Advertisement

Preservation of Privacy in Thwarting the Ballot Stuffing Scheme

  • Wesley Brandi
  • Martin S. Olivier
  • Alf Zugenmaier
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5185)

Abstract

Users of an online trading system rely on Reputation Systems to better judge whom should be trusted and to what degree. This is achieved through users building up reputations in the system. In these types of environments, it has been shown that users with good reputations do more business than users with bad reputations. The ballot stuffing scheme exploits this and has fraudulent users placing a number of false bids in an attempt to better the reputation of a single user.

Though previous research has dealt with thwarting the one man ballot stuffing scheme, the issue of privacy was neglected. The solution proposed relied on looking up the coordinates of a user who is a cellular phone holder. Upon placing a bid, the user’s geographical coordinates are compared to the coordinates of other users involved in the transaction. If the users were within a predefined distance to one another, the transaction was marked as suspicious. This mechanism relies on storing the coordinates of a user over time and, from a privacy perspective, is unacceptable.

The intention of this paper is to propose several solutions that attempt to safeguard the privacy of all users involved when calculating the distance between two cellular phone holders, i.e., thwarting the one man ballot stuffing scheme. We discuss solutions that cater for service providers who may be willing or unwilling to participate in safeguarding the privacy of their users. These techniques include Secure Multi-party Computation, polynomial interpolation and the addition of untrusted third parties.

Keywords

Service Provider Cell Phone Trading System Reputation System Privacy Preserve 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Brandi, W., Olivier, M.S.: On bidder zones, cell phones and ballot stuffing. In: Proceedings of Information Security South Africa (ISSA) (July 2006)Google Scholar
  2. 2.
    Brassard, G., Crépeau, C., Robert, J.: All-or-nothing disclosure of secrets. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 234–238. Springer, Heidelberg (1987)Google Scholar
  3. 3.
    Chaum, D., Crépeau, C., Damgard, I.: Multiparty unconditionally secure protocols. In: STOC 1988: Proceedings of the twentieth annual ACM symposium on Theory of computing, pp. 11–19. ACM, New York (1988)Google Scholar
  4. 4.
    Du, W., Atallah, M.J.: Secure multi-party computation problems and their applications: a review and open problems. In: NSPW 2001: Proceedings of the 2001 workshop on New security paradigms, pp. 13–22. ACM Press, New York (2001)Google Scholar
  5. 5.
    Du, W., Zhan, Z.: A practical approach to solve secure multi-party computation problems. In: NSPW 2002: Proceedings of the 2002 workshop on New security paradigms, pp. 127–135. ACM Press, New York (2002)Google Scholar
  6. 6.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, New York (2004)Google Scholar
  7. 7.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the nineteenth annual ACM conference on Theory of computing, pp. 218–229. ACM, New York (1987)Google Scholar
  8. 8.
    Gorlach, A., Heinemann, A., Terpstra, W.: Survey on location privacy in pervasive computing. In: Robinson, P., Vogt, H., Wagealla, W. (eds.) Privacy, Security and Trust within the Context of Pervasive Computing. The Kluwer International Series in Engineering and Computer Science (2004)Google Scholar
  9. 9.
    Ioannidis, I., Grama, A., Atallah, M.: A secure protocol for computing dot-products in clustered and distributed environments. In: ICPP 2002: Proceedings of the 2002 International Conference on Parallel Processing (ICPP 2002), Washington, DC, USA, p. 379. IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  10. 10.
    Kiltz, E., Leander, G., Malone-Lee, J.: Secure computation of the mean and related statistics. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 283–302. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Li, S., Dai, Y.: Secure two-party computational geometry. J. Comput. Sci. Technol. 20(2), 258–263 (2005)Google Scholar
  12. 12.
    Luo, Y., Huang, L., Chen, G., Shen, H.: Privacy-preserving distance measurement and its applications. Chinese Journal of Electronics 15(2), 237–241 (2006)Google Scholar
  13. 13.
    Naor, M., Nissim, K.: Communication preserving protocols for secure function evaluation. In: STOC 2001: Proceedings of the thirty-third annual ACM symposium on Theory of computing, pp. 590–599. ACM Press, New York (2001)Google Scholar
  14. 14.
    Friedman, E., Resnick, P., Zeckhauser, R., Kuwabara, K.: Reputation systems. Communication of the ACM 43(12), 45–48 (2000)Google Scholar
  15. 15.
    Resnick, P., Zeckhauser, R., Swanson, J., Lockwood, K.: The value of reputation on ebay: A controlled experiment (2003)Google Scholar
  16. 16.
    Shundong, L., Tiange, S., Yiqi, D.: Secure multi-party computation of set-inclusion and graph-inclusion. Computer Research and Development 42(10), 1647–1653 (2005)Google Scholar
  17. 17.
    Vaidya, J., Clifton, C.: Leveraging the ”multi” in secure multi-party computation. In: WPES 2003: Proceedings of the 2003 ACM workshop on Privacy in the electronic society, pp. 53–59. ACM Press, New York (2003)Google Scholar
  18. 18.
    Vaidya, J., Clifton, C.: Secure set intersection cardinality with application to association rule mining. Journal of Computer Security 13(4), 593–622 (2005)Google Scholar
  19. 19.
    Yao, A.: Protocols for secure computations (extended abstract). In: Proceedings of FOCS 1982, pp. 160–164 (1982)Google Scholar
  20. 20.
    Yao, A.: How to generate and exchange secrets. In: Proceedings of FOCS 1986, pp. 162–167 (1986)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Wesley Brandi
    • 1
  • Martin S. Olivier
    • 1
  • Alf Zugenmaier
    • 1
  1. 1.Information and Computer Security Architectures (ICSA) Research Group Department of Computer ScienceUniversity of PretoriaPretoria

Personalised recommendations