Anonymous Authentication On Trust In Cyber-Physical-Social Systems

Cyber-Physical-Social System(CPSS)is a system that integrates cyber space,physical space,and social space.It is widely applied into smart cities,pervasive social networking(PSN),smart grids,mobile crowdsourcing(MCS),and so on.CPSS is featured with a series of unique characteristics,such as human-computer hybrid intelligence,integration of various spaces,network heterogeneity,and multi-source information.However,it confronts a series of security,privacy,and trust challenges.Trust is a comprehensive concept that considers honesty,reliability,ability and other factors of an entity.Authentication on trust in CPSS can help CPSS nodes distinguish trusted/untrusted nodes,encourage user participation,and enhance the security and trust of CPSS.Considering privacy requirements in CPSS,the authentication on trust needs to preserve user identity privacy,i.e.,anonymous authentication on trust is highly expected in CPSS.Network heterogeneity in CPSS makes traditional security and privacy solutions hard to be applied.Therefore,it is necessary to design anonymous authentication on trust for different CPSS architectures.However,we are facing several problems when introducing anonymous authentication on trust into CPSS.First,anonymous authentication on trust need firstly overcome the contradiction between trust,privacy,and efficiency.Second,in some scenarios,a connection between CPSS nodes and a centralized party is unavailable,and as a result sometimes nodes have to participate in CPSS activities without the presence of any centralized trusted parties.Therefore,it is necessary to offer semi-centralized anonymous authentication on trust so that nodes can still maintain trustworthy communications even if the centralized trusted party is not available.Third,centralized CPSS architectures usually suffer from security and privacy issues due to single-point-of-failure.Besides,in some scenarios,it is difficult to deploy a centralized trusted server in practive.Therefore,decentralized anonymous authentication on trust is highly expected.However,in such a scenario,it lacks a trusted center to monitor node behaviors,evaluate node trust,and manage node keys,which makes decentralized anonymous authentication on trust become a big challenge.In this PhD thesis,we studied the above research problems and proposed a series of schemes for anonymous authentication on trust.Specifically,the main contributions of this thesis are summarized as follows:(1)To address the contradiction between trust,privacy,and efficiency,two centralized schemes were designed in Pervasive Social Networking(PSN)for anonymous authentication on trust.Among them,Scheme 1 leverages a Trusted Authority(TA)to conduct accurate trust evaluation and issues trust-based tokens to PSN nodes.A PSN node can use its token to generate a short-lived signing key to sign messages,and others can verify its trust through the generated signature.Scheme 1 is relatively efficient and can satisfy the basic security requirements of anonymous authentication.However,the list of valid tokens used to verify the trust of nodes involves all valid tokens,which makes it unsuitable for a large-scale network.To overcome this shortcoming,we designed Scheme 2 based on group signature.The basic idea is to embed trust into a group signature.PSN nodes can directly verify others’ trust by checking the signatures they generate.Scheme 2 only requires the node to maintain the list of pseudonyms that have been revoked during a validity period,and thereby it greatly reduces the length of the issued list,thus more efficient than Scheme 1.(2)In order to support semi-centralized anonymous authentication on trust in PSN,we proposed Scheme 3.Scheme 3 focuses on the problems of trust evaluation and trust credentials distribution without the support of a centralized party.Scheme 3 deploys multiple distributed nodes with high trust and capacities as Authority Points(AP)for trust evaluation instead of only using a centralized TA.Considering the potential misbehaviors of APs,Scheme 3 supports multiple APs working together to evaluate node trust and generate corresponding trust credentials to achieve trustworthy and anonymous authentication on trust when a centralized TA is not always available.(3)We explored decentralized anonymous authentication on trust in Mobile Crowdsourcing(MCS).We proposed Scheme 4 to establish a secure and trustworthy decentralized MCS architecture and designed Scheme 5 for decentralized authentication on trust.Scheme 4 utilizes blockchain to build up a decentralized MCS service platform.It involves a novel and efficient consensus mechanism that supports decentralized and trustworthy trust evaluation.Besides,we designed an incentive mechanism based on trust to incent honest behaviors of MCS nodes.Based on Scheme 4,we further designed a decentralized anonymous authentication on trust by applying Intel SGX trusted execution environment.Owing to the utilization of blockchain and SGX,we achieve privacy-preserving trust evaluation with effective decentralized anonymous authentication on trust in MCS.