Browse by author
Lookup NU author(s): Dr Samiran Bag, Dr Muhammad Azad, Professor Feng Hao
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License (CC BY-NC-ND).
Reputation systems enable consumers to evaluate the trustworthiness of business entities (retailers, sellers) over the marketplace. In electronic marketplaces, the reputation of an business entity (retailer, seller) is computed by aggregating the “trust-scores” assigned to her by the parties who have had transactions with her. Most reputation systems designed for online marketplaces use all the available trust-scores to compute the reputation of business entity. However, in some scenarios, the consumer may wish to compute the reputation of a business entity by considering the trust-scores from a set of trustworthy participants, however, she does not want to disclose the identities of the users she trusts. There are two privacy protection challenges in the design of this kind of personalized reputation system: 1) protecting the set of trusted users of participants, and 2) protecting the trust-scores assigned by the participants in the trusted set. In this paper, we present a novel framework for computing the personalized global reputation of a business entity by considering the trust-scores from a set of trusted participants without disclosing identities of participants in the trusted set and their trust-scores. To this extent, the participants share cryptograms of their trust-scores for the business entity to the decentralized public bulletin board or tally center. These encrypted trust-scores are then used by the requester to compute the personalized reputation score of the business entity without leaking private information of participants in the system. We have analyzed the security and privacy properties of the scheme for the malicious adversarial model. The protocol has a linear message complexity, which proves that the system can be deployed in a real setup where such personalized recommendations may be required in practice. Furthermore, the system ensures correctness, privacy and security of trust-scores of participants in the trusted set under the malicious adversarial model.
Author(s): Bag S, Azad M, Hao F
Publication type: Article
Publication status: Published
Journal: Computers & Security
Year: 2018
Volume: 77
Pages: 514-530
Print publication date: 01/08/2018
Online publication date: 11/05/2018
Acceptance date: 02/05/2018
Date deposited: 14/05/2018
ISSN (print): 0167-4048
ISSN (electronic): 1872-6208
Publisher: Elsevier Advanced Technology
URL: https://doi.org/10.1016/j.cose.2018.05.005
DOI: 10.1016/j.cose.2018.05.005
Altmetrics provided by Altmetric
