xbook: redesigning privacy control in social …...contractual and technical steps to restrict...
TRANSCRIPT
![Page 1: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/1.jpg)
xBook: Redesigning Privacy Control in Social Networking PlatformsKapil Singh, Sumeer Bhola and Wenke Lee
![Page 2: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/2.jpg)
2
Social networking is growing…
![Page 3: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/3.jpg)
3
Privacy concerns are growing…
• More personal data being fed to social networks
![Page 4: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/4.jpg)
4
Privacy concerns are growing…
• More personal data being fed to social networks
Op-Ed: Post a photo, wear a pirate hat on myspace, and say goodbye to your career
![Page 5: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/5.jpg)
5
Privacy concerns are growing…
• More personal data being fed to social networks
Mayor in MySpace photo flap asked to resign
Op-Ed: Post a photo, wear a pirate hat on myspace, and say goodbye to your career
![Page 6: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/6.jpg)
6
Privacy concerns are growing…
• More personal data being fed to social networks
Hoover Police officers arrest Facebook burglary suspects
Mayor in MySpace photo flap asked to resign
Op-Ed: Post a photo, wear a pirate hat on myspace, and say goodbye to your career
![Page 7: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/7.jpg)
7
Social Networks as Platforms
• Social networks now act as programming platforms: third party applications.
• Integration with the platform– Set of APIs allow an application to have access to user
content and integrate into user’s profile
![Page 8: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/8.jpg)
8
Social Platform Architecture
Trusted domain Application
![Page 9: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/9.jpg)
9
Social Platform Architecture
No control over who can develop and deploy an application.No control over who can develop and deploy an application.
Trusted domain Application
![Page 10: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/10.jpg)
10
Social Platform Architecture
No control over who can develop and deploy an application.No control over who can develop and deploy an application.
Minimal or no control on what these applications can access.Minimal or no control on what these applications can access.
Trusted domain Application
![Page 11: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/11.jpg)
11
Social Platform Architecture
No control over who can develop and deploy an application.No control over who can develop and deploy an application.
Minimal or no control on what these applications can access.Minimal or no control on what these applications can access.
No control on what an application can do with what it can accessNo control on what an application can do with what it can access..
Trusted domain
External entities (e.g. Ad
agencies)Application
![Page 12: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/12.jpg)
12
Current Affairs: Facebook
![Page 13: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/13.jpg)
13
Current Affairs: Facebook
![Page 14: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/14.jpg)
14
Facebook’s privacy policy is insufficient…
If you, your friends, or members of your network use any third-party applications developed using the Facebook Platform ("Platform Applications"), those Platform Platform Applications may access and share certain information about you Applications may access and share certain information about you with otherswith others in accordance with your privacy settings. You may opt-out of any sharing of certain or all information through Platform Applications on the Privacy Settings page. In addition, third party developers who have created and operate Platform Applications ("Platform Developers"), may also have access to your personal information (excluding youmay also have access to your personal information (excluding your r contact information) if you permit Platform Applications to accecontact information) if you permit Platform Applications to access your data.ss your data.Before allowing any Platform Developer to make any Platform Application available to you, Facebook requires the Platform Developer to enter into an agreement which, among other things, requires them to respect your privacy settings and strictly limits their collection, use, and storage of your information. However, while we have undertaken contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot and do not guarantee that all Platform we of course cannot and do not guarantee that all Platform Developers will abide by such agreements. Please note that Developers will abide by such agreements. Please note that FacebookFacebook does not does not screen or approve Platform Developers and cannot control how sucscreen or approve Platform Developers and cannot control how such Platform h Platform Developers use any personal information that they may obtain in Developers use any personal information that they may obtain in connection with connection with Platform Applications.Platform Applications.
If you, your friends, or members of your network use any third-party applications developed using the Facebook Platform ("Platform Applications"), those Platform Platform Applications may access and share certain information about you Applications may access and share certain information about you with otherswith others in accordance with your privacy settings. You may opt-out of any sharing of certain or all information through Platform Applications on the Privacy Settings page. In addition, third party developers who have created and operate Platform Applications ("Platform Developers"), may also have access to your personal information (excluding youmay also have access to your personal information (excluding your r contact information) if you permit Platform Applications to accecontact information) if you permit Platform Applications to access your data.ss your data.Before allowing any Platform Developer to make any Platform Application available to you, Facebook requires the Platform Developer to enter into an agreement which, among other things, requires them to respect your privacy settings and strictly limits their collection, use, and storage of your information. However, while we have undertaken contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot and do not guarantee that all Platform we of course cannot and do not guarantee that all Platform Developers will abide by such agreements. Please note that Developers will abide by such agreements. Please note that FacebookFacebook does not does not screen or approve Platform Developers and cannot control how sucscreen or approve Platform Developers and cannot control how such Platform h Platform Developers use any personal information that they may obtain in Developers use any personal information that they may obtain in connection with connection with Platform Applications.Platform Applications.
![Page 15: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/15.jpg)
15
Facebook applications
• Users need to trust the applications.• Mistakes are made:
– “Top Friends” application allowed access to the profile of anyone using the application.
– “We expect third-party apps to follow the rules the users set” –director at Facebook.
• Deliberate “mistakes” are made:– “Google confirms Adsense ads, security problems in Facebook
applications”
![Page 16: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/16.jpg)
16
Facebook applications
• Users need to trust the applications.• Mistakes are made:
– “Top Friends” application allowed access to the profile of anyone using the application.
– “We expect third-party apps to follow the rules the users set” –director at Facebook.
• Deliberate “mistakes” are made:– “Google confirms Adsense ads, security problems in Facebook
applications”
No enforcement, because it is not possible in the No enforcement, because it is not possible in the current architecture!current architecture!
![Page 17: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/17.jpg)
17
Our Goals
• Provide privacy protection for users’ data in presence of third party applications. – Prevent data leaks out to external entities.– Provide user-user access control (for data flowing through
an application).– Protection of application’s proprietary data.
• No changes should be required on the browser side.• The user should be oblivious to any design changes.
![Page 18: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/18.jpg)
18
Our Solution: xBook
Trusted domain
![Page 19: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/19.jpg)
19
Our Solution: xBook
•• Pull the applications into the trusted Pull the applications into the trusted xBookxBook domain.domain.
Trusted domain (xBook)
![Page 20: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/20.jpg)
20
Our Solution: xBook
•• Pull the applications into the trusted Pull the applications into the trusted xBookxBook domain.domain.
•• Monitor the applications at runtime in the browser.Monitor the applications at runtime in the browser.
Trusted domain (xBook)
![Page 21: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/21.jpg)
21
Our Solution: xBook
•• Pull the applications into the trusted Pull the applications into the trusted xBookxBook domain.domain.
•• Monitor the applications at runtime in the browser.Monitor the applications at runtime in the browser.
•• Allow applications access to any user data, but Allow applications access to any user data, but requirerequire them to them to make use of that data explicit.make use of that data explicit.
Trusted domain (xBook)
Pre-declared access
![Page 22: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/22.jpg)
22
Our Solution: xBook
•• Pull the applications into the trusted Pull the applications into the trusted xBookxBook domain.domain.
•• Monitor the applications at runtime in the browser.Monitor the applications at runtime in the browser.
•• Allow applications access to any user data, but Allow applications access to any user data, but requirerequire them to them to make use of that data explicit.make use of that data explicit.
•• Use information flow techniques to prevent data leaks by the Use information flow techniques to prevent data leaks by the applications.applications.
External entities
Trusted domain (xBook)
X
Pre-declared access
External entities
X
![Page 23: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/23.jpg)
23
xBook Architecture
xbook Server Cloud
xBookUser data
xBook
xBookxBook platform divided into clientplatform divided into client--side and serverside and server--side. side.
![Page 24: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/24.jpg)
24
xBook Architecture
xbook Server Cloud
xBookUser data
xBook
App AApp A
xBookxBook platform divided into clientplatform divided into client--side and serverside and server--side. side. An application is split into multiple components. An application is split into multiple components.
![Page 25: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/25.jpg)
25
XX
EvilAd network
EvilAd network
xBook Architecture
xbook Server Cloud
xBookUser data
xBook
App AApp A
xBookxBook platform divided into clientplatform divided into client--side and serverside and server--side. side. An application is split into multiple components. An application is split into multiple components. xBookxBook mediates all component communication.mediates all component communication.
![Page 26: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/26.jpg)
26
xBook Application Design
Example ApplicationExample Application• Complete user information to create customized profile.
User profile
![Page 27: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/27.jpg)
27
xBook Application Design
www.horoscope.comwww.horoscope.com
Example ApplicationExample Application• Complete user information to create customized profile.• Birthday to generate daily horoscope.
User profile
horoscope
birthday
![Page 28: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/28.jpg)
28
xBook Application Design
www.horoscope.comwww.horoscope.com
Example ApplicationExample Application• Complete user information to create customized profile.• Birthday to generate daily horoscope.• Address information to generate map.
User profile
maps.google.commaps.google.com
horoscope
birthday
map
address
![Page 29: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/29.jpg)
29
xBook Application Design
www.horoscope.comwww.horoscope.com
Example ApplicationExample Application• Complete user information to create customized profile.• Birthday to generate daily horoscope.• Address information to generate map.
User profile
maps.google.commaps.google.com
horoscope
birthday
map
address
birthday
address
![Page 30: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/30.jpg)
30
Application Lifecycle
UserUser’’s views view xBookxBook viewview
Information provided by applicationmaps.google.comaddressC3
<none>full profileC2
www.horoscope.combirthdayC1
-<none>C0
External EntityDataComponent
![Page 31: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/31.jpg)
31
Application Lifecycle
Application’s manifest
UserUser’’s views view xBookxBook viewview
Information provided by application
maps.google.comaddress
www.horoscope.combirthday
External EntityData
maps.google.comaddressC3
<none>full profileC2
www.horoscope.combirthdayC1
-<none>C0
External EntityDataComponent
![Page 32: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/32.jpg)
32
Application Lifecycle
Application’s manifest
UserUser’’s views view xBookxBook viewview
Information provided by application
maps.google.comaddress
www.horoscope.combirthday
External EntityData
maps.google.comaddressC3
<none>full profileC2
www.horoscope.combirthdayC1
-<none>C0
External EntityDataComponent
![Page 33: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/33.jpg)
33
Application Lifecycle
User’s platform policies(eg. Access to friends) Component Labels
Application’s manifest
UserUser’’s views view xBookxBook viewview
Information provided by application
maps.google.comaddress
www.horoscope.combirthday
External EntityData
maps.google.comaddressC3
<none>full profileC2
www.horoscope.combirthdayC1
-<none>C0
External EntityDataComponent
![Page 34: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/34.jpg)
34
Client-side Confinement
• Components written in ADsafe– ADsafe: Object capability subset of JavaScript
• Unsafe JavaScript features like global variables, eval, etc. are removed from the subset.
– Prevents the component from having direct access to the DOM elements of the page.
• Access is provided indirectly by providing a capability to the page services.
![Page 35: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/35.jpg)
35
Client-side Confinement – DOM Isolation
C2C2 C1C1
C3C3
User’s application view
![Page 36: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/36.jpg)
36
Client-side Confinement – DOM Isolation
C2C2 C1C1
C3C3
User’s application view
![Page 37: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/37.jpg)
37
Client-side Confinement – EventListeners
Capture Phase
Bubble PhaseTarget
e1
C2C2
C3C3
C1C1
![Page 38: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/38.jpg)
38
C1C1C2C2
Client-side Confinement – EventListeners
Capture Phase Bubble Phase
Target
e1
e2
C3C3
A DOM element belonging to a component can receive an event only if:• It lies in the path from the root of its component to the event’s target.• the event target lies in the same component.
e3
![Page 39: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/39.jpg)
39
Communication with external entities
maps.google.commaps.google.commap
address
address
Symmetric communicationSymmetric communication
C3C3
![Page 40: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/40.jpg)
40
Communication with external entities
maps.google.commaps.google.commap
address
address
ADSADSAD linksAD links
Symmetric communicationSymmetric communication
C3C3
![Page 41: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/41.jpg)
41
Communication with external entities
Problem: C3 cannot communicate with the Ad links.Problem: C3 cannot communicate with the Ad links.
maps.google.commaps.google.commap
address
address
ADSADSAD linksAD links
X
Symmetric communicationSymmetric communication
C3C3
![Page 42: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/42.jpg)
42
Communication with external entities
maps.google.commaps.google.comaddress
address
Asymmetric CommunicationAsymmetric Communication
C3C3
![Page 43: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/43.jpg)
43
Communication with external entities
maps.google.commaps.google.com
ADSADSmap
address
address
Asymmetric CommunicationAsymmetric Communication
C3C3
AD linksAD links
UnconfinedUnconfined
![Page 44: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/44.jpg)
44
Communication with external entities
maps.google.commaps.google.com
ADSADSmap
address
address
Asymmetric CommunicationAsymmetric Communication
C3C3
AD linksAD links
UnconfinedUnconfined
![Page 45: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/45.jpg)
45
Communication with external entities
maps.google.commaps.google.com
ADSADSmap
address
address
Asymmetric CommunicationAsymmetric Communication
C3C3
AD linksAD links
UnconfinedUnconfined
![Page 46: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/46.jpg)
46
xBook on Facebook
• Ported xBook as an application on Facebook.– Facebook data feeds xBook’s user data– Available at http://apps.facebook.com/myxbook– Users need to trust only xBook as an application
![Page 47: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/47.jpg)
47
xBook on Facebook
• Ported xBook as an application on Facebook.– Facebook data feeds xBook’s user data– Available at http://apps.facebook.com/myxbook– Users need to trust only xBook as an application
• Incentives for application developers– User attraction: Applications developed over xBook
provide greater privacy guarantees!– Future potential: Porting xBook as an application on any
social networking platform will automatically port all xBook applications.
![Page 48: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/48.jpg)
48
Applications
• xBook provides APIs for development of third party applications– developed two sample applications to show the
applicability of the APIs.– Overhead: 4.2% (horoscope), 3.1% (utility application)
![Page 49: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/49.jpg)
49
The Labeling System: acts-for hierarchy
T
u0 u1 . . . S(a0, u0)
C(a0, u0)
C(a0)
S(a0)
┴
User labels get priority over application labels
Server-side labels gets priority over client-side labels
![Page 50: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/50.jpg)
50
S0{ S(a{ S(a00): }): }S(aS(a00))
Sample xBook Flows
address
XX
XX
u1 data
u0 dataXX
C0{ }{ }C(aC(a00, u, u00))
Internet
C1{ T: C(a{ T: C(a00, u, u00) }) }C(aC(a00, u, u00))
C3{ T: C(a{ T: C(a00, u, u00), ), googlegoogle }}C(aC(a00, u, u00))
S1{ S(a{ S(a00): ; T: C(a): ; T: C(a00, u, u00) }) }S(aS(a00, u, u00))
app data
{ S(a{ S(a00): }): }
XX
![Page 51: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/51.jpg)
51
XX
XX
C0{ }{ }C(aC(a00, u, u00))
Internet
XX
C3{ T: C(a{ T: C(a00, u, u00), ), googlegoogle }}C(aC(a00, u, u00))
address
S0{ S(a{ S(a00): }): }S(aS(a00))
L(serverL(server, app0), app0)
Sample xBook Flows
u1 data
u0 dataC1{ T: C(a{ T: C(a00, u, u00) }) }C(aC(a00, u, u00)) S1{ S(a{ S(a00): ; T: C(a): ; T: C(a00, u, u00) }) }
S(aS(a00, u, u00))
app data
{ S(a{ S(a00): }): }
XX
L(serverL(server, app0), app0)
L(serverL(server, app0, user0), app0, user0)
L(clientL(client, app0, user0), app0, user0)
![Page 52: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/52.jpg)
52
S0{ S(a{ S(a00): }): }S(aS(a00))
XX
{ S(a{ S(a00): }): }
XX
C0{ }{ }C(aC(a00, u, u00))
Internet
XX
C1{ T: C(a{ T: C(a00, u, u00) }) }C(aC(a00, u, u00))
C3{ T: C(a{ T: C(a00, u, u00), ), googlegoogle }}C(aC(a00, u, u00))
address
XX
Sample xBook Flows
u1 data
u0 data
S1{ S(a{ S(a00): ; T: C(a): ; T: C(a00, u, u00) }) }S(aS(a00, u, u00))
app data
L(serverL(server, app0, user0), app0, user0)
![Page 53: xBook: Redesigning Privacy Control in Social …...contractual and technical steps to restrict possible misuse of such information by such Platform Developers, we of course cannot](https://reader034.vdocument.in/reader034/viewer/2022050606/5fadda163233f11326523e23/html5/thumbnails/53.jpg)
53
Conclusions
• Presented a novel framework for improving user privacy in social networks in view of third party applications.
• xBook allows applications to have access to any user data, while still preventing them from leaking the data.
• A working prototype of the xBook system was developed and is available online.
• Set of APIs are available for developing xBookapplications.