Private Distributed Scalar Product Protocol With Application To Privacy-Preserving Computation of Trust

  • Danfeng Yao
  • Roberto Tamassia
  • Seth Proctor
Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 238)

Abstract

In this paper, we first present a private distributed scalar product protocol that can be used for obtaining trust values from private recommendations. Our protocol allows Alice to infer the trustworthiness of Bob based on what Alice’s friends think about Bob and Alice’s confidence in her friends. In addition, the private information of Alice and her friends are not revealed during the computation. We also propose a credential-based trust model where the trustworthiness of a user is computed based on his or her affiliations and role assignments. The trust model is simple to compute, yet it is scalable as it classifies large groups of users

Key words

Private multi-party computation trust management location privacy 

References

  1. 1.
    M. J. Atallah and W. Du. Secure multi-party computational geometry. In Proceedings of 7th International Workshop on Algorithms and Data Structures (WADS 2001), volume 2125 of Lecture Notes in Computer Science, pages 165–179. Springer Verlag, August 2001.Google Scholar
  2. 2.
    M. J. Atallah, H. G. Elmongui, V. Deshpande, and L. B. Schwarz. Secure supply-chain protocols. In 2003 IEEE International Conference on Electronic Commerce (CEC 2003), pages 293–302. IEEE Computer Society, 2003.Google Scholar
  3. 3.
    M. J. Atallah and J. Li. Secure outsourcing of sequence comparisons. In 4th Workshop on Privacy Enhancing Technologies (PET), volume 3424 of Lecture Notes in Computer Science, pages 63–78, 2004.Google Scholar
  4. 4.
    T. Aura. Distributed access-rights management with delegation certificates. In Secure Internet Programming — Security Issues for Distributed and Mobile Objects, volume 1603 of LNCS, pages 211–235. Springer, 1999.Google Scholar
  5. 5.
    M. Ben-Or and A. Wigderson. Completeness theorems for non-cryptographic faulttolerant distributed computation. In The Twentieth Annual ACM Symposium on Theory of Computing (STOC), pages 1–10. ACM Press, 1988.Google Scholar
  6. 6.
    T. Beth, M. Borcherding, and B. Klein. Valuation of trust in open networks. In Proceedings of the Third European Symposium on Research in Computer Security (ESORICS’ 94), pages 3–18, November 1994.Google Scholar
  7. 7.
    B. Carbunar and R. Sion. Uncheatable reputation for distributed computation markets. In Financial Cryptography and Data Security Conference (FC’ 06), 2006.Google Scholar
  8. 8.
    D. Chaum, C. Crépeau, and I. Damgard. Multiparty unconditionally secure protocols. In The twentieth annual ACM Symposium on Theory of Computing (STOC), pages 11–19. ACM Press, 1988.Google Scholar
  9. 9.
    I. Damgård and M. Jurik. A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In 4th International Workshop on Practice and Theory in Public Key Cryptosystems (PKC’ 01), LNCS 1992, pages 119–136, 2001.Google Scholar
  10. 10.
    W. Du. A study of several specific secure two-party computation problems, 2001. PhD thesis, Purdue University, West Lafayette, Indiana.Google Scholar
  11. 11.
    L. Eschenauer, V. D. Gligor, and J. Baras. On trust establishment in mobile ad-hoc networks. In Proceedings of the Security Protocols Workshop, April 2002.Google Scholar
  12. 12.
    K. B. Frikken and M. J. Atallah. Privacy preserving route planning. In Proceedings of the 2004 ACM workshop on Privacy in the Electronic Society (WPES), pages 8–15. ACM Press, 2004.Google Scholar
  13. 13.
    B. Goethals, S. Laur, H. Lipmaa, and T. Mielikäinen. On private scalar product computation for privacy-preserving data mining. In C. Park and S. Chee, editors, ICISC, volume 3506 of Lecture Notes in Computer Science, pages 104–120. Springer, 2004.Google Scholar
  14. 14.
    O. Goldreich. Secure multi-party computation, Oct. 2002. Unpublished Manuscript.Google Scholar
  15. 15.
    O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In The nineteenth annual ACM conference on theory of computing, pages 218–229. ACM Press, 1987.Google Scholar
  16. 16.
    M. Gruteser and D. Grunwald. Anonymous usage of location-based services through spatial and temporal cloaking. In ACM/USENIX International Conference on Mobile Systems, Applications, and Services (MobiSys), 2003.Google Scholar
  17. 17.
    M. Gruteser, G. Schelle, A. Jain, R. Han, and D. Grunwald. Privacy-aware location sensor networks. In 9th USENIX Workshop on Hot Topics in Operating Systems (HotOS IX), 2003.Google Scholar
  18. 18.
    P. Kamat, Y. Zhang, W. Trappe, and C. Ozturk. Enhancing source-location privacy in sensor network routing. In Proceedings of 25th International Conference on Distributed Computing Systems (ICDCS), 2005.Google Scholar
  19. 19.
    R. Kohlas and U. M. Maurer. Confidence valuation in a public-key infrastructure based on uncertain evidence. In Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography (PKC’ 00), volume 1751 of Lecture Notes in Computer Science, pages 93–112. Springer, 2000.Google Scholar
  20. 20.
    M. Langheinrich. A privacy awareness system for ubiquitous computing environments. In In 4th International Conference on Ubiquitous Computing, 2002.Google Scholar
  21. 21.
    P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. Advances in Cryptology — EUROCRYPT 1999, LNCS 1592:223–238, 1999.CrossRefMathSciNetGoogle Scholar
  22. 22.
    B. Pinkas. Cryptographic techniques for privacy-preserving data mining. KDD Explorations, 4(2): 12–19, 2002.CrossRefGoogle Scholar
  23. 23.
    P. Ruth, D. Xu, B. K. Bhargava, and F. Regnier. E-notebook middleware for accountability and reputation based trust in distributed data sharing communities. In C. D. Jensen, S. Poslad, and T. Dimitrakos, editors, iTrust, volume 2995 of Lecture Notes in Computer Science, pages 161–175. Springer, 2004.Google Scholar
  24. 24.
    B. Shand, N. Dimmock, and J. Bacon. Trust for ubiquitous, transparent collaboration. Wirel. Netw., 10(6):711–721, 2004.CrossRefGoogle Scholar
  25. 25.
  26. 26.
    E. Snekkenes. Concepts for personal location privacy policies. In In Proceedings of the 3rd ACM Conference on Electronic Commerce (CEC), pages 48–57. ACM Press, 2001.Google Scholar
  27. 27.
    P. F. Syverson, D. M. Goldschlag, and M. G. Reed. Anonymous connections and onion routing. In Proceedings of the IEEE Symposium on Security and Privacy, pages 44–54, May 1997.Google Scholar
  28. 28.
    R. Tamassia, D. Yao, and W. H. Winsborough. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT’ 04), pages 146–155. ACM Press, June 2004.Google Scholar
  29. 29.
    G. Theodorakopoulos and J. S. Baras. Trust evaluation in ad-hoc networks. In WiSe’ 04: Proceedings of the 2004 ACM workshop on Wireless security, pages 1–10. ACM Press, 2004.Google Scholar
  30. 30.
    H. Tran, M. Hitchens, V. Varadharajan, and P. Watters. A trust based access control framework for P2P file-sharing systems. In Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS’05) — Track 9, page 302c. IEEE Computer Society, 2005.Google Scholar
  31. 31.
    J. Vaidya and C. Clifton. Privacy preserving association rule mining in vertically partitioned data. In Proceedings of The 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 639–644. ACM Press, July 2002.Google Scholar
  32. 32.
    R. Yager. On ordered weighted averaging aggregation operators in multi-criteria decision making. IEEE Transactions on Systems, Man and Cybernetics, 18(1):183–190, 1988.MATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    N. Yankelovich, W. Walker, P. Roberts, M. Wessler, J. Kaplan, and J. Provino. Meeting central: making distributed meetings more effective. In Proceedings of the 2004 ACM Conference on Computer Supported Cooperative Work (CSCW’ 04), pages 419–428, New York, NY, USA, 2004. ACM Press.Google Scholar
  34. 34.
    A. C. Yao. How to generate and exchange secrets. In Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, pages 162–167. IEEE Computer Society Press, 1986.Google Scholar
  35. 35.
    D. Yao, K. B. Frikken, M. J. Atallah, and R. Tamassia. Point-based trust: Define how much privacy is worth. In Proceedings of the Eighth International Conference on Information and Communications Security (ICICS’ 06), December 2006.Google Scholar
  36. 36.
    D. Yao, R. Tamassia, and S. Proctor. On improving the performance of role-based cascaded delegation in ubiquitous computing. In Proceedings of IEEE/CreateNet Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm’ 05), pages 157–168. IEEE Press, September 2005.Google Scholar

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Danfeng Yao
    • 1
  • Roberto Tamassia
    • 1
  • Seth Proctor
    • 2
  1. 1.Department of Computer ScienceBrown UniversityProvidenceUSA
  2. 2.Sun Microsystems LaboratoriesBurlington

Personalised recommendations