Preserving Secrecy in Mobile Social Networks

Abstract

Location-based services are one of the most important services offered by mobile social networks. Offering this kind of service requires accessing the physical position of users together with the access authorizations, i.e., who is authorized to access what information. However, these physical positions and authorizations are sensitive information that have to be kept secret from any adversary, including the service providers. As far as we know, the problem of offering location-based services in mobile social networks with a revocation feature under collusion assumption, i.e., an adversary colludes with the service provider, has not been studied. In this article, we show how to solve this problem in the example of range queries. Specifically, we guarantee any adversary, including the service provider, is not able to learn (1) the physical position of the users, (2) the distance between his position and that of the users, and (3) whether two users are allowed to learn the distance between them. We propose two approaches, namely, two-layer symmetric encryption and two-layer attribute-based encryption. The main difference between them is that they use, among other encryption schemes, symmetric and attribute-based encryption, respectively. Next, we prove the secrecy guarantees of both approaches, analyze their complexity, and provide experiments to evaluate their performance in practice.