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In: Proceedings of the 18th International Conference on World Wide Web (WWW ’09), pp. 531–540. ACM, New York (2009)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Middlesex University, London, UK

    Florian Kammüller

  2. Microsoft Research, Cambridge, UK

    Sören Preibusch

Authors
  1. Florian Kammüller
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sören Preibusch
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Florian Kammüller .

Editor information

Editors and Affiliations

  1. TELECOM SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. National Technical University of Athens, Athens, Greece

    Georgios Lioudakis

  3. TELECOM Bretagne, Cesson Sévigné, France

    Nora Cuppens-Boulahia

  4. University College Cork, Cork, Ireland

    Simon Foley

  5. IDA Ovens, EMC Information Systems International, Cork, Ireland

    William M. Fitzgerald

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kammüller, F., Preibusch, S. (2014). Privacy Analysis of a Hidden Friendship Protocol. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2013 2013. Lecture Notes in Computer Science(), vol 8247. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54568-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54568-9_6

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54567-2

  • Online ISBN: 978-3-642-54568-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation