Embed Size (px)
Citation preview
POP-SNAQ:Privacy-preserving Open Platform forSocial Network Application Queries
Brian ThompsonHuijun Xiong
Online Social Networks
• Use of OSNs continues to increase
Online Social Networks
• To accommodate growing needs, a greater variety of OSNs has appeared
Motivation
• Need a way to collect info from many different OSNs and provide it to the user in a clean and organized fashion
Must also be careful not to compromise
users’ privacy!
Brian and Huijun at the Concert
• Current Solution:many individual queries
“Where is my friend Huijun?”
FacebookMy
SpaceiLike
Motivation
“Where is my friend Huijun?”
QUERYALL
Motivation
• Our Proposed Solution:cross-network query
POP-SNAQ
Privacy-preserving Open Platform for Social Network Application Queries
• provides a unified framework thatsupports cross-network queries
• uses a common language• employs security measures to
protect users’ privacy
POP-SNAQ
Privacy-preserving Open Platform for Social Network Application Queries
• provides a unified framework thatsupports cross-network queries
• uses a common language• employs security measures to
protect users’ privacy
POP-SNAQ
System architecture
POP-SNAQ
Privacy-preserving Open Platform for Social Network Application Queries
• provides a unified framework thatsupports cross-network queries
• uses a common language• employs security measures to
protect users’ privacy
POP-SNAQ
• OpenSocial– By Google– A common API for
social network apps– “Develop once,
Use Everywhere”– Supported by >20
social networks
POP-SNAQ
Privacy-preserving Open Platform for Social Network Application Queries
• provides a unified framework thatsupports cross-network queries
• uses a common language• employs security measures to
protect users’ privacy
POP-SNAQ
Communication Model
POP-SNAQ
• server-side app means OSNs have control over release of data– filter data before releasing– limit output to public profile info– “Free Input, Selective Output”
• two kinds of filtering1) based on user preferences2) based on social network preferences
POP-SNAQ
• text-to-image conversion– performed server-side– built into communication protocol
• open source implementationsalready available– GD library
imagettftext()• protects against large-scale
data harvesting attacks
• To evaluate our project, we compareit with an existing system:
Analysis of POP-SNAQ
Facebook Connect
Facebook Connect
• similar platform to Facebook Apps• allows information sharing between
Facebook and external websites• enables external websites to
access Facebook’s user database• potential websites must first be
reviewed and approved by Facebook
THE BATTLE
POP-SNAQFacebook Connect
BATTLE 1: Utility
• direct access to user database
• access all public profile info
• two-way communication
• single-network solution
• filtered access to user database
• apps can use private info too!
• one-way communication
• cross-network solution
POP-SNAQFacebook Connect
TIE!
BATTLE 2: Openness
• approve apps after careful inspection
• look into every submission. . . eventually
• applications are automatically approved
• accept every submission immediately
POP-SNAQFacebook Connect
POP-SNAQ WINS!
BATTLE 3: Privacy
• privacy enforced by policies
• manually check for data abuse
• external website controls data flow to users
• privacy enforced by technology
• built-in protection against abuse
• social networks control data flow to users
POP-SNAQFacebook Connect
POP-SNAQ WINS!
VICTORY: POP-SNAQ!
POP-SNAQFacebook Connect
VICTORY: POP-SNAQ!
Sounds great!But can it be
true?
Is POP-SNAQ just a dream, or can it
be reality?
Simulation
Hold on to your seats!
Conclusions
• POP-SNAQ is a solution to the problem of performing cross-network queries
• Achieves a balance between providing utility and protecting users’ privacy
• Improves on existing solution of Facebook Connect
• Future work: Requires implementation of extended OpenSocial API
Questions?
