Privacy preserving social networking through decentralization

The recent surge in popularity of on-line social network applications raises serious concerns about the security and privacy of their users. Beyond usual vulnerabilities that threaten any distributed application over Internet, on-line social networks raise specific privacy concerns due their inherent handling of personal data. In this paper we point to the centralized architecture of existing on-line social networks as the key privacy issue and suggest a solution that aims at avoiding any centralized control. Our solution is an on-line social network based on a peerto- peer architecture. Thanks to its fully distributed nature, the peer-to-peer architecture inherently avoids centralized control by any potentially malicious service provider. In order to cope with the lack of trust and lack of cooperation that are akin to peerto- peer systems and to assure basic privacy among the users of the social network, our solution leverages the trust relationships that are part of the social network application itself. Privacy in basic data access and exchange operations within the social network is achieved thanks to a simple anonymization technique based on multi-hop routing among nodes that trust each other in the social network. Similarly cooperation among peer nodes is enforced based on hop-by-hop trust relationships derived from the social network.