RelationGrams: Tie-Strength Visualization for User-Controlled Online Identity Authentication (CMU-CyLab-11-014)
Users experience a crisis of confidence for online activities in the current Internet. Unfortunately, the symptom of this crisis of confidence manifests itself through online attacks, where adversaries con users to extract money or valuable sensitive information. Instead of addressing the symptom, we investigate how to address the underlying cause, which is that the absence of humanly verifiable information for online entities prevents user authentication.
As an initial step in this endeavor, we consider the specific problem of how users can securely authenticate online identities (e.g., associate a Facebook ID with its owner). Based on prior social science research demonstrating that the strength of social ties is a useful indicator of trust in many real-world relationships, we explore how tie strength can be visualized using well-defined and measurable parameters. We then apply the visualization in the context of online friend invitations and propose a protocol for secure online identity authentication. We analyze the robustness of the protocol against adversaries who attempt to establish fraudulent online identities, and evaluate the usability in an actual implementation on a popular online social network (i.e., Facebook). We find that a tie-strength visualization is a useful primitive for online identity authentication.