In recent years, Decentralized Online Social Networks (DOSNs) have been attracting the attention of many users because they reduce the risk of censorship, surveillance, and information leakage from the service provider. In contrast to the most popular Online Social Networks, which are based on centralized architectures (e.g., Facebook, Twitter, or Instagram), DOSNs are not based on a single service provider acting as a central authority. Indeed, the contents that are published on DOSNs are stored on the devices made available by their users, which cooperate to execute the tasks needed to provide the service. A specific form of cooperation is to store the content published by a user on other peers' devices as well, hence dramatically enhancing availability. Consequently, such contents must be properly protected by the DOSN infrastructure, in order to ensure that they can be really accessed only by users who have the permission of the publishers. As a consequence, DOSNs require efficient solutions for protecting the privacy of the contents published by each user with respect to the other users of the social network. This is exactly the focus of this paper. In particular, we investigate and compare the principal content privacy enforcement models adopted by current DOSNs evaluating their suitability to support different types of privacy policies based on user groups. Such evaluation is carried out by implementing several models and comparing their performance for the typical operations performed on groups, i.e., content publish, user join, and user leave. In detail, we show that the join operation incurs a similar cost for all the privacy enforcement models and groups, while for the leave operation performance is greatly affected by the selected solution, which must be evaluated on a case-by-case basis depending on both the type and the activity level of the group--as analytically detailed in our contribution. Further, we also highlight the limitations of current approaches and show future research directions. The provided contributions, other than being interesting on their own, set a blueprint for researchers and practitioners interested in implementing DOSNs, and highlight a few open research directions.
Content privacy enforcement models in decentralized online social networks: State of play, solutions, limitations, and future directions
De Salve A;Mori P;Di Pietro R
2023
Abstract
In recent years, Decentralized Online Social Networks (DOSNs) have been attracting the attention of many users because they reduce the risk of censorship, surveillance, and information leakage from the service provider. In contrast to the most popular Online Social Networks, which are based on centralized architectures (e.g., Facebook, Twitter, or Instagram), DOSNs are not based on a single service provider acting as a central authority. Indeed, the contents that are published on DOSNs are stored on the devices made available by their users, which cooperate to execute the tasks needed to provide the service. A specific form of cooperation is to store the content published by a user on other peers' devices as well, hence dramatically enhancing availability. Consequently, such contents must be properly protected by the DOSN infrastructure, in order to ensure that they can be really accessed only by users who have the permission of the publishers. As a consequence, DOSNs require efficient solutions for protecting the privacy of the contents published by each user with respect to the other users of the social network. This is exactly the focus of this paper. In particular, we investigate and compare the principal content privacy enforcement models adopted by current DOSNs evaluating their suitability to support different types of privacy policies based on user groups. Such evaluation is carried out by implementing several models and comparing their performance for the typical operations performed on groups, i.e., content publish, user join, and user leave. In detail, we show that the join operation incurs a similar cost for all the privacy enforcement models and groups, while for the leave operation performance is greatly affected by the selected solution, which must be evaluated on a case-by-case basis depending on both the type and the activity level of the group--as analytically detailed in our contribution. Further, we also highlight the limitations of current approaches and show future research directions. The provided contributions, other than being interesting on their own, set a blueprint for researchers and practitioners interested in implementing DOSNs, and highlight a few open research directions.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.