Elsevier

Information Sciences

Volume 554, April 2021, Pages 15-32
Information Sciences

Secure fine-grained friend-making scheme based on hierarchical management in mobile social networks

https://doi.org/10.1016/j.ins.2020.12.012Get rights and content

Abstract

With the rapid development of mobile social networks (MSNs) and smart mobile devices, mobile users can easily make new social interactions with others via their smartphones. Unfortunately, users enjoy these conveniences at the cost of revealing their personal data. The inevitable release of information conflicts with increasing privacy concerns. To address this problem, we propose a hierarchical management scheme for friend matching using attributes, which aims to facilitate secure friend discovery in MSNs. The scheme involves the establishment of several attribute centers, which perform fine-grained management based on various user attributes. The user attributes are used to generate attribute sub-keys. After meeting the conditions set by the friend-making initiator, the friend-making requester combines the sub-keys into a complete decryption key and decrypts the user data file in the friend-making center. By introducing hierarchical and sorting management of attribute sub-keys, we prevent the crypto key disclosure and single point failure, which usually happens because single-authority management centers are vulnerable to attack. The security and performance of this system were analyzed and evaluated via simulations, and the results indicate that the proposed scheme is CPA-safe.

Introduction

With the rapid development of mobile social networks (MSN) and smart mobile devices [1], [2], users can make new friends by sharing emoticons, photos, activities, and interests in MSN, to expand their social networks. Attribute-based friend discovery is a typical application of mobile networks. By matching personal profiles, users can find potential friends who have the same or similar attributes [3], [4], [5].

However, as the range of applications broadens, massive amounts of real information about users in mobile social networks has been aggregated in terminals. Large e-commerce services which are designed to use terminals, include Buy-Together, Shopify, and other shopping sites, and online dating services like Plent of Fish, and Tinder. Those services are widely used in MSNs, where users share their hobbies and interests to expand their friend circles, leading them to buy the same goods or have a dating. However, those services are generally managed by the service providers through a central server or server cluster, which implements all data matching and sharing operations. Users therefore lose control of their personal data, and security is left to the service provider [6], [7]. The leakage of private data has become a common problem due to malicious attacks or intentional manipulation by service providers. Because of its potential for creating enormous commercial profits, personal information is often collected, mined, and sold by unauthorized users or untrusted cloud service providers (CSPs), resulting in threats and risks [8], [9]. Therefore, research into the provision of better friend attribute matching services which protects personal privacy has become a hot issue in mobile social networks.

Most of the existing schemes rely on a single authorization center to ensure the privacy of users during the process of friend discovery [10], [11], [12]. The authorization center maintains a strict data access policy for privacy protection. However, risks from the use of a single authorization center, such as errors in secret key management, can not be ignored. Once a server is compromised, the attacker can obtain the master key and generate the sub-key of any attribute subset in order to decrypt user data. When all users update their attributes, there is a significant computational overhead to the server. Luo [13] proposed a multi-authority-based scheme for key management, although only one authority is used for one-time key generation. User’s privacy is therefore still under serious threat. To achieve higher efficiency and safety of friend-making, it is desirable to reduce the risks inherent in secret key management, avoid performance bottleneck, and improve fine-grained access control in mobile social networks.

The contributions of this paper are as follows:

  • The setup multiple-authorities to implement key management. Each user’s attributes and private key are associated. Different users have independent private keys, to decrease the risk of leakage caused by multi-user key sharing.

  • A decrease in the workload of each attribute by using a multi-authority system for the management and calculation of keys. Similarly, by eliminating the dependence on one authority, single-point failures are reduced, and the performance bottleneck is eliminated.

  • The achievement of fine-grained access control through the setting of secure access permissions. The data owner configures the access policy of the data before it is uploaded. For different types of personal information, the encryption process is controlled by the access policy, and embedded into the ciphertext. Only a user who satisfies the access policy can decrypt the corresponding ciphertext.

  • The implementation of an anti-collusion mechanism. If a user does not have access to certain data, they will not be able to decrypt the data, even if they combine their keys.

The remaining of this paper is organized as follows. Section 2 describes the preliminaries, while the definition of the system model, framework, and the security model is discussed in Section 3. Section 4 gives a detailed implementation of our scheme for multi-authority systems. Sections 5 Security analysis, 6 Performance evaluation perform security and performance analysis respectively. Section 7 reviews the related work on ABE. The conclusion is made in Section 8.

Section snippets

Preliminaries

In this section, some preliminaries related to bilinear maps, complexity assumptions and Shamir Secret Sharing are presented.

System and security model

In this section, we introduce the working model for our scheme and the associated security hypothesis. We consider privacy leakage to be common issue in current online mobile services, and our approach is focuses on effectively and securely making friends.

Proposed scheme

The scheme is based on Ciphertext-Policy Attribute-Based Encryption (CP-ABE), as described by Waters, based on cyclic groups of prime order. It consists of four phases: system initialization, key generation, data encryption, and data decryption. The Flow-Process Diagram of the process for making friends is shown in Fig. 2.

Security analysis

In this section, we describe the security analysis of our scheme. In current MSNs, malicious attacks create similar property sets to cheat normal users, and even service providers are engaged to recommend products by matching users’ interests [16], [17]. Our proposed scheme divides a user’s attribute set into different parts, and processes them using a hierarchical management system, which can effectively address the privacy issues.

Definition. If the adversary A cannot win the game with a

Performance evaluation

In this section, we describe the performance analysis of our scheme. We also compare it with other approaches.

Related works

Many researchers have already put forth a lot of works regarding security and privacy protection in mobile social networks. In [37], [38], [33], a Trusted Third-Party (TTP) was introduced to ensure security and privacy during the friend discovery process, but a single TTP may produce a single point of failure and performance bottleneck. Moreover, the TTP is responsible for the management of all secret keys of all users, which is a key management risk.

The solution in [39], [40], [41] does not

Conclusion

In the mobile social network, privacy protection should be another most crucial issue except performance. Especially in friend-making services, we need to maximize the contact and communication among the users but minimize the privacy disclosure of the users’ information. Our work proposed a secure fine-grained friend-making scheme to achieve secure friend-making. We configured multi-authorization centers and leveraged attribute-based encryption/decryption methods to enhance the security of

CRediT authorship contribution statement

Lei Zhou: Conceptualization, Methodology, Data curation, Writing - original draft. Entao Luo: Visualization, Investigation, Project administration. Guojun Wang: Supervision, Validation, Funding acquisition. Shui Yu: Writing - review & editing.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

References (49)

  • Yuanyuan He et al.

    Achieving secure and accurate friend discovery based on friend-of-friend’s recommendations

  • Kun Xie et al.

    Bloom-filter-based profile matching for proximity-based mobile social networking

  • Zhang Shaobo et al.

    A trajectory privacy-preserving scheme based on a dual-k mechanism for continuous location-based services

    Information Sciences

    (2020)
  • Dacheng Meng et al.

    A privacy-preserving multi-authority attribute-based encryption approach for mobile healthcare

  • Adi Shamir

    How to share a secret

    Communications of the ACM

    (1979)
  • Amit Sahai et al.

    Fuzzy identity-based encryption

  • Lin Luo et al.

    A context-aware smart-call-center solution: Improving customer service for online games

    IBM Syst. J.

    (2006)
  • Andrea De Salve et al.

    A logical key hierarchy based approach to preserve content privacy in decentralized online social networks

    IEEE Trans. Dependable Secur. Comput.

    (2020)
  • Lotfi El Hafi et al.

    System for augmented human-robot interaction through mixed reality and robot training by non-experts in customer service environments

    Adv. Robot.

    (2020)
  • Yin Zhang, Yongfeng Qian, Di Wu, M. Shamim Hossain, Ahmed Ghoneim, Min Chen, Emotion-aware multimedia systems security,...
  • Ling Cheung et al.

    Provably secure ciphertext policy abe

  • Keita Emura et al.

    A ciphertext-policy attribute-based encryption scheme with constant ciphertext length

  • Zhibin Zhou et al.

    On efficient ciphertext-policy attribute based encryption and broadcast encryption

  • Javier Herranz et al.

    Constant size ciphertexts in threshold attribute-based encryption

  • Cited by (7)

    • A smart access control mechanism based on user preference in online social networks

      2023, Concurrency and Computation: Practice and Experience
    • A Privacy Protection Scheme Based on Attribute Encryption in Mobile Social Networks

      2023, Dianzi Yu Xinxi Xuebao/Journal of Electronics and Information Technology
    • Towards Secure Bilateral Friend Query with Conjunctive Policy Matching in Social Networks

      2022, Proceedings - 20th IEEE International Symposium on Parallel and Distributed Processing with Applications, 12th IEEE International Conference on Big Data and Cloud Computing, 12th IEEE International Conference on Sustainable Computing and Communications and 15th IEEE International Conference on Social Computing and Networking, ISPA/BDCloud/SocialCom/SustainCom 2022
    • Research on Computer Network Security Protection System Based on Level Protection in Cloud Computing Environment

      2021, 2021 IEEE International Conference on Advances in Electrical Engineering and Computer Applications, AEECA 2021
    View all citing articles on Scopus
    View full text