|
|
@@ -1,19 +1,20 @@
|
|
|
\chapter{Introduction}
|
|
|
\label{ch:introduction}
|
|
|
+The World Wide Web celebrated its 30th birthday in March 2019. From the beginning in 1989 up to now, the Internet has evolved and has changed the lives of many people forever. Thanks to digitalization, analog processes such as banking and shopping can now be handled conveniently online. Moreover, the ongoing technology improvements catalyze the digitalization and make it possible to be online almost anywhere. With today's smartphones, the functionality known only from computers a few years ago is always at hand. The Internet is also not stopping at the digitalization of social life. Social networks like MySpace and Facebook became popular at the beginning of the 2000s, enabling networking with other users and sharing personal content. Social networks are still very popular today. Facebook, the largest \acf{OSN}, has 2.3 billion active users per month, connecting almost a third of the world's population \cite{facebook2019reportq4}. With the use of such social platforms, the user makes himself a transparent for the service provider of the \ac{OSN}. Personal data is a valuable asset whose protection is of particular importance. By using the platform and sharing this information, the user puts trust in the service provider. Trust that his data will be handled responsibly, stored securely, and not made available to third parties. However, the past has taught us that this is not always the case. Several incidents became public proving the lack of protection and the misuse of personal data.
|
|
|
|
|
|
\section{Motivation}
|
|
|
\label{sec:motivation}
|
|
|
-Numerous scandals about data protection in \acp{OSN} have proven that user data are not sufficiently protected. In March 2018 it became known that the data of 87 million Facebook users were made available to the company Cambridge Analytica \cite{facebook2018cambridge-analytica}. During a security investigation in March 2019, Facebook found that the passwords of several hundred million users were stored unencrypted in plain text \cite{facebook2019passwords}. After an analysis by Google revealed a severe bug in the \ac{API} that allowed the personal data of 52.5 million users to be retrieved, it was decided to close their platform Google+ \cite{google-plus2018shutdown}.
|
|
|
+Numerous scandals about data protection in \acp{OSN} have proven that user data are not sufficiently protected. In March 2018 it became known that the data of 87 million Facebook users were made available to the company Cambridge Analytica \cite{facebook2018cambridge-analytica}. During a security investigation in March 2019, Facebook found that the passwords of several hundred million users were stored unencrypted in plain text \cite{facebook2019passwords}. After an analysis by Google revealed a severe bug in the \ac{API} that allowed the personal data of 52.5 million users to be retrieved, they decided to close their platform Google+ \cite{google-plus2018shutdown}.
|
|
|
|
|
|
However, although these circumstances are well known, users remain mostly loyal to their \ac{OSN}. As a result of the Cambridge Analytica incident, the number of daily Facebook users dropped only briefly in Europe but is in the meantime back on the previous level \cite{facebook2019reportq4}. Alternative \acp{OSN}, which focus on protecting their users' data, regularly fail to get a sufficiently large user base or establish a business model to ensure their operation. For example, the decentralized \ac{OSN} diaspora* has less than 700\,000 users after nine years and the \ac{OSN} OpenBook\footnote{https://www.openbook.social/en/home} needed a second Kickstarter crowdfunding\footnote{https://www.kickstarter.com/projects/1520156881/openbook-privacy-friendly-fun-and-honest-social-ne} round after the first one failed \cite{openbookXXXXkickstarter}.
|
|
|
|
|
|
-The binding to the respective \ac{OSN} is so strong that switching to another, more secure \ac{OSN} does not seem to be an option. To better protect users' data on existing platforms, other ways have to need to be examined. The Doctoral College \enquote{Privacy and Trust for Mobile Users} works on \enquote{Privacy and Trust in Social Networks (Resarch Area B)} \cite{rtgXXXXarea-b}. Especially the subarea B.2 \enquote{Privacy Protection via Hybrid Social Networks} is about hybrid solutions that combine established \acp{OSN} and privacy-preserving approaches \cite{rtgXXXXarea-b2}. As part of these researches, this work is motivated to provide a detailed concept for a hybrid solution to protect the user's data and verify the idea with a prototype.
|
|
|
+The binding to the respective \ac{OSN} is so strong that switching to another, more secure \ac{OSN} does not seem to be an option. To better protect users' data on existing platforms, other ways need to be examined. The Doctoral College \enquote{Privacy and Trust for Mobile Users} works on \enquote{Privacy and Trust in Social Networks (Research Area B)}. Especially the subarea B.2 \enquote{Privacy Protection via Hybrid Social Networks} is about hybrid solutions which propose to add privacy-preserving approaches to established \acp{OSN}. The secure data exchange should be carried out via a \ac{P2P} overlay network. Since data plays a prominent role in the business model of \acp{OSN}, it is necessary to provide anonymized data from the private network to keep the model running. As part of these researches, this work is motivated to provide a detailed concept for a hybrid solution to protect the user's data and verify the idea with a prototype. \cite{rtgXXXXarea-b,rtgXXXXarea-b2}
|
|
|
|
|
|
\section{Contribution}
|
|
|
\label{sec:contribution}
|
|
|
The goal of this work is to define the requirements for a hybrid solution and to prove its feasibility in the form of a prototype. Within the scope of the concept for a hybrid solution, the requirements for the \ac{OSN}, the hybrid client app and the network for secure data exchange have to be defined, and potential problems and limitations have to be identified. Based on these requirements, the elaboration of solution strategies for the implementation is possible.
|
|
|
|
|
|
-For the prototype, an Android application that exchanges private data with other users via a \ac{P2P} network is created. The previously defined requirements should be fulfilled in the best possible way. Both the selection of the \ac{OSN} and the technologies used need to be carefully evaluated.
|
|
|
+For the prototype, an Android application that exchanges private data with other users via a \ac{P2P} network is created. The previously defined requirements should be fulfilled in the best possible way. Both the selection of the \ac{OSN} and the technologies used need to be carefully evaluated.
|
|
|
|
|
|
With the Hybrid \ac{OSN} app for Twitter, we present a solution that allows private data to be shared securely with other users of the same app without complicated configuration. Thus, everyone can protect their privacy and still use the usual features of the \ac{OSN}.
|
|
|
|
