Advertisement

Privacy-Preserving Reputation Management in Fully Decentralized Systems: Challenges and Opportunities

  • Ngoc Hong TranEmail author
  • Leila Bahri
  • Binh Quoc Nguyen
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 807)

Abstract

Reputation is one of crucial personal information strongly attached to each person, so it affects directly to its owner in whatever way it is used. Any form of reputation violation can carry a serious consequence to its owner. Therefore, reputation needs to be managed in a secure way. Moreover, reputation management is a substantial process as it plays a key role in building up a certain trust level, among just-met users. Thus just-met users can base on reputation scores to make a decision on starting up their communication. In addition, reputation management reduces risks of leaking user privacy and losing data security. So far, several works on managing reputation in online social network have been studied, mostly using the Internet for data transmission. In this work, reputation management is placed into the context of fully decentralized environment. Under the more harsh conditions which the decentralized mobile environment carries, such as no central node, frequently changed user location, and restrictions of energy, power, memory, etc., and the security requirement, methods of reputation management get more challenged. Various security problems of managing reputation are still open to be solved. In this work, we make a discussion about recent works on privacy-preserving reputation management in a decentralized environment. We then present challenges, and conclude the open problems as well as possible solutions in reputation management.

Keywords

Reputation management Identity validation Decentralized model Mobile environment Peer-to-peer (P2P) network Privacy preserving Security Encryption Anonymity 

References

  1. [ANC12]
    Anceaume, E., Guette, G., Lajoie Mazenc, P., Prigent, N., Tong, V.V.T.: A Privacy Preserving Distributed Reputation Mechanism (2012). https://hal.archivesouvertes.fr/hal-00763212
  2. [BAR08]
    Cao, J., Carminati, B., Ferrari, E., Tan, K.L.: CASTLE: a δ-constrained scheme for ks-anonymizing data streams. In: IEEE 24th International Conference on Data Engineering (ICDE 2008), pp. 1376–1378 (2008)Google Scholar
  3. [BAH14]
    Bahri, L., Carminati, B., Ferrari, E.: Community-based identity validation on online social networks. In: IEEE ICDCS, pp. 21–30 (2014)Google Scholar
  4. [BAZ16]
    Bazin, R., et al.: A decentralized anonymity-preserving reputation system with constant-time score retrieval. IACR, p. 146 (2016)Google Scholar
  5. [CAQ12]
    Cao, Q., Sirivianos, M., Yang, X., Pregueiro, T.: Aiding the detection of fake accounts in large scale social online services. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation, p. 15 (2012)Google Scholar
  6. [CAJ12]
    Cao, J., Karras, P.: Publishing microdata with a robust privacy guarantee. Proc. VLDB Endowment 5(11), 1388–1399 (2012)CrossRefGoogle Scholar
  7. [CHA11]
    Chairunnanda, P., Pham, N., Hengartner, U.: Privacy: gone with the typing! identifying web users by their typing patterns. In: IEEE PASSAT (2011)Google Scholar
  8. [CLI13]
    Clifton, C., Tassa, T.: On syntactic anonymity and differential privacy. In: ICDE Workshops, pp. 88–93 (2013)Google Scholar
  9. [JIN11]
    Jin, L., Takabi, H., Joshi, J.B.D.: Towards active detection of identity clone attacks on online social networks. In: ACM CODASPY (2011)Google Scholar
  10. [DIM14]
    Dimitriou, T., Michalas, A.: Multi-party trust computation in decentralized environments in the presence of malicious adversaries. Ad-Hoc Netw. 15, 53–66 (2014)CrossRefGoogle Scholar
  11. [DOL14]
    Dolev, S., Gilboa, N., Kopeetsky, M.: Efficient private multiparty computations of trust in the presence of curious and malicious users. J. Trust Manage. 1, 1–8 (2014)CrossRefGoogle Scholar
  12. [DOM15]
    Domingo-Ferrer, J., Soria-Comas, J., Ciobotaru, O.: Co-utility: self-enforcing protocols without coordination mechanisms. In: Proceedings of the 5th International Conference on Industrial Engineering and Operations Management-IEOM, pp. 1–7 (2015)Google Scholar
  13. [DOM16]
    Domingo-Ferrer, J., Sanchez, D., Soria-Comas, J.: Co-utility: self-enforcing collaborative protocols with mutual help. Prog. Artif. Intell. 5(2), 105–110 (2016)CrossRefGoogle Scholar
  14. [ELI08]
    Androulaki, E., Choi, S.G., Bellovin, S.M., Malkin, T.: Reputation systems for anonymous networks. In: Proceedings of the 8th International Symposium on Privacy Enhancing Technologies, PETS. Springer, Heidelberg (2008)Google Scholar
  15. [FUR13]
    Furuhata, F., Dessouky, M., Ordoez, F., Brunet, M.E., Wang, X., Koening, S.: Ridesharing: the state-of-the-art and future directions. Transp. Res. Part B 57, 28–46 (2013)CrossRefGoogle Scholar
  16. [GOG13]
    Goga, O., Lei, H., Parthasarathi, S.H.K., Friedland, G., Sommer, R., Teixeira, R.: Exploiting innocuous activity for correlating users across sites. In: International World Wide Web Conferences Steering Committee, WWW (2013)Google Scholar
  17. [GUO13]
    Guo, K., Zhang, Q.: Fast clustering-based anonymization approaches with time constraints for data streams. Knowl. Based Syst. 46, 95–108 (2013)CrossRefGoogle Scholar
  18. [HS12]
    Hasan, O., Brunie, L., Bertino, E.: Preserving privacy of feedback providers in decentralized reputation systems. Comput. Secur. 31(7), 816–826 (2012)CrossRefGoogle Scholar
  19. [HAS13]
    Hasan, O., Brunie, L., Bertino, E., Shang, N.: A decentralized privacy preserving reputation protocol for the malicious adversarial model. IEEE Trans. Inf. Forensics Secur. 8(6), 949–962 (2013)CrossRefGoogle Scholar
  20. [HOF09]
    Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Comput. 42(1), 1 (2009)CrossRefGoogle Scholar
  21. [JOS16]
    Domingo-Ferrer, J., Farràs, O., Martínez, S., Sánchez, D., Soria-Comas, J.: Self-enforcing protocols via co-utile reputation management. Inf. Sci. 367(C), 159–175 (2016).  https://doi.org/10.1016/j.ins.2016.05.050CrossRefGoogle Scholar
  22. [KAM03]
    Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The EigenTrust algorithm for reputation management in P2P networks. In: Proceedings of the 12th International Conference on World Wide Web, pp. 640–651 (2003)Google Scholar
  23. [LAJ15]
    Lajoie-Mazenc, P., Anceaume, E., Guette, G., Sirvent, T., Tong, V.V.T.: Efficient distributed privacy-preserving reputation mechanism handling non-monotonic ratings (2015). https://hal.archives-ouvertes.fr/hal-01104837
  24. [LI007]
    Li, N., Li, T., Venkatasubramanian, S.: t-Closeness: privacy beyond k-Anonymity and l-Diversity. ICDE 7, 106–115 (2007)Google Scholar
  25. [LI013]
    Li, H.P., Hu, H., Xu, J.: Nearby friend alert: location anonymity in mobile geosocial networks. IEEE Pervasive Comput. 12(4), 62–70 (2013)CrossRefGoogle Scholar
  26. [YU008]
    Yu, H., Gibbons, P.B., Kaminsky, M., Xiao, F.: Sybillimit: Anear-optimal social network defense against sybil attacks. IEEE Security and Privacy (2008)Google Scholar
  27. [MAC07]
    Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: l-diversity: privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data (TKDD), 1, 1–3 (2007)CrossRefGoogle Scholar
  28. [MAS11]
    Mascetti, S., Freni, D., Bettini, C., Wang, X.S., Jajodia, S.: Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies. VLDB J. Int. J. Very Large Data Bases 20(4), 541–566 (2011)CrossRefGoogle Scholar
  29. [OHA14]
    O’Hagan, A.: No Place to Hide: Edward Snowden, the NSA and the Surveillance State by Glenn Greenwald. London Review of Books. Nicholas Spice. vol. 36, no. 18, pp. 11–12 (2014)Google Scholar
  30. [PAV04]
    Pavlov, E., Rosenschein, J.S., Topol, Z.: Supporting privacy in decentralized additive reputation systems. In: Trust Management, Lecture Notes in Computer Science, vol. 2995, pp. 108–119. Springer, Heidelberg (2004)zbMATHGoogle Scholar
  31. [PET]
    Petrlic, R., Lutters, S., Sorge, C.: Privacy-preserving reputation management. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, New York, USA, pp. 1712–1718 (2014)Google Scholar
  32. [RAV16]
    Raval, S.: Decentralized Applications. O’Reilly Media (2016)Google Scholar
  33. [ROF13]
    Roffo, G., Segalin, C., Vinciarelli, A., Murino, V., Cristani, M.: Reading between the turns: statistical modeling for identity recognition and verification in chats. IEEE AVSS, pp. 99–104 (2013)Google Scholar
  34. [SAN16]
    Sanchez, D., et al.: Co-utile P2P ridesharing via decentralization and reputation management. Transp. Res. Part C Emerg. Technol. 73, 147–166 (2016)CrossRefGoogle Scholar
  35. [SCH16]
    Schaub, A., Bazin, R., Hasan, O., Brunie, L.: A trustless privacy-preserving reputation system. IFIP SEC - Privacy (2016)Google Scholar
  36. [SIP12]
    Sirivianos, M., Kim, K., Gan, J.W., Yang, X.: Assessing the veracity of identity assertions via osns. IEEE COMSNETS (2012)Google Scholar
  37. [SOS16]
    Soska, K., et al.: Beaver: a decentralized anonymous marketplace with secure reputation. IACR Cryptography ePrint Archive, 464 (2016)Google Scholar
  38. [SWE02]
    Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(5), 557–570 (2002)MathSciNetCrossRefGoogle Scholar
  39. [THE14]
    He, B., Chen, C., Su, Y., Sun, H.: A defence scheme against Identity Theft Attack based on multiple social networks. Expert Systems with Application. Elsevier (2014)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Ngoc Hong Tran
    • 1
    Email author
  • Leila Bahri
    • 2
  • Binh Quoc Nguyen
    • 1
  1. 1.Vietnamese German UniversityThủ Dầu MộtVietnam
  2. 2.Koc UniversityIstanbulTurkey

Personalised recommendations