07-conclusion.tex 5.5 KB

1234567891011121314151617181920212223242526272829
  1. \chapter{Conclusions}
  2. \label{ch:conclusions}
  3. In this chapter, we summarize the work that has been done in this thesis. Besides, we describe the main contributions for privacy protection in \acp{OSN} using a hybrid solution. Finally, we give an outlook on how the results of this thesis can be used for further analysis and research.
  4. \section{Summary}
  5. \label{sec:summary}
  6. This thesis first introduced the problems around privacy protection in centralized, well-established \acp{OSN}, and the motivation for this work. Afterward, we provided the relevant background information of software system architectures in general, and in particular for \ac{P2P} networks as well as arising \acp{dApp}. We then presented other approaches trying to increase the user's privacy. To these approaches count extensions which improve the privacy protection during the use of established social networks, decentralized \acp{OSN} including \ac{dApp} \acp{OSN}, which try to serve for better protection by design, and protocols for the communication in distributed networks. Based on the work of the \enquote{Research and Training Group} and their research on \enquote{Privacy Protection via Hybrid Social Networks}, we elaborated a concept for hybrid solutions and defined multiple requirements. Besides, we gave various solution strategies for the implementation of the concept regarding the architecture and the client itself. Then we presented our prototype for Twitter. First, we compared \acp{OSN} and technology and examined their suitability for a proof of concept. Second, we described the architecture and implementation of the Android app. Finally, we discussed to what extent the hybrid \ac{OSN} prototype meets the previously defined requirements including our objectives, the functional and non-function requirements as well as the quality goals. We also analyzed limitations and provided a comprehensive threat model.
  7. \section{Contributions}
  8. \label{sec:contributions}
  9. In the work presented in this thesis, first, we took up the idea of a hybrid \ac{OSN} from the Research and Training group. This idea about an extension for secure and private data exchange in established \acp{OSN} was examined and enriched with precise requirements. These demands involve functional and non-functional requirements, as well as quality goals to ensure a good code quality when implementing. Furthermore, we evaluated the opinions and needs of different stakeholders and discussed restrictions. Conclusive, we presented possible solution strategies.
  10. To prove the feasibility of the hybrid \ac{OSN} concept, we created a unique prototype for Twitter as an Android app. This proof of concept uses the technologies GUN and \ac{IPFS} to provide its users with the possibility of a secure data exchange while still using the default functionality of the \ac{OSN}. We worked out a solution to save data in a flexible, extensible \ac{JSON} format and protect it through the application of symmetrical and asymmetrical encryption algorithms. To the further noticeable features count a user-friendly interface and the avoidance of side effects to other users caused by the use of Hybrid \ac{OSN}. Since the need for configuration was kept on an absolute minimum, everyone is capable of protecting its data by using this app. A dashboard showing the trends in the private network was made to provide the service provider with anonymized data.
  11. Finally, the evaluation of the prototype against the previously defined requirements demonstrated that the concept is feasible. However, it also became clear that not all requirements are completely fulfillable and the application of the concept to other \ac{OSN} may be very challenging.
  12. \section{Future Work}
  13. \label{sec:future-work}
  14. The contributions and the presented results of this thesis provide several possibilities for future work. First, the Hybrid \ac{OSN} prototype app can be further improved by adding more functionality, for example through implementing the direct message system.
  15. While GUN solves the problem of a distributed database, it has various limitations and was furthermore identified as a weak point in the threat model. In future work, either the usage of GUN could be improved, or a better solution for a distributed database could be found and implemented.
  16. Field studies of users using the Hybrid \ac{OSN} app could be made as for future work to validate user acceptance of the solution. By learning from the usage behavior, the app could be further optimized to encourage the use of the Hybrid \ac{OSN} app and also improve the concept of a hybrid solution.
  17. Another possible area for future work can be carried out on the anonymized data sharing with the service provider. In-depth analysis of the service provider's demands and the available private date need to be carried out. It has to be evaluated which kind of anonymized data are worthy for the service provider.
  18. The worked out concept was validated primarily for Twitter. Therefore, an exciting area for future work could be the precise validation for other \acp{OSN}, like Facebook, Instagram or Snapchat. By applying the concept to other \acp{OSN}, the stated requirements could be further refined and thus the overall concept further improved.
  19. Regarding the implementation of hybrid solutions in general, future work could examine how a framework providing the basic functionality of distributed \ac{P2P} extensions may look like. Since they all need to store and retrieve data somehow, basic functions provided via a clean interface by a library could improve the creation of hybrid clients for all any platform.