This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Secure Encounter-Based Mobile Social Networks: Requirements, Designs, and Tradeoffs
Nov.-Dec. 2013 (vol. 10 no. 6)
pp. 380-393
Abedelaziz Mohaien, VeriSign Labs., Reston, VA, USA
Denis Foo Kune, Univ. of Minnesota, Minneapolis, MN, USA
Eugene Y. Vasserman, Kansas State Univ., Manhattan, KS, USA
Myungsun Kim, Univ. of Suwon, Suwon, South Korea
Yongdae Kim, Korea Adv. Inst. of Sci. & Technol., Daejeon, South Korea
Encounter-based social networks and encounter-based systems link users who share a location at the same time, as opposed to the traditional social network paradigm of linking users who have an offline friendship. This new approach presents challenges that are fundamentally different from those tackled by previous social network designs. In this paper, we explore the functional and security requirements for these new systems, such as availability, security, and privacy, and present several design options for building secure encounter-based social networks. To highlight these challenges, we examine one recently proposed encounter-based social network design and compare it to a set of idealized security and functionality requirements. We show that it is vulnerable to several attacks, including impersonation, collusion, and privacy breaching, even though it was designed specifically for security. Mindful of the possible pitfalls, we construct a flexible framework for secure encounter-based social networks, which can be used to construct networks that offer different security, privacy, and availability guarantees. We describe two example constructions derived from this framework, and consider each in terms of the ideal requirements. Some of our new designs fulfill more requirements in terms of system security, reliability, and privacy than previous work. We also evaluate real-world performance of one of our designs by implementing a proof-of-concept iPhone application called MeetUp. Experiments highlight the potential of our system and hint at the deployability of our designs on a large scale.
Index Terms:
social networking (online),data privacy,mobile computing,security of data,smart phones,MeetUp,secure encounter-based mobile social network design,encounter-based systems,functional requirements,security requirements,impersonation attack,collusion attack,privacy breaching,system security,system reliability,system privacy,iPhone application,Social network services,Privacy,Mobile communication,Authentication,Mobile radio mobility management,privacy,Social networks,location-based services
Citation:
Abedelaziz Mohaien, Denis Foo Kune, Eugene Y. Vasserman, Myungsun Kim, Yongdae Kim, "Secure Encounter-Based Mobile Social Networks: Requirements, Designs, and Tradeoffs," IEEE Transactions on Dependable and Secure Computing, vol. 10, no. 6, pp. 380-393, Nov.-Dec. 2013, doi:10.1109/TDSC.2013.19
Usage of this product signifies your acceptance of the Terms of Use.