Abstract
A robust and scalable crowd management infrastructure is crucial in addressing operational challenges when deploying high-density sensors and actuators in a smart city. While crowdsourcing is widely used in crowd management, conventional solutions, such as Upwork and Amazon Mechanical Turk, generally depend on a trusted third-party platform. There exist several potential security concerns (e.g., sensitive leakage, single point of failure and unfair judgment) in such a centralized paradigm. Hence, a recent trend in crowdsourcing is to leverage blockchain (a decentralized ledger technology) to address some of the existing limitations. A small number of blockchain-based crowdsourcing systems (BCSs) with incentive mechanisms have been proposed in the literature, but they are generally not designed with security in mind. Thus, we study the security and privacy requirements of a secure BCS and propose a concrete solution (i.e., SecBCS) with a prototype implementation based on JUICE.
Similar content being viewed by others
References
Su K, Jie L, Fu H. Smart city and the applications. In: Proceedings of International Conference on Electronics, Ningbo, 2011. 1028–1031
Zanella A, Bui N, Castellani A, et al. Internet of things for smart cities. IEEE Internet Things J, 2014, 1: 22–32
Li M, Weng J, Yang A, et al. CrowdBC: a blockchain-based decentralized framework for crowdsourcing. IEEE Trans Parallel Distrib Syst, 2019, 30: 1251–1266
Lu Y, Tang Q, Wang G. Zebralancer: private and anonymous crowdsourcing system atop open blockchain. In: Proceedings of the 38th IEEE International Conference on Distributed Computing Systems, Vienna, 2018. 853–865
Buccafurri F, Lax G, Nicolazzo S, et al. Tweetchain: an alternative to blockchain for crowd-based applications. In: Proceedings of the 17th International Conference on Web Engineering, Rome, 2017. 386–393
Ben-Sasson E, Chiesa A, Genkin D, et al. Snarks for C: verifying program executions succinctly and in zero knowledge. In: Proceedings of Advances in Cryptology-CRYPTO, California, 2013. 90–108
McInnis B, Cosley D, Nam C, et al. Taking a HIT: designing around rejection, mistrust, risk, and workers’ experiences in amazon mechanical turk. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, California, 2016. 2271–2282
Salehi N, Irani L C, Bernstein M S, et al. We are dynamo: overcoming stalling and friction in collective action for crowd workers. In: Proceedings of the 33rd Annual ACM Conference on Human Factors in Computing Systems, Seoul, 2015. 1621–1630
Li Q, Cao G. Providing efficient privacy-aware incentives for mobile sensing. In: Proceedings of IEEE 34th International Conference on Distributed Computing Systems, Madrid, 2014. 208–217
Rahaman S, Cheng L, Yao D D, et al. Provably secure anonymous-yet-accountable crowdsensing with scalable sublinear revocation. Proc Privacy Enhancing Technol, 2017, 2017: 384–403
Gisdakis S, Giannetsos T, Papadimitratos P. Security, privacy, and incentive provision for mobile crowd sensing systems. IEEE Internet Things J, 2016, 3: 839–853
Tanas C, Delgado-Segura S, Herrera-Joancomartí J. An integrated reward and reputation mechanism for MCS preserving users’ privacy. In: Proceedings of the 10th International Workshop and the 4th International Workshop, Vienna, 2015. 83–99
Muehlemann A. Sentiment protocol: a decentralized protocol leveraging crowd sourced wisdom. 2017. ArXiv: 1710.11597
Lin C, He D B, Huang X, et al. A new transitively closed undirected graph authentication scheme for blockchain-based identity management systems. IEEE Access, 2018, 6: 28203–28212
Feng Q, He D B, Zeadally S, et al. A survey on privacy protection in blockchain system. J Netw Comput Appl, 2019, 126: 45–58
Lin C, He D B, Huang X Y, et al. Blockchain-based system for secure outsourcing of bilinear pairings. Inf Sci, 2018. doi: 10.1016/j.ins.2018.12.043
Veeningen M. Pinocchio-based adaptive zk-SNARKs and secure/correct adaptive function evaluation. In: Proceedings of the 9th International Conference on Cryptology, Senegal, 2017. 21–39
Kosba A, Miller A, Shi E, et al. Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: Proceedings of the 37th IEEE Symposium on Security and Privacy, California, 2016. 839–858
Christidis K, Devetsikiotis M. Blockchains and smart contracts for the Internet of things. IEEE Access, 2016, 4: 2292–2303
Zhang Y, Wen J. The IoT electric business model: using blockchain technology for the Internet of things. Peer-to-Peer Netw Appl, 2017, 10: 983–994
Parizi R M, Dehghantanha A, Choo K K R, et al. Empirical vulnerability analysis of automated smart contracts security testing on blockchains. In: Proceedings of the 28th Annual International Conference on Computer Science and Software Engineering, Markham, 2018. 103–113
Luu L, Chu D H, Olickel H, et al. Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, New York, 2016. 254–269
Mavridou A, Laszka A. Designing secure ethereum smart contracts: a finite state machine based approach. 2017. ArXiv: 1711.09327
Parizi R M, Singh A, Dehghantanha A. Smart contract programming languages on blockchains: an empirical evaluation of usability and security. In: Proceedings of the 1st International Conference on Blockchain Blockchain, Washington, 2018. 75–91
Chaum D, van Heyst E. Group signatures. In: Proceedings of Advances in Cryptology-EUROCRYPT, Brighton, 1991. 257–265
Ho T H, Yen L H, Tseng C C. Simple-yet-efficient construction and revocation of group signatures. Int J Found Comput Sci, 2015, 26: 611–624
Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, 2011. 53–70
Daemen J, Rijmen V. The Design of Rijndael: AES — The Advanced Encryption Standard. Berlin: Springer, 2002
Poulpita. Trusted execution environment, millions of users have one, do you have yours? 2017. https://poulpita.com/2014/02/18/trusted-execution-environment-do-you-have-yours/
Lin C, He D, Huang X, et al. BSeIn: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. J Netw Comput Appl, 2018, 116: 42–52
Castro M, Liskov B. Practical byzantine fault tolerance. In: Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation, Louisiana, 1999. 173–186
Ongaro D, Ousterhout J. In search of an understandable consensus algorithm. In: Proceedings of 2014 USENIX Annual Technical Conference, Philadelphia, Pennsylvania, 2014. 305–319
Acknowledgements
This work was supported in part by National Key Research and Development Program of China (Grant No. 2018YFC1604004), National Natural Science Foundation of China (Grant Nos. 61572379, 61772377, 61841701), and Natural Science Foundation of Hubei Province of China (Grant Nos. 2017CFA007, 2015CFA068). The last author is supported by Cloud Technology Endowed Professorship. We thank the anonymous reviewers for their valuable comments and feedback which helped us to improve the content and presentation of this paper.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lin, C., He, D., Zeadally, S. et al. SecBCS: a secure and privacy-preserving blockchain-based crowdsourcing system. Sci. China Inf. Sci. 63, 130102 (2020). https://doi.org/10.1007/s11432-019-9893-2
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11432-019-9893-2