Toggle Main Menu Toggle Search

Open Access padlockePrints

A Privacy-aware Decentralized and Personalized Reputation System

Lookup NU author(s): Dr Samiran Bag, Dr Muhammad Azad, Professor Feng Hao



This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License (CC BY-NC-ND).


Reputation systems enable consumers to evaluate the trustworthiness of business entities (retailers, sellers) over the marketplace. In electronic marketplaces, the reputation of an business entity (retailer, seller) is computed by aggregating the “trust-scores” assigned to her by the parties who have had transactions with her. Most reputation systems designed for online marketplaces use all the available trust-scores to compute the reputation of business entity. However, in some scenarios, the consumer may wish to compute the reputation of a business entity by considering the trust-scores from a set of trustworthy participants, however, she does not want to disclose the identities of the users she trusts. There are two privacy protection challenges in the design of this kind of personalized reputation system: 1) protecting the set of trusted users of participants, and 2) protecting the trust-scores assigned by the participants in the trusted set. In this paper, we present a novel framework for computing the personalized global reputation of a business entity by considering the trust-scores from a set of trusted participants without disclosing identities of participants in the trusted set and their trust-scores. To this extent, the participants share cryptograms of their trust-scores for the business entity to the decentralized public bulletin board or tally center. These encrypted trust-scores are then used by the requester to compute the personalized reputation score of the business entity without leaking private information of participants in the system. We have analyzed the security and privacy properties of the scheme for the malicious adversarial model. The protocol has a linear message complexity, which proves that the system can be deployed in a real setup where such personalized recommendations may be required in practice. Furthermore, the system ensures correctness, privacy and security of trust-scores of participants in the trusted set under the malicious adversarial model.

Publication metadata

Author(s): Bag S, Azad M, Hao F

Publication type: Article

Publication status: Published

Journal: Computers & Security

Year: 2018

Volume: 77

Pages: 514-530

Print publication date: 01/08/2018

Online publication date: 11/05/2018

Acceptance date: 02/05/2018

Date deposited: 14/05/2018

ISSN (print): 0167-4048

ISSN (electronic): 1872-6208

Publisher: Elsevier Advanced Technology


DOI: 10.1016/j.cose.2018.05.005


Altmetrics provided by Altmetric