University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Bootstrapping Online Trust: Timeline Activity Proofs

Dragan, Catalin and Manulis, Mark (2018) Bootstrapping Online Trust: Timeline Activity Proofs In: International Workshop on Cryptocurrencies and Blockchain Technology.

[img]
Preview
Text
2.pdf - Accepted version Manuscript

Download (354kB) | Preview

Abstract

Establishing initial trust between a new user and an online service, is being generally facilitated by centralized social media platforms, i.e., Facebook, Google, by allowing users to use their social profiles to prove “trustworthiness” to a new service which has some verification policy with regard to the information that it retrieves from the profiles. Typically, only static information, e.g., name, age, contact details, number of friends, are being used to establish the initial trust. However, such information provides only weak trust guarantees, as (malicious) users can trivially create new profiles and populate them with static data fast to convince the new service. We argue that the way the profiles are used over (longer) periods of time should play a more prominent role in the initial trust establishment. Intuitively, verification policies, in addition to static data, could check whether profiles are being used on a regular basis and have a convincing footprint of activities over various periods of time to be perceived as more trustworthy. In this paper, we introduce Timeline Activity Proofs (TAP) as a new trust factor. TAP allows online users to manage their timeline activities in a privacy-preserving way and use them to bootstrap online trust, e.g., as part of registration to a new service. In our model we do not rely on any centralized social media platform. Instead, users are given full control over the activities that they wish to use as part of TAP proofs. A distributed public ledger is used to provide the crucial integrity guarantees, i.e., that activities cannot be tampered with retrospectively. Our TAP construction adopts standard cryptographic techniques to enable authorized access to encrypted activities of a user for the purpose of policy verification and is proven to provide data confidentiality protecting the privacy of user’s activities and authenticated policy compliance protecting verifiers from users who cannot show the required footprint of past activities.

Item Type: Conference or Workshop Item (Conference Paper)
Divisions : Faculty of Engineering and Physical Sciences > Computer Science
Authors :
NameEmailORCID
Dragan, Catalinc.dragan@surrey.ac.uk
Manulis, Markm.manulis@surrey.ac.uk
Date : 7 September 2018
Grant Title : EPSRC Grant
Copyright Disclaimer : © Springer Nature Switzerland AG 2018
Projects : TAPESTRY (ESRC Project)
Depositing User : James Marshall
Date Deposited : 28 Jan 2020 14:42
Last Modified : 28 Jan 2020 14:42
URI: http://epubs.surrey.ac.uk/id/eprint/853454

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year


Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800