Abstract:
The Online Social Network (OSN) facilitates users’ openness to a wider audience and
social circles, which was not possible before its invention. However, this freedom of
social expression and sharing of personal information may lead to violate the privacy
of an individual and content. OSN has issue of privacy protection, which can be data
about a user or the contents shared by user, especially in a group communication. The
primary objective of this research work is to protect the privacy of the contents that are
shared within the group. In general, OSN’s group communication can be divided into
Open Group and Closed Group. In an Open Group, the contents are shared among the
group members and further sharing is allowed. On the other hand, in Closed Group
the contents are shared among the group members only. In Open Group, the problem
with OSN is that once the content is shared, the data owner or co-owner has no control
over its further distribution. Thus we provide a framework for collaborative content
sharing which transfers the control of data dissemination from the service providers to
data owner or co-owner. In the proposed framework, an Access Management Server
(AMS) is introduced as a middleware to interact with the OSN server and manages users.
The AMS encrypts the content before uploading to the OSN server and creates secret
shares of the encryption key that can be used for the authorization of a co-owner to the
content. Similarly, further sharing of content with other users (Viewers) is allowed with
the consent of threshold number of co-owners provided by the data owner. In Closed Group, the content is shared within the group members only, and no further sharing is
allowed. The group communication can be secured using the cryptographic techniques,
but group key management is a problem, especially in case of untrusted server. This
work provides, a Scalable Group Key Management Protocol (SGKMP) to generate the
shared group key and its procedure for modification in case a user leaves or joins the
group. The key setup phase of the proposed protocol requires two rounds to complete
it irrespective of group size, in contrast to the existing protocols that need n rounds to
achieve it, where n is the total number of users in the group. Similarly, the protocol
is scalable enough to update key by even a single group member without involving all
group members.