期刊名称:Journal of King Saud University @?C Computer and Information Sciences
印刷版ISSN:1319-1578
出版年度:2022
卷号:34
期号:7
页码:4062-4074
语种:English
出版社:Elsevier
摘要:In the recent years, popularity and number of users of mobile social networks have grown significantly. Due to different types of communication on these networks, users share a lot of information with each other. One of the most critical challenges of social networks is disclosure and unauthorized access to information, data, and communication between users that is a kind of violation of their privacy, which can be done by social network providers, especially unauthorized users. One way to protect one’s privacy is using encryption. Therefore, in the present paper, an improved secure design was presented for mobile social network using ciphertext-policy attribute-based encryption (CP-ABE) and advanced encryption standard (AES) that will encrypt users data in an end-to-end manner. In the proposed scheme by CP-ABE encryption, in addition to data privacy, the users’ desired access control is applied to the access of others to their shared data. As a result, unauthorized users will not be able to access and violate data privacy. Furthermore, it will prevent the unauthorized access of social network provider with the help of AES. This scheme provides new management to exchange encryption keys and manage network components for their information. Therefore, the keys are exchanged securely and some of them are generated outside reach of the social network server and by the user. The users' main keys are encrypted using the Rivest-Shamir-Adleman (RSA) method.Consequently, the proposed scheme will protect users privacy and prevent the unauthorized access to users’ data and information by the social network provider and unauthorized users by comparing results of the proposed scheme with other similar investigated schemes. In addition, it will be resistant to common attacks (man-in-the-middle attack and replay attack). Also, according to our findings, it is a safe and comprehensive scheme with high security and practicality while needing less time for both encrypting and decrypting the users messages.
