|
@@ -6,24 +6,22 @@ With regard to the functional requirements previously defined in Chapter \ref{se
|
|
|
\subsubsection{Standard Functionality}
|
|
\subsubsection{Standard Functionality}
|
|
|
As part of this work, a prototype with limited functionality was created. Accordingly, numerous functionalities, such as the direct messaging system, notifications, the posting of images, gifs, videos or surveys, and much more are not implemented. However, it was considered that the prototype implements all essential functionalities so that the basic use of Twitter is possible. These basic functions include displaying the home feed and user feeds (profiles), searching for users and managing the connection (follow, unfollow, mute, block), as well as liking tweets and posting new tweets (incl. reply, retweet).
|
|
As part of this work, a prototype with limited functionality was created. Accordingly, numerous functionalities, such as the direct messaging system, notifications, the posting of images, gifs, videos or surveys, and much more are not implemented. However, it was considered that the prototype implements all essential functionalities so that the basic use of Twitter is possible. These basic functions include displaying the home feed and user feeds (profiles), searching for users and managing the connection (follow, unfollow, mute, block), as well as liking tweets and posting new tweets (incl. reply, retweet).
|
|
|
|
|
|
|
|
-While the majority of the missing functions were deliberately omitted for time reasons, the \ac{API} also sets limits. For this reason, this requirement must be evaluated as not fulfilled. However, due to the limitations of the \ac{API}, it could not have been fully met. While Twitter is an extremely grateful example due to its simple functionality and generous \ac{API}, the limitations of other \acp{OSN} are much more severe. A missing \ac{API} and crawling prohibited by terms of service would make data exchange between a client and the \ac{OSN} virtually impossible.
|
|
+While the majority of the missing functions were deliberately omitted for time reasons, the restricted \ac{API} also sets limits. For this reason, this requirement must be evaluated as not fulfilled. But, due to the limitations of the \ac{API}, it could not have been fully met. While Twitter is an extremely grateful example due to its simple functionality and generous \ac{API}, the limitations of other \acp{OSN} are much more severe. A missing \ac{API} and crawling prohibited by terms of service would make data exchange between a client and the \ac{OSN} virtually impossible.
|
|
|
|
|
|
|
|
\subsubsection{Client-side Solution}
|
|
\subsubsection{Client-side Solution}
|
|
|
Since it is not possible to execute code on the Twitter's servers, no other solution than a client-side approach is possible. Accordingly, all functions are implemented on the client side, and the requirement is fulfilled.
|
|
Since it is not possible to execute code on the Twitter's servers, no other solution than a client-side approach is possible. Accordingly, all functions are implemented on the client side, and the requirement is fulfilled.
|
|
|
|
|
|
|
|
-As described in Chapter \ref{sec:solution-strategy-architecture}, a solution architecture either contains or does not contain additional servers. In the objectives in Chapter \ref{sec:objective}, a solution without additional servers was preferred. However, since GUN requires a relay server to establish the connection between the peers, this self-imposed goal could not be achieved.
|
|
+As described in Chapter \ref{sec:solution-strategy-architecture}, a solution architecture either contains or does not contain additional servers. In the objectives in Chapter \ref{sec:objective}, a solution without additional servers was preferred. Though, since GUN requires a relay server to establish the connection between the peers, this self-imposed goal could not be achieved.
|
|
|
|
|
|
|
|
\subsubsection{Data Sovereignty}
|
|
\subsubsection{Data Sovereignty}
|
|
|
The user can decide for himself whether the data are shared with other users via the private network or the Twitter servers when posting or liking a tweet. Since other functionalities that require data from the user (e.g., information in the profile, direct messages) have not been implemented, at least the prototype fulfills the requirement partly.
|
|
The user can decide for himself whether the data are shared with other users via the private network or the Twitter servers when posting or liking a tweet. Since other functionalities that require data from the user (e.g., information in the profile, direct messages) have not been implemented, at least the prototype fulfills the requirement partly.
|
|
|
|
|
|
|
|
-However, data about user behavior can still be collected. The user is authenticated against the \ac{API} so that his requests can be unambiguously assigned. Using this usage data, Twitter can record which profiles are called up and what the user searches for. This data can also be used to conclude a user's preferences and interests. Hybrid \ac{OSN} offers no protection against this type of data collection.
|
|
+Nevertheless, data about user behavior can still be collected. The user is authenticated against the \ac{API} so that his requests can be unambiguously assigned. Using this usage data, Twitter can record which profiles are called up and what the user searches for. This data can also be used to conclude a user's preferences and interests. Hybrid \ac{OSN} offers no protection against this type of data collection.
|
|
|
|
|
|
|
|
\subsubsection{Authorized Data Access and Encryption}
|
|
\subsubsection{Authorized Data Access and Encryption}
|
|
|
-Private data should be accessible only to those users for whom they are intended. However, they should not be accessible to the service provider. Twitter only distinguishes between public and private profiles. While with public profiles every other Twitter user has access to the profile and the tweets, with private profiles only authorized followers can view tweets.
|
|
+Private data should be accessible only to those users for whom they are intended. But, they should not be accessible to the service provider. Twitter only distinguishes between public and private profiles. While with public profiles every other Twitter user has access to the profile and the tweets, with private profiles only authorized followers can view tweets. By distributing the public key to decrypt the data via the profile, the same user group is granted access to a user's private tweets, which can also see the official Twitter tweets. The additional symmetric encryption of the public key history by the Hybrid \ac{OSN} app ensures that Twitter cannot decrypt the public key history and thus also the private tweets. Therefore, the requirement can be evaluated as fulfilled.
|
|
|
|
|
|
|
|
-By distributing the public key to decrypt the data via the profile, the same user group is granted access to a user's private tweets, which can also see the official Twitter tweets. The additional symmetric encryption of the public key history by the Hybrid \ac{OSN} app ensures that Twitter cannot decrypt the public key history and thus also the private tweets. Therefore, the requirement can be evaluated as fulfilled.
|
|
+The implementation differs from the standard solution for this problem. Typically, data are encrypted with the recipient's public key to ensure that only the recipient can decrypt it with their private key. Though, in the case of Twitter and the public profiles, the recipient circle of a tweet is not known. Accordingly, it is not possible to explicitly encrypt data for a specific recipient.
|
|
|
-
|
|
|
|
|
-The implementation differs from the standard solution for this problem. Typically, data are encrypted with the recipient's public key to ensure that only the recipient can decrypt it with their private key. However, in the case of Twitter and the public profiles, the recipient circle of a tweet is not known. Accordingly, it is not possible to explicitly encrypt data for a specific recipient.
|
|
|
|
|
|
|
|
|
|
An alternative to the implementation in Hybrid \ac{OSN} would be to encrypt data with the symmetrical Hybrid \ac{OSN} key for public profiles and to encrypt data asymmetrically with the public keys of the recipient for private profiles. The advantage would be that users with a public profile would not have to generate keys and the configuration effort would be reduced. A simpler configuration would have a positive effect on the requirement for minimal configuration effort. The disadvantage would be that a user with a private profile and a large number of approved followers would have to calculate the encryption and upload the data for each. This would be in contrast to the requirement to conserve resources.
|
|
An alternative to the implementation in Hybrid \ac{OSN} would be to encrypt data with the symmetrical Hybrid \ac{OSN} key for public profiles and to encrypt data asymmetrically with the public keys of the recipient for private profiles. The advantage would be that users with a public profile would not have to generate keys and the configuration effort would be reduced. A simpler configuration would have a positive effect on the requirement for minimal configuration effort. The disadvantage would be that a user with a private profile and a large number of approved followers would have to calculate the encryption and upload the data for each. This would be in contrast to the requirement to conserve resources.
|
|
|
|
|
|
|
@@ -36,9 +34,7 @@ The requirement for a platform-independent solution contradicts the actual requi
|
|
|
\subsubsection{Anonymized Data for the Service Provider}
|
|
\subsubsection{Anonymized Data for the Service Provider}
|
|
|
Anonymous data from the private network should be shared with Twitter to prevent the service provider's business model from failing. Approximately 87\% (\$\,791 million) of Twitter's revenues in the fourth quarter 2018 were generated by advertisements \cite{twitter2019reportq4}. Thus, the central pillar of Twitter's business model is personalized advertising. Accordingly, data should be of particular interest for Twitter if it is related to a person. Only if Twitter gains knowledge about a user, this knowledge can be used to place targeted advertisements. However, it is precisely this connection between data and user that should be avoided by using Hybrid \ac{OSN}.
|
|
Anonymous data from the private network should be shared with Twitter to prevent the service provider's business model from failing. Approximately 87\% (\$\,791 million) of Twitter's revenues in the fourth quarter 2018 were generated by advertisements \cite{twitter2019reportq4}. Thus, the central pillar of Twitter's business model is personalized advertising. Accordingly, data should be of particular interest for Twitter if it is related to a person. Only if Twitter gains knowledge about a user, this knowledge can be used to place targeted advertisements. However, it is precisely this connection between data and user that should be avoided by using Hybrid \ac{OSN}.
|
|
|
|
|
|
|
|
-As a result, the implementation of the requirement is almost impossible. Even though all data would be transferred to Twitter in an anonymous form for further processing, this data would be entirely worthless for Twitter's business model.
|
|
+As a result, the implementation of the requirement is almost impossible. Even though all data would be transferred to Twitter in an anonymous form for further processing, this data would be entirely worthless for Twitter's business model. In this context, it should be emphasized that the use of the \ac{API} does not result in any advertising being displayed to the user. Twitter therefore deliberately accepts that client applications that use the \ac{API} do not contribute to the generation of profits. Against this background, the implementation of this requirement is questionable although it is an essential aspect in the hybrid \ac{OSN} concept.
|
|
|
-
|
|
|
|
|
-In this context, it should be emphasized that the use of the \ac{API} does not result in any advertising being displayed to the user. Twitter therefore deliberately accepts that client applications that use the \ac{API} do not contribute to the generation of profits. Against this background, the implementation of this requirement is questionable although it is an essential aspect in the hybrid \ac{OSN} concept.
|
|
|
|
|
|
|
|
|
|
In order to meet the request and at least to prove the feasibility of the anonymized data provision, the hashtags used were provided anonymously. Twitter could use this data to improve trend recognition and inform users about current, much-discussed topics. Thus, a full analysis of popular hashtags throughout the system enables precise statements.
|
|
In order to meet the request and at least to prove the feasibility of the anonymized data provision, the hashtags used were provided anonymously. Twitter could use this data to improve trend recognition and inform users about current, much-discussed topics. Thus, a full analysis of popular hashtags throughout the system enables precise statements.
|
|
|
|
|
|
|
@@ -61,7 +57,7 @@ In the context of the publication of the public key history, changes that are vi
|
|
|
The Twitter Developer Terms and the Twitter Terms and Conditions were respected. For example, \ac{API} guidelines do not allow the redistribution of Twitter content. For this reason, when tweeting or quoting tweets over the private network, only their ids are stored, not the entire content. Hence, the requirement is fulfilled.
|
|
The Twitter Developer Terms and the Twitter Terms and Conditions were respected. For example, \ac{API} guidelines do not allow the redistribution of Twitter content. For this reason, when tweeting or quoting tweets over the private network, only their ids are stored, not the entire content. Hence, the requirement is fulfilled.
|
|
|
|
|
|
|
|
\subsubsection{Good User Experience}
|
|
\subsubsection{Good User Experience}
|
|
|
-A good user experience should be achieved by short loading times and understandable and appealing design. The loading times of the private data in Hybrid \ac{OSN} consist of two parts. With GUN, objects of interest must be identified and the data loaded from \ac{IPFS}. In both cases, it has a significant influence on the loading time whether there are enough peers with the searched information in the network. Both systems are designed for short reaction times. However, the loading times cannot be given in figures, since no reliable result could be measured due to the non-reproducible circumstances concerning peer availability.
|
|
+A good user experience should be achieved by short loading times and understandable and appealing design. The loading times of the private data in Hybrid \ac{OSN} consist of two parts. First, objects of interest must be identified with GUN. Then, the data has to be loaded from \ac{IPFS}. In both cases, it has a significant influence on the loading time whether there are enough peers with the searched information in the network. Both systems are designed for short reaction times. However, the loading times cannot be given in figures, since no reliable result could be measured due to the non-reproducible circumstances concerning peer availability.
|
|
|
|
|
|
|
|
There are no objective standards for an understandable and appealing design. The following examples are intended to show how these demands on the user interface were nevertheless met.
|
|
There are no objective standards for an understandable and appealing design. The following examples are intended to show how these demands on the user interface were nevertheless met.
|
|
|
|
|
|
|
@@ -76,12 +72,10 @@ There are no objective standards for an understandable and appealing design. The
|
|
|
\end{itemize}
|
|
\end{itemize}
|
|
|
|
|
|
|
|
\subsection{Quality Goals}
|
|
\subsection{Quality Goals}
|
|
|
-Quality goals, as defined in Chapter \ref{sec:quality-goals}, should motivate developers to write high-quality code that is easy to customize and maintain.
|
|
+Quality goals, as defined in Chapter \ref{sec:quality-goals}, should motivate developers to write high-quality code that is easy to customize and maintain. Concerning the analyzability of Hybrid \ac{OSN}, all modules, classes, methods, and variables were titled with English names. The public methods of the provider classes were documented, and the Clean Code principles were adhered to.
|
|
|
-
|
|
|
|
|
-Concerning the analyzability of Hybrid \ac{OSN}, all modules, classes, methods, and variables were titled with English names. The public methods of the provider classes were documented, and the Clean Code principles were adhered to.
|
|
|
|
|
|
|
|
|
|
With JavaScript, the application is written in a language that ranks on eighth place in the TIOBE Index, which measures the popularity of a programming language \cite{tiobe2019index}. At GitHub, JavaScript leads all statistics \cite{github2018programming-language-stats}. Most new repositories are created for JavaScript projects, and most contributions are written in JavaScript. Due to its popularity, many developers should be able to use the Hybrid \ac{OSN} codebase and find their way around quickly. The interfaces to GUN and \ac{IPFS} have been outsourced to individual providers so that they are interchangeable. Thus, the technology can be easily exchanged.
|
|
With JavaScript, the application is written in a language that ranks on eighth place in the TIOBE Index, which measures the popularity of a programming language \cite{tiobe2019index}. At GitHub, JavaScript leads all statistics \cite{github2018programming-language-stats}. Most new repositories are created for JavaScript projects, and most contributions are written in JavaScript. Due to its popularity, many developers should be able to use the Hybrid \ac{OSN} codebase and find their way around quickly. The interfaces to GUN and \ac{IPFS} have been outsourced to individual providers so that they are interchangeable. Thus, the technology can be easily exchanged.
|
|
|
|
|
|
|
|
-Tests are used to check the proper functioning of the application. For time reasons, this quality goal was neglected for Hybrid \ac{OSN} and thus not achieved. In principle, however, the testing of ionic applications is possible.
|
|
+Tests are used to check the proper functioning of the application. For time reasons, this quality goal was neglected for Hybrid \ac{OSN} and thus not achieved. But, in principle, the testing of ionic applications is possible.
|
|
|
|
|
|
|
|
The source code should be managed as an open source project to increase confidence in the application. Although version management is used with Git and is also centrally managed on the Git server of the Telecooperation Lab group, the code is not freely accessible here. Thus Hybrid \ac{OSN} cannot be considered an open source application.
|
|
The source code should be managed as an open source project to increase confidence in the application. Although version management is used with Git and is also centrally managed on the Git server of the Telecooperation Lab group, the code is not freely accessible here. Thus Hybrid \ac{OSN} cannot be considered an open source application.
|
