IEEE CCNC 2011: Kalman Graffi - LifeSocial.KOM: A Secure and P2P-based Solution for Online Social Networks

  • 770 views
Uploaded on

The phenomenon of online social networks reaches millions of users in the Internet nowadays. In these, users present themselves, their interests and their social links which they use to interact with …

The phenomenon of online social networks reaches millions of users in the Internet nowadays. In these, users present themselves, their interests and their social links which they use to interact with other users. We present in this paper LifeSocial.KOM, a p2p-based platform for secure online social networks which provides the functionality of common online social networks in a totally distributed and secure manner. It is plugin-based, thus extendible in its functionality, providing secure communication and access-controlled storage as well as monitored quality of service, addressing the needs of both, users and system providers. The platform operates solely on the resources of the users, eliminating the concentration of crucial operational costs for one provider. In a testbed evaluation, we show the feasibility of the approach and point out the potential of the p2p paradigm in the field of online social networks.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
770
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
12
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • | | November 19, 2007
  • | | November 19, 2007
  • | | November 19, 2007

Transcript

  • 1. LifeSocial.KOM: A Secure and P2P-based Solution for Online Social Networks Kalman Graffi, Christian Gross, Dominik Stingl, Daniel Hartung, Aleksandra Kovacevic, and Ralf Steinmetz
  • 2. Motivation
    • Typical motivation for p2p applications
      • Client / Server is bad  P2P is needed
    • My motivation: P2P is dying
      • BitTorrent, edonkey, …, file sharing  One click hosting
      • Skype  technological issues, although simple functionality
      • Wuala, data storage  very centralized
      • Joost (p2p tv), Groove (groupware)  Not anymore P2P
    • The Cloud is killing the purpose of P2P on user devices
      • Quality and costs are guaranteed
  • 3. What might be the next P2P application?
  • 4. Online Social Networks
    • What are ‘Online Communities’ technically?
        • Web-based applications (StudiVZ, Facebook, MySpace, Xing)
        • Provide different services for community members
    Plugin architecture Events Personal information and photos Friends Social interaction Games
  • 5. Goals and Motivations
    • Users want
    • Storing and searching for content
      • Profiles, friend lists, …
      • Pictures, shared “Wall” editing, …
    • User to user interaction
      • Chatting, VoIP, …
      • Games
    • Security
      • Access control on their data
      • Secure, confidential communication
    • Fun!
    • System providers want
    • High profit
      • Many users
      • Personalized advertisements
    • Low operational costs
      • For servers, electricity, cooling …
      • For personnel, legal issues
    • Controlled Quality of Service
      • To attract and keep users
      • Providing reliable, high quality services
    •  Money!
    Our goal: all of the above following the P2P paradigm
  • 6.
    • How do they work?
    • What is the architecture beneath?
  • 7. Current IT Paradigm: Client / Server
    • Web-based solution
      • Lots of operational costs!
      • Rough estimation: 1$/y per user
      • Facebook: 500M users !
    € € € €
  • 8. Alternatives? – Peer-to-Peer based Platforms
    • Idea:
      • Use capacities of user devices (Moore’s law!)
      • Interconnect users with p2p-overlay
      • Provide all functionality in a distributed way
      • Shift the load and costs to the users
    • Platforms:
      • LifeSocial.KOM
      • SafeBook, PeerSon
    € € €
  • 9. Our Solution: LifeSocial.KOM
    • Researched since end of 2007
      • Ca. 10 diploma / bachelor theses on this topic
      • Ca. 20 students programming plugins / GUIs in “Praktika” / project seminars
    • See: www.lifesocial.org
  • 10.
    • How does it look like?
    • What can you do?
  • 11. Screenshots  See: www.lifesocial.org
  • 12. See: www.lifesocial.org  See: www.lifesocial.org
  • 13. Screenshots  See: www.lifesocial.org
  • 14. Screenshots  See: www.lifesocial.org
  • 15.
    • How does this work?
    • What is the architecture beneath?
  • 16. Architecture Overview on LifeSocial.KOM
    • Extendable framework for user interface components
    • Stand-alone applications, core functionality and optional functionality of the system. Extendable.
    • Caching of data objects and messages
    • Monitoring of the quality of service
    • Low-delay user-to-user communication
    • Storage (store, modify, retrieve, delete)
    • Distributed storage and replication
    • Organization of nodes in an overlay network
    • Standard Internet protocols
  • 17. Challenges and Lessons Learned
    • Interconnecting the peers
      • Overlay needed for ID-based, consistent routing
      • Issues:
        • For academia (Chord, CAN)
        • Different purpose (Kademlia, unstructured overlays)
        • Homebrew: design and evaluation takes time
    •  FreePastry
    • Data Storage / Replication
      • Reliable + consistent data storage: read, write, update
      • Load balancing?
      • Even more complicated
    •  PAST, comes with FreePastry
      • ID-based storage and retrieval
  • 18. Example for Distributed Linked Lists
  • 19. SECURITY
    • Security is 2nd most important
      • After efficiency!
    • Goals:
      • Authentification of hosts
      • Encrypted messaging
      • Access control lists (on sensible data)
    • Idea:
      • Use PublicKeys as NodeIDs
        •  allows instant authentication and encrypted communication
      • Encrypt all stored data with unique symmetric key
        • Encrypt the symmetric key for all privileged reader
        • Attach the ENCRYPTED symmetric key to the encrypted data
  • 20. Simple Idea of Distributed Access Control
    • How to provide Access Control in a distributed environment?
    • Goal: Assign read-rights on objects to privileged users
    • Mechanism: Sym. encrypted objects, asym. encrypted sym. keys
     See: K. Graffi et al., “Practical Security in P2P-based Social Networks” In: IEEE Local Computer Networks '09 (IEEE LCN’09), October 2009. For
  • 21.
    • When it is distributed,
    • how do you know that it works?
    • What is the quality?
  • 22. Monitoring and Evaluation
    • Integration of a monitoring solution
      • Totally distributed, precise and cheap
    • Global system statistics
      • Statistics on
        • CPU / bandwidth usage
        • Data retrieval delays
        • Messages sent / received
        • Number of peers
        • Objects in Cache
        • Friends and clustering coefficient
      • Statistical information: avg, min, max, standard dev., sum,...
     See: K. Graffi et al., “Monitoring and Management of Structured Peer-to-Peer Systems” In: IEEE Peer-to-Peer Computing '09 (IEEE P2P’09), September 2009.
  • 23.  
  • 24.  
  • 25.  
  • 26. Our Monitoring Solution for P2P Systems
    • Statistic updates
      • Periodically sent to parent peer
      • Aggregated in each node (  same size)
    • Topology
      • Tree based information architecture
      • Uses p2p overlay functionality
    [µ,σ,σ²,Σ, min,max] [µ,σ,σ²,Σ, min,max] [µ,σ,σ²,Σ, min,max]  See: K. Graffi et al., “Monitoring and Management of P2P Systems” In: IEEE Peer-to-Peer Computing '09 (IEEE P2P’09), September 2009. 0 1 1 10 50 20 30 40 45 15 0,09 0,2 0,3 0,4 0,51 0,6 0,75 0,9
  • 27. Our Monitoring Solution for P2P Systems
    • Topology
      • Tree based information architecture
      • Uses p2p overlay functionality
    • Statistic updates
      • Periodically sent to parent peer
      • Aggregated in each node (  same size)
    [µ,σ,σ²,Σ, min, max] [µ,σ,σ²,Σ, min, max] [µ,σ,σ²,Σ, min, max] 0 1 1 10 50 20 30 40 45 15 0,09 0,2 0,3 0,4 0,51 0,6 0,75 0,9
  • 28. Plugin Architecture Overview
  • 29. See: www.lifesocial.org  See: www.lifesocial.org
  • 30. Summary
    • IT solutions for social networks
      • Currently centralized and very costly
      • Scales only with high monetary invests
    • Distributed, p2p-based platforms
      • Data storage is totally distributed
      • Costs are shared among the users
    • LifeSocial.KOM
      • Operational prototype
      • Secure, reliable storage and messaging
      • Monitoring mechanism to observe (and control) the quality of service
      • Rich, extendable functionality through Plugin-based architecture
      • See videos on www.lifesocial.org
    • Analysis of needs:
    • Users want
      • Storing and searching for content
      • User to user interaction
      • Security
    • System provider want
      • Low operational costs
      • Controlled quality of service
      • High profit
    • Next steps:
      • Integrate management mechanisms
      • Run Internet-wide beta-test
      • Deploy
  • 31. Issues and Challenges in Academia
    • Engineering a prototype is not considered as research
    • Programming effort hard to mount
    • How to test large-scale distributed systems?
    • Successfull standalone P2P application known?
      • Filesharing?
      • Skype?  is it working now?
      • ???
    • How needs P2P – we have the cloud!
      • Guaranteed Quality! Controllable costs!
      • Easier to maintain / operate
  • 32. Questions? KOM Have a look at: www.lifesocial.org www.skynet-project.com www.kom.tu-darmstadt.de Does my p2p system work?