A framework for anonymous but accountable self-organizing communities

Abstract In this paper we propose a novel architecture and approach to provide accountability for Web communities that require a high-level of privacy. A two-layered privacy protection architecture is proposed, that supports (i) registration of participants and enforcement of community rules, called internal accountability , and (ii) rule-based interaction with real world organizations, called external accountability . Our security protocols build upon community-based trust and limit the exposure of private data on trusted third parties. The two-layered architecture protects the mappings between real users and their virtual identities, and among the virtual users, while guaranteeing internal and external accountability. We target Web communities that are dynamic and self-organizing, i.e. roles and contributions of participants may change over time. The proposed concepts and protocols are implemented in our SyllabNet project that supports anonymous course evaluations by university students.

[1]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[2]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[3]  Aviel D. Rubin,et al.  Publius: a robust, tamper-evident, censorship-resistant web publishing system , 2000 .

[4]  Philip D. MacKenzie,et al.  Anonymous Investing: Hiding the Identities of Stockholders , 1999, Financial Cryptography.

[5]  Andrew Schulman,et al.  Deanonymizing Users of the SafeWeb Anonymizing Service , 2002, USENIX Security Symposium.

[6]  Holger Vogt,et al.  Offline Payments with Auditable Tracing , 2002, Financial Cryptography.

[7]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[8]  Dan Boneh,et al.  Experimenting with Shared Generation of RSA Keys , 1999, NDSS.

[9]  Evangelos Kotsovinos,et al.  Pinocchio: Incentives for Honest Participation in Distributed Trust Management , 2004, iTrust.

[10]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[11]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[12]  Levente Buttyán,et al.  Accountable anonymous access to services in mobile communication systems , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[13]  Brian Neil Levine,et al.  A protocol for anonymous communication over the Internet , 2000, CCS.

[14]  Jean A. Tkach,et al.  Neurostimulation system used for deep brain stimulation (DBS): MR safety issues and implications of failing to follow safety recommendations. , 2004, Investigative radiology.

[15]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[16]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[17]  Yossi Matias,et al.  Consistent, yet anonymous, Web access with LPWA , 1999, CACM.

[18]  Lorrie Faith Cranor,et al.  Publius: A Robust, Tamper-Evident, Censorship-Resistant, and Source-Anonymous Web Publishing System , 2000, USENIX Security Symposium.

[19]  András Lörincz,et al.  Anonymity and accountability in self-organizing electronic communities , 2002, WPES '02.

[20]  Paul F. Syverson,et al.  Authentic Attributes with Fine-Grained Anonymity Protection , 2000, Financial Cryptography.

[21]  David A. Wagner,et al.  Privacy-enhancing technologies for the Internet , 1997, Proceedings IEEE COMPCON 97. Digest of Papers.

[22]  Richard S. Sutton,et al.  Reinforcement Learning: An Introduction , 1998, IEEE Trans. Neural Networks.

[23]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[24]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[25]  B. Preneel,et al.  Anonymity controlled electronic payment systems , 1999 .

[26]  Zsolt Palotai,et al.  Distributed mining of the Internet for novel news: evolutionary community of news foragers , 2004, 2004 IEEE International Joint Conference on Neural Networks (IEEE Cat. No.04CH37541).

[27]  Gerard J. Holzmann,et al.  Design and validation of computer protocols , 1991 .