Security and privacy in online social networks

Cutillo, Leucio Antonio

Online Social Network (OSN) applications allow users of all ages and educational background to easily share a wide range of personal information with a theoretically unlimited number of partners. This advantage comes at the cost of increased security and privacy exposures for users, since in all existing OSN applications, to underpin a promising business model, users' data is collected and stored permanently at the databases of the service provider, which potentially becomes a "Big Brother" capable of exploiting this data in many ways that can violate the privacy of individual users or user groups. This thesis suggests and validates a new approach to tackle these security and privacy problems. In order to ensure users' privacy in the face of potential privacy violations by the provider, the suggested approach adopts a distributed architecture relying on cooperation among a number of independent parties that are also the users of the online social network application. The second strong point of the suggested approach is to capitalize on the trust relationships that are part of social networks in real life in order to cope with the problem of building trusted and privacy-preserving mechanisms as part of the online application. Based on these main design principles, a new distributed Online Social Network, namely Safebook, is proposed: Safebook leverages on real life trust and allows users to maintain the control on the access and the usage of their own data. The prototype of Safebook is available at

Sécurité numérique
Eurecom Ref:
© TELECOM ParisTech. Personal use of this material is permitted. The definitive version of this paper was published in Thesis and is available at :