Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

SecBCS: a secure and privacy-preserving blockchain-based crowdsourcing system

Abstract

A robust and scalable crowd management infrastructure is crucial in addressing operational challenges when deploying high-density sensors and actuators in a smart city. While crowdsourcing is widely used in crowd management, conventional solutions, such as Upwork and Amazon Mechanical Turk, generally depend on a trusted third-party platform. There exist several potential security concerns (e.g., sensitive leakage, single point of failure and unfair judgment) in such a centralized paradigm. Hence, a recent trend in crowdsourcing is to leverage blockchain (a decentralized ledger technology) to address some of the existing limitations. A small number of blockchain-based crowdsourcing systems (BCSs) with incentive mechanisms have been proposed in the literature, but they are generally not designed with security in mind. Thus, we study the security and privacy requirements of a secure BCS and propose a concrete solution (i.e., SecBCS) with a prototype implementation based on JUICE.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Su K, Jie L, Fu H. Smart city and the applications. In: Proceedings of International Conference on Electronics, Ningbo, 2011. 1028–1031

  2. 2

    Zanella A, Bui N, Castellani A, et al. Internet of things for smart cities. IEEE Internet Things J, 2014, 1: 22–32

  3. 3

    Li M, Weng J, Yang A, et al. CrowdBC: a blockchain-based decentralized framework for crowdsourcing. IEEE Trans Parallel Distrib Syst, 2019, 30: 1251–1266

  4. 4

    Lu Y, Tang Q, Wang G. Zebralancer: private and anonymous crowdsourcing system atop open blockchain. In: Proceedings of the 38th IEEE International Conference on Distributed Computing Systems, Vienna, 2018. 853–865

  5. 5

    Buccafurri F, Lax G, Nicolazzo S, et al. Tweetchain: an alternative to blockchain for crowd-based applications. In: Proceedings of the 17th International Conference on Web Engineering, Rome, 2017. 386–393

  6. 6

    Ben-Sasson E, Chiesa A, Genkin D, et al. Snarks for C: verifying program executions succinctly and in zero knowledge. In: Proceedings of Advances in Cryptology-CRYPTO, California, 2013. 90–108

  7. 7

    McInnis B, Cosley D, Nam C, et al. Taking a HIT: designing around rejection, mistrust, risk, and workers’ experiences in amazon mechanical turk. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, California, 2016. 2271–2282

  8. 8

    Salehi N, Irani L C, Bernstein M S, et al. We are dynamo: overcoming stalling and friction in collective action for crowd workers. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, Seoul, 2015. 1621–1630

  9. 9

    Li Q, Cao G. Providing efficient privacy-aware incentives for mobile sensing. In: Proceedings of IEEE 34th International Conference on Distributed Computing Systems, Madrid, 2014. 208–217

  10. 10

    Rahaman S, Cheng L, Yao D D, et al. Provably secure anonymous-yet-accountable crowdsensing with scalable sublinear revocation. Proc Privacy Enhancing Technol, 2017, 2017: 384–403

  11. 11

    Gisdakis S, Giannetsos T, Papadimitratos P. Security, privacy, and incentive provision for mobile crowd sensing systems. IEEE Internet Things J, 2016, 3: 839–853

  12. 12

    Tanas C, Delgado-Segura S, Herrera-Joancomartí J. An integrated reward and reputation mechanism for MCS preserving users’ privacy. In: Proceedings of the 10th International Workshop and the 4th International Workshop, Vienna, 2015. 83–99

  13. 13

    Muehlemann A. Sentiment protocol: a decentralized protocol leveraging crowd sourced wisdom. 2017. ArXiv: 1710.11597

  14. 14

    Lin C, He D B, Huang X, et al. A new transitively closed undirected graph authentication scheme for blockchain-based identity management systems. IEEE Access, 2018, 6: 28203–28212

  15. 15

    Feng Q, He D B, Zeadally S, et al. A survey on privacy protection in blockchain system. J Netw Comput Appl, 2019, 126: 45–58

  16. 16

    Lin C, He D B, Huang X Y, et al. Blockchain-based system for secure outsourcing of bilinear pairings. Inf Sci, 2018. doi: 10.1016/j.ins.2018.12.043

  17. 17

    Veeningen M. Pinocchio-based adaptive zk-SNARKs and secure/correct adaptive function evaluation. In: Proceedings of the 9th International Conference on Cryptology, Senegal, 2017. 21–39

  18. 18

    Kosba A, Miller A, Shi E, et al. Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: Proceedings of the 37th IEEE Symposium on Security and Privacy, California, 2016. 839–858

  19. 19

    Christidis K, Devetsikiotis M. Blockchains and smart contracts for the Internet of things. IEEE Access, 2016, 4: 2292–2303

  20. 20

    Zhang Y, Wen J. The IoT electric business model: using blockchain technology for the Internet of things. Peer-to-Peer Netw Appl, 2017, 10: 983–994

  21. 21

    Parizi R M, Dehghantanha A, Choo K K R, et al. Empirical vulnerability analysis of automated smart contracts security testing on blockchains. In: Proceedings of the 28th Annual International Conference on Computer Science and Software Engineering, Markham, 2018. 103–113

  22. 22

    Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, New York, 2016. 254–269

  23. 23

    Mavridou A, Laszka A. Designing secure ethereum smart contracts: a finite state machine based approach. 2017. ArXiv: 1711.09327

  24. 24

    Parizi R M, Singh A, Dehghantanha A. Smart contract programming languages on blockchains: an empirical evaluation of usability and security. In: Proceedings of the 1st International Conference on Blockchain Blockchain, Washington, 2018. 75–91

  25. 25

    Chaum D, van Heyst E. Group signatures. In: Proceedings of Advances in Cryptology-EUROCRYPT, Brighton, 1991. 257–265

  26. 26

    Ho T H, Yen L H, Tseng C C. Simple-yet-efficient construction and revocation of group signatures. Int J Found Comput Sci, 2015, 26: 611–624

  27. 27

    Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 53–70

  28. 28

    Daemen J, Rijmen V. The Design of Rijndael: AES — The Advanced Encryption Standard. Berlin: Springer, 2002

  29. 29

    Poulpita. Trusted execution environment, millions of users have one, do you have yours? 2017. https://poulpita.com/2014/02/18/trusted-execution-environment-do-you-have-yours/

  30. 30

    Lin C, He D, Huang X, et al. BSeIn: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. J Netw Comput Appl, 2018, 116: 42–52

  31. 31

    Castro M, Liskov B. Practical byzantine fault tolerance. In: Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation, Louisiana, 1999. 173–186

  32. 32

    Ongaro D, Ousterhout J. In search of an understandable consensus algorithm. In: Proceedings of 2014 USENIX Annual Technical Conference, Philadelphia, Pennsylvania, 2014. 305–319

Download references

Acknowledgements

This work was supported in part by National Key Research and Development Program of China (Grant No. 2018YFC1604004), National Natural Science Foundation of China (Grant Nos. 61572379, 61772377, 61841701), and Natural Science Foundation of Hubei Province of China (Grant Nos. 2017CFA007, 2015CFA068). The last author is supported by Cloud Technology Endowed Professorship. We thank the anonymous reviewers for their valuable comments and feedback which helped us to improve the content and presentation of this paper.

Author information

Correspondence to Debiao He.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Lin, C., He, D., Zeadally, S. et al. SecBCS: a secure and privacy-preserving blockchain-based crowdsourcing system. Sci. China Inf. Sci. 63, 130102 (2020). https://doi.org/10.1007/s11432-019-9893-2

Download citation

Keywords

  • crowdsourcing
  • blockchain
  • secure
  • privacy-preserving
  • smart contract