Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs

   October 15, 2013    Comments Off on Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs    Posted in: Final year projects

ABSTRACT:
Encounter-based social networks and encounter-based systems link users who share a location at the same time, as opposed to the traditional social network paradigm of linking users who have an offline friendship. This new approach presents challenges that are fundamentally different from those tackled by previous social network designs. In this paper, we explore the functional and security requirements for these new systems, such as availability, security, and privacy, and present several design options for building secure encounter-based social networks. To highlight these challenges we examine one recently proposed encounter-based social network design and compare it to a set of idealized security and functionality requirements. We show that it is vulnerable to several attacks, including impersonation, collusion, and privacy breaching, even though it was designed specifically for security. Mindful of the possible pitfalls, we construct a flexible framework for secure encounter-based social networks, which can be used to construct networks that offer different security, privacy, and availability guarantees. We describe two example constructions derived from this framework, and consider each in terms of the ideal requirements. Some of our new designs fulfill more requirements in terms of system security, reliability, and privacy than previous work. We also evaluate real-world performance of one of our designs by implementing a proof-of-concept iPhone application called Meet Up. Experiments highlight the potential of our system and hint at the deployability of our designs on a large scale.

EXISTING SYSTEM:
We developed a prototype of our design, called MeetUp, which uses visual authentication for encounter information exchange and verification. At the core of our system is a visual authentication scheme that provides authenticity guarantees for users involved in an encounter. Our authentication scheme capitalizes on that people are good at remembering faces but worse at remembering names. Encounter-based networks with visual authentication would play to people’s strengths, allowing anyone who remembers a face to later connect with the “owner” of that face, without the need to remember additional information. MeetUp uses Tor hidden services to provide an anonymous communication channel for the second phase of our protocol. By performing preliminary real world experiments using plausible deployment settings, and considering user feedback, we highlight the end-user usability of our system and its feasibility for deployment at larger scales.
DISADVANTAGES OF EXISTING SYSTEM:
* Encounter-based designs do not consider even basic security and privacy requirements along with functionality and performance.
* They present a dramatically different set of challenges, not the least of which is security and privacy of users and authenticity of the other party in a conversation. Guarantees that are trivial in traditional social networks, such as authenticity (ensuring one is communicating with the desired person), become open problems in encounter-based networks.

PROPOSED SYSTEM:
The main contribution of this paper is an encounter based social network design, our techniques can be employed for a wide range of applications, such as a drop-in replacement for a face-to-face key distribution service for future secure communication, e.g. SPATE, or for privacy-preserving file sharing systems, e.g. OneSwarm. In OneSwarm, untrusted users get their keys from an online key distribution center. Using our design, one may distribute keys to untrusted users based on some shared activity—an encounter. Any application that requires key pre-distribution, such as storage services, private file-sharing systems, private collaboration groups, etc, would benefit from our design in the same way. Another example is a scientific meeting, where some researchers present their work, and others participate in discussions, and no one has time to introduce themselves to everyone. We can employ our encounter-based system for private on-the-fly name and business card distribution—concerte examples are discussed
ADVANTAGES OF PROPOSED SYSTEM:
Ø We examine the extent to which SMILE, a recent state-of-the art design of secure encounter-based social network, meets these requirements, showing that it is vulnerable to many attacks.
Ø We propose a new and generic architecture for encounter-based social networking that greatly differs from the architecture of previously proposed systems and suggest two possible implementations, each striking a balance between performance and security.
Ø We show the feasibility of our designs by implementing a proof-of-concept system— including an iPhone application called MeetUp—conforming to our requirements and evaluating its performance in real world settings using mobile devices
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:

Ø System : Pentium IV 2.4 GHz.
Ø Hard Disk : 40 GB.
Ø Floppy Drive : 1.44 Mb.
Ø Monitor : 15 VGA Colour.
Ø Mouse : Logitech.
Ø Ram : 512 Mb.
Ø MOBILE : ANDROID

SOFTWARE REQUIREMENTS:

Ø Operating system : Windows XP.
Ø Coding Language : Java 1.7
Ø Tool Kit : Android 2.3
Ø IDE : Eclipse
REFERENCE:
Abedelaziz Mohaien, Denis Foo Kune,Member, IEEE,Eugene Vasserman,Member, IEEE, Myungsun Kim, and Yongdae Kim,Member, IEEE “Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs”- IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 1, NO. 8, AUGUST 2013.

  

Comments are closed.