Author:

Keywords:

privacy, security, social networks, applied cryptography

Abstract:

In a modern society highly focused on digital services, online communities, such as Online Social Networks (OSNs) have taken the world by storm, boasting users in the hundreds of millions, mainly by providing easy and reliable channels for dissemination of information, as well as seamless coordination of social activities. At the same time,nbsp;create treasure troves of sensitive information, collecting and processing large amounts of data about the users and their activities, leading to several privacy concerns. Although traditionally motivated by the targeted advertisement based business model, OSNs have also become primary targets of cyberbullying, security breaches, and government (mass) surveillance actions. The users' lack of awareness and little to no control over the content published on OSNs, aligned with the importance of privacy as a human right, makes privacy a crucial problem to be addressed. In this thesis, we propose privacy-enhancing solutions that provide users with more control over the shared content on OSNs, while enforcing privacy by means of practical and efficient cryptographic primitives. Henceforth, we categorize the general privacy problems and define access control based on group definitions. Then, we devise a collaborative sharing scheme that allows to define access control rights on content that is made available on OSNs and that is related to multiple users. Furthermore, we provide information sharing schemes for OSNs, focused on delivering and enforcing privacy as content confidentiality for multiple recipient and group scenarios, such that OSN providers are kept oblivious of the shared content and its intended recipients. In addition, we model the notion of undetectable communication in the context of OSNs, and subsequently design a general covert information scheme that builds on top of any privacy sharing scheme delivering provable undetectability. Finally, we develop a system for browsing OSNs anonymously, while taking advantage of the high-availability storage and communication tools from modern OSNs, while private communication isnbsp;through an external network built upon the social trust delivered by usersnbsp;connections. For each solution proposed in this thesis we develop practical tools demonstrating its efficiency and practical impact. nbsp;