Abstract
Some users may misbehave under the cover of anonymity by, e.g., defacing webpages on Wikipedia or posting vulgar comments on YouTube. To prevent such abuse, a few anonymous credential schemes have been proposed that revoke access for misbehaving users while maintaining their anonymity such that no trusted third party (TTP) is involved in the revocation process. Recently we proposed BLACR, a TTP-free scheme that supports 'reputation-based blacklisting' - the service provider can score users' anonymous sessions (e.g., good vs. inappropriate comments) and users with insufficient reputation are denied access. The major drawback of BLACR is the linear computational overhead in the size of the reputation list, which allows it to support reputation for only a few thousand user sessions in practical settings. We propose PERM, a revocation-window-based scheme (misbehaviors must be caught within a window of time), which makes computation independent of the size of the reputation list. PERM thus supports millions of user sessions and makes reputation-based blacklisting practical for large-scale deployments.
Original language | English |
---|---|
Title of host publication | CCS'12 - Proceedings of the 2012 ACM Conference on Computer and Communications Security |
Pages | 929-940 |
Number of pages | 12 |
DOIs | |
Publication status | Published - 26 Nov 2012 |
Externally published | Yes |
Event | 2012 ACM Conference on Computer and Communications Security, CCS 2012 - Raleigh, NC, United States Duration: 16 Oct 2012 → 18 Oct 2012 |
Conference
Conference | 2012 ACM Conference on Computer and Communications Security, CCS 2012 |
---|---|
Country/Territory | United States |
City | Raleigh, NC |
Period | 16/10/12 → 18/10/12 |
Keywords
- Accountable anonymity
- Anonymous blacklisting
- Revocation
ASJC Scopus subject areas
- Software
- Computer Networks and Communications