TitleAuthenticated out-of-band communication over social links
Many existing host-based applications rely on their own authentication mechanisms and peer discovery services. Although social networking sites already provide mechanisms for users both to discover other users (e.g., by logging on to the social network Web site) and to communicate securely with each other (e.g., using instant messages within the social networking site), today's applications have no way to exploit the relationships and trust that are inherent in these networks. This paper proposes Authenticatr, a framework that allows applications to use the authentication and peer discovery mechanisms inherent in social networking sites to bootstrap their own authenticated communication channels. We describe motivating applications, detail the interface that Authenticatr exposes to applications, and discuss practical considerations and security threats.