Privacy and Security Issues In Mobile Social Networking and in Modern Shopping Experience

Download Full-Text PDF Cite this Publication

Text Only Version

Privacy and Security Issues In Mobile Social Networking and in Modern Shopping Experience

Pooja.T.P.

Department of Information science and Engineering BE 3rd year

Moodbidri, India

Sushmita.V

Department of Information science and Engineering BE 3rd year

Moodbidri, India

Abstract Future shopping applications collect basic profile information of the person and provide great service on recommending books, electronics and other products based on user profile, previous shopping history and relationships between the items categories derived from purchases of all the users on the site. The mining of user's profile greatly enhances a person's shopping experience on modern online shops. We have compared two tailor made protocols with our proposed system. The main purpose of this paper is solving the privacy and security issues.

KeywordsSocial Networking, Persons Identity, Privacy & Security Issues, GPS, Near Field Commpunications, Reccomendation Engine

  1. INTRODUCTION

    A social network is a social structure made of nodes (which are generally individuals or organizations) that are tied by one or more specific types of interdependency, such as values, visions, ideas, financial exchange, friendship, relationships, kinship, dislike, conflict or trade. Social network analysis views social relationships in terms of nodes and ties. Nodes are the individual actors within the networks, and ties are the relationships between the actors. The resulting graph-based structures are often very complex. There can be many kinds of ties between the nodes. Research in a number of academic fields has shown that social networks operate on many levels, from families up to the level of nations, and play a critical role in determining the way problems are solved, organizations are run, and the degree to which individuals succeed in achieving their goals [9]. Social Applications Powered by Mobile/PSN All social applications are called as social network applications, if we are thinking of building a social application then that means we are trying to build a social network. A social network is a collection of people bound together through a specific set of social relations which means connection between people that permits the exchange of information. One popular use for this new technology is social networking between businesses. Companies have found that social networking sites such as Facebook and Twitter are great ways to build their brand image. Companies are able to drive traffic to their own online sites while encouraging their consumers and clients to have discussions on how to improve or change products or services. Social networks are also being used by teachers and students as a communication tool. Because many students are already using a wide-range of social networking sites, teachers have begun to familiarize themselves with this trend and are now using it to their advantage. Teachers and professors are doing everything from creating chat-room forums and groups to extend classroom discussion to posting

    assignments, tests and quizzes, to assisting with homework outside of the classroom setting. Social networks are also being used to foster teacher-parent communication. These sites make it possible and more convenient for parents to ask questions and voice concerns without having to meet face-to-face. The use of online social networks by libraries is also an increasingly prevalent and growing tool that is being used to communicate with more potential library users, as well as extending the services provided by individual libraries. A confluence of advancements of mobile phones, sensors and Internet brings many opportunities to enhance our experiences in everyday tasks and functions. Social networks also depict the relationships between various users of the networks such as members list of their friends and relations. Since people spend more hours on the social network, profiles can be mined using the stated profile, usage patterns, group patterns and many more. It is possible for individuals and marketers to get benefited from the information, provided the privacy and data security concerns are addressed.

  2. PRIVACY ISSUES

    The information that is leaked online could be used against them. Some examples are listed below: If you are having an online conversation with your friend(s) or with other members then you should be aware of conversation, because the Internet keeps a permanent record of what we say to each other. Social networks introducing geo-location services a record of where we go and how long we spend there will also be maintained and that can be seen by countless others and that a record will be kept somewhere on the Internet. Thieves will keep the track of each person and family members, sometime it proves to be harmful to them. Certain information could be used in cyber bullying and/or cyber stalking. There is also the threat posed in the real world from your activities online, for example updating your social network profile that you are on vacation for two weeks could be used by criminals to target empty houses to be burgled, especially if you have your home address published on the site and regularly update people on the latest electronic gadget like android phones that you have purchased [13]. Most people often use non-secure passwords and base them on items typically close to them like names of family members, date of birth etc. That information could be used by criminals to guess your password and compromise your social network account to spam your contacts. If you use the same password across all your systems such as banking and email then they could be compromised too. Social networks are just another outlet for humans to interact and share their views. One should look at social networks as opportunities to interact with one another or other people locally or globally and not as threats. In order to

    be an active user of social networks one has to make many friends and business contacts online [12][15]. If people are not anonymous on these social networks then their value is severely determined. It is not possible take someone's opinion or recommendations on board if they are anonymous. Anonymity, does not necessarily equate to privacy. Unless we have other reasons to be anonymous, e.g. accessing sites from within a totalitarian regime, then we do not think of using software solutions to help with anonymity is the answer

  3. RELATED WORK

    Before WhozThat allows us to build local context-aware applications and services. These services listen to the announced IDs and adapt their behavior to the people that are located near the service. Consider uses of social data in applications like a video/musical juke box where social data can be used to play or suggest movies and titles to the user based on an individual's or the group's interests. In this case, profile data is submitted to the juke box and the juke box determines the list of songs/video suited to the audience. Social data here can be anonymised in case a person/group wants to remain unidentified [4].

    In the shown figure illustrates SocialFusion's multi-stage computing framework. The first stage collects together data

    from three major classes of data input streams, namely social networks, mobile phones, and sensor networks. The second stage incorporates inference functionality whose task is to fuse the data and thus derive higher-level contextual meaning in the form of descriptors from the raw data. These descriptors, combined with the original data, are then supplied to a third stage consisting of a recommendationengine that decides what kind of context-aware action to take [5]. Suggested Works: WhozThat integrates existing social networks like MySpace, Facebook with mobile phones to provide context-aware audio, but it does not integrate with any sensors to provide more efficient and fully context-aware inference and recommendation in ubiquitous computing environments. Such kind of protocol services are for shorter range and not for longer range services and apart from risk on data security and persons identity. However, if the user decides to buy the album or video at the kiosk or even swipe the store card during a different action at the kiosk, then data is no longer anonymous. The credit card/store card information provided will now uniquely identify the user and annonymised profile that was received from the social network is now associated with the card. Privacy of profile data is forever lost. Similarly, providing anonymised data and then purchasing in any shopping scenario would essentially give away social data.

  4. UPRIVACY AND SECURITY ISUES IN WHOZTHAT/SOCIALFUSION

    Despite safeguards protecting both location and data privacy, a user's anonymity may still be compromised by revealing context-aware recommendations in public settings. Even though a participating user may have taken precautions in each of his individual data streams to independently shield certain information from others, e.g. financial or relationship status, the correlative power of SocialFusion in integrating multiple information sources may reveal in its recommendation potentially damaging or embarrassing information[5][11]. Social Fusion uses a slightly different approach to K- anonymizing the data. Given a partial release of data from a private data set, wherein all data is quasi-identical, the released data must map to at least k distinct sets of individuals within the data set. We have made progress on developing a new approach to K-anonymize diverse streams to preserve individual privacy. Prior work in K-anonymity seems unsuitable for context-aware mobile social networks because it assumes access to the entire data set, makes wrong assumptions about quasi-identifiers, or assumes that data may be distorted or generalized and still useful. For example, the algorithms may distort the data in some manner, either by introducing a random perturbation or transformation into the social graph, or by generalizing or "fuzzifying" the information. Such generalization may distort context-aware recommendations and output actions. We seek to develop a new class of Kanonymity algorithms that selectively withhold data, thereby preserving both the K-anonymity of the released data and its accuracy. We are thus developing K-anonymity algorithms, which meet our new K-anonymity definition using optimized or selective holding [14][15]. Peer-to-peer mobile social network systems, like WhozThat and SocialAware, exchange users social network identifiers between devices using short-range wireless technology such as Bluetooth. In contrast to these systems, a mobile device in client-server mobile social network systems,

    such as Brightkite and Loopt, notifies a centralized server about the current location of the device (available via GPS, cell-tower identification, or other mechanisms) [6]. By querying the server, mobile devices in these client-server systems can find nearby users, information about these nearby users, and other items of interest. Direct Anonymity Issues: The information exchange model of the mobile social network systems discussed previously provides little protection for the users privacy. These systems require the user to allow access to his or her social networks profile information and at the same time associate that information with the users identity. For instance, Facebook applications generally require the user to agree to give the application access to his/her information through Facebooks API, intrinsically tying such information to the users identity [5]. In the WhozThat and SocialAware systems, anyone near the mobile user can use a Bluetooth device to snoop a users shared social network ID or eavesdrop on data sent openly over a wireless connection, since all data transmitted over the wireless connection is sent in the clear, although relatively weak provisions for link-layer encryption exist [17]. The Indirect or K-Anonymity Problem: One worthwhile challenge is that of supporting complex mobile social networking applications with personal information without compromising the anonymity of the users providing the information. Even if the user does not directly provide his/her identification information, the users provided social network information (such as preferences) may be mapped back to the users identity through the social network site or information cached within mobile and stationary devices in the environment. The indirect anonymity problem exists when a piece of information indirectly compromises a users identity. An example of this is when a piece of information unique to a user is given out, such as a list of the users favorite movies, this information might then be easily mapped back to the user. The K-anonymity problem occurs when n pieces of information or n sets of related information can be used together to uniquely map back to a users identity. Furthermore, if a set of information can only be mapped to a set of k or fewer sets of users, the users anonymity is still compromised to a degree related to k. The challenge is to design an algorithm that can decide what information should and should not be given out in order to guarantee the anonymity of associated users. The abundance and diversity of social network information makes this privacy guarantee more complicated than it may initially appear. More formally, the particular problem is to find what personal information can be shared such that this information cannot be used to associate the users identity with a specific context [1].

  5. OUR PROPOSED SYSTEM

    In the shown figure mobile is an intermediary device between social network shopping application i.e. amazon.com shopping application.

    First application of this tailor made proposed system contacts the social network that is facebook and gets friends profile and secondly this our system detects those friends location who are around him/her using GPS. Third step is to detecting group and retrieves social friend's profile through social network and match friends preference with shopping application and finally after matching the products list it will be displayed on the mobile personal computer or cell phone as recommended list. In order to avoid loss of anonymity, we propose that the mobile with its computing power, connectivity and display act as the intermediary for the social data and store's products and offers. In this case, mobile will receive the social data and store offers. Mobile at this time, can query of additional categorization for a given product from the store, if required. The Store already has this information. Additionally, mobile can also store historical information locally and use that piece of information in making decisions. Mobile can now compute the matching offers/interests. This computation is not insensitive since the profile is already synthesized on the social network. This scheme is also applicable in the group dynamics.

    WhoZ That & Social Fusion

    Our Proposed Solution

    Server can detect the

    group provided the

    location updates are

    available. It uses fuzzy

    Group detectio

    algorithms collating location sensor and social data to do group detection. However, this requires that location has

    In our proposed project, group detection is done on the mobile

    to be updated on the

    server thus leading to

    leakage of location data to

    a third party [2][4]

    Reads data from Social

    Mobile is

    Networks/Service

    intermediary

    provider like

    device social data,

    Netflix/IMDB. K-

    database and

    anonymised data in server

    recommendation

    [1]. Homogeneity Attack:

    engine. Group

    Privacy

    k-Anonymity can create

    detection and

    groups that leak

    preference

    information due to lack of

    aggregations are

    diversity in the sensitive

    done on the

    attribute [1].

    mobile. Since,

    Background Knowledge

    mobile is an

    Attack: k-Anonymity

    intermediary

    WhoZ That & Social Fusion

    Our Proposed Solution

    Server can detect the

    group provided the

    location updates are

    available. It uses fuzzy

    Group detectio

    algorithms collating location sensor and social data to do group detection. However, this requires that location has

    In our proposed project, group detection is done on the mobile

    to be updated on the

    server thus leading to

    leakage of location data to

    a third party [2][4]

    Reads data from Social

    Mobile is

    Networks/Service

    intermediary

    provider like

    device social data,

    Netflix/IMDB. K-

    database and

    anonymised data in server

    recommendation

    [1]. Homogeneity Attack:

    engine. Group

    Privacy

    k-Anonymity can create

    detection and

    groups that leak

    preference

    information due to lack of

    aggregations are

    diversity in the sensitive

    done on the

    attribute [1].

    mobile. Since,

    Background Knowledge

    mobile is an

    Attack: k-Anonymity

    intermediary

  6. COMPARISION TABLE

WhoZ That & Social Fusion

Our Proposed Solution

does not protect against attacks based on background knowledge [1].

device, no data is sent to server. Therefore, data is more secured and identity of the person remains anonymised.

Recomm endation

Social-Fusion organizes input data streams into three major classes, namely mobile data from smartphones, sensor data from fixed sensor networks, and social networking data from online social networks. Since all layers are integrated or fussed into server all tasks like preference matching and execution of

recommendation engine takes place in the server

i.e. SocialFusion system [2]

Recommendation engine external reference matching is on both sides on the mobile as well as on the server.

In our proposed project some part of profile

matching is done on server to save memory space and main part of profile matching is on the mobile to protect data and identity of a person

Static / Dynamic

Theses tailor made protocols supports for only static (in particular shop)

These tailor made protocol support for dynamic not restricted to particular shop)

WhoZ That & Social Fusion

Our Proposed Solution

does not protect against attacks based on background knowledge [1].

device, no data is sent to server. Therefore, data is more secured and identity of the person remains anonymised.

Recomm endation

Social-Fusion organizes input data streams into three major classes, namely mobile data from smartphones, sensor data from fixed sensor networks, and social networking data from online social networks. Since all layers are integrated or fussed into server all tasks like preference matching and execution of

recommendation engine takes place in the server

i.e. SocialFusion system [2]

Recommendation engine external reference matching is on both sides on the mobile as well as on the server.

In our proposed project some part of profile

matching is done on server to save memory space and main part of profile matching is on the mobile to protect data and identity of a person

Static / Dynamic

Theses tailor made protocols supports for only static (in particular shop)

These tailor made protocol support for dynamic not restricted to particular shop)

precisely because of this inevitable progression, there is a great fear from general public, activists and governments that privacy of people will be lost forever. People are also concerned that such social data can be used for malicious purposes, may affect job prospects and other aspects of life. Social networking sites are only too aware of these sentiments and struggling hard to provide privacy and yet try and use that data and monetize it to make their business a successful commercial venture.

VII CONCLUSION

Social data mining and sharing of this data to third party corporations and merchants will become inevitable and

REFERENCES

  1. Ashwin Machanavajjhala, Johannes Gehrke, Daniel Kifer, "-Diversity: Privacy Beyond k-Anonymity". Published in ACM Journal Name, Vol. V, No. N, Month 20YY, pp. 147 J. Clerk Maxwell, A Treatise on Electricity and Magnetism, 3rd ed., vol. 2. Oxford: Clarendon, 1892, pp.68-73.

  2. Fusing Mobile, Sensor, and Social Data To Fully Enable Context-Aware Computing by Aaron Beach, Mike Gartrell, Xinyu Xing, Richard Han, Qin Lv, Shivakant Mishra, Karim Seada, 1. University of Colorado at Boulder, 2. Nokia Research Center Palo Alto.

  3. Saeed Kazi, Mikael Savia,, LOCATION TRACKING USING GPS.

    Department of Computer Sciences and Information Systems

  4. Beach, Mike Gartrell, Sirisha Akkala, Jack Elston, John Kelley, Keisuke Nishimoto,Baishakhi Ray, Sergei Razgulin, Karthik Sundaresan, Bonnie Surendar, Michael Terada, and Richard Han, University of Colorado at Boulder. WhozThat? Evolving an Ecosystem for Context-Aware Mobile Social Networks, IEEE Network, July/August 2008, Page No.: 50-55.

    K. Elissa, Title of paper if known, unpublished.

  5. Aaron Beach, Mike Gartrell, and Richard Han, University of Colorado at Boulder, Solutions to Security and Privacy Issues in Mobile Social Networking

  6. M. Weiser, "Some computer science issues in ubiquitous computing," Communications of the ACM, vol. 36, no. 7, 1993.

  7. N. Eagle and A. Pentland, "Social serendipity: Mobilizing social software," IEEE Pervasive Computing, vol. 4, no. 2, 2005.

  8. A. Jameson, More than the sum of its members: challenges for group recommender systems," in Proc. of ACM AI, 2004.

Leave a Reply

Your email address will not be published. Required fields are marked *