Content Privacy Enforcement Models in Decentralized Online Social Networks: State of Play, Solutions, Limitations, and Future Directions
In recent years, Decentralized Online Social Networks (DOSNs) have been attracting the attention of many users because they reduce the risk of censorship, surveillance, and information leakage from the service provider. In contrast to the most popular Online Social Networks, which are based on centralized architectures (e.g., Facebook, Twitter, or Instagram), DOSNs are not based on a single service provider acting as a central authority. Indeed, the contents that are published on DOSNs are stored on the devices made available by their users, which cooperate to execute the tasks needed to provide the service. To continuously guarantee their availability, the contents published by a user could be stored on the devices of other users, simply because they are online when required. Consequently, such contents must be properly protected by the DOSN infrastructure, in order to ensure that they can be really accessed only by users who have the permission of the publishers. As a consequence, DOSNs require efficient solutions for protecting the privacy of the contents published by each user with respect to the other users of the social network. In this paper, we investigate and compare the principal content privacy enforcement models adopted by current DOSNs evaluating their suitability to support different types of privacy policies based on user groups. Such evaluation is carried out by implementing several models and comparing their performance for the typical operations performed on groups, i.e., content publish, user join and leave. Further, we also highlight the limitations of current approaches and show future research directions. This contribution, other than being interesting on its own, provides a blueprint for researchers and practitioners interested in implementing DOSNs, and also highlights a few open research directions.