research-article

A traceable and revocable decentralized multi-authority privacy protection scheme for social metaverse

Authors:

Guojun WangAuthors Info & Claims

Volume 140, Issue C

https://doi.org/10.1016/j.sysarc.2023.102899

Published: 01 July 2023 Publication History

Abstract

Intelligent identification of close friends is the mainstream approach to protect users’ multi-dimensional data in the social metaverse. It provides a fine-grained matching service for users. However, users enjoy these benefits at the cost of leaking personal multi-dimensional data. The existing social metaverse-based intelligent identification of close friends privacy protection models typically use centralized mechanisms. This will limit users’ control over their data and make them vulnerable to privacy leakage and data misuse. To address these problems, this paper proposes a traceable and revocable decentralized multi-authority privacy protection scheme (TRDM) for social metaverse. The scheme establishes multiple authority centers based on users’ multi-dimensional data, overcoming single point of failure and performance bottlenecks. In addition, TRDM partially hides access policies and supports multi-dimensional attribute access control in social metaverse environment. By introducing leaf node values of binary trees, TRDM achieves the traceability and completes the revocation of malicious users by updating part of the ciphertext. Security analysis and experiments show that TRDM satisfies the requirement of static security under the random prediction model and has better performance in the revocation of malicious users.

Highlights

•

We propose a new TRDM approach to safeguard users’ multi-dimensional data and offer fine-grained matching services.

•

We use a decentralized multi-authority system to reduce single point of failure and eliminate performance bottlenecks.

•

We bind user identity information and the decryption key together to enable the tracking of malicious users.

•

We complete the revocation of malicious users by partially updating the ciphertext.

References

[1]

Zhang Shaobo, Mao Xinjun, Choo Kim-Kwang Raymond, Peng Tao, Wang Guojun, A trajectory privacy-preserving scheme based on a dual-k mechanism for continuous location-based services, Inform. Sci. 527 (2020) 406–419.

[2]

Zhao Guichuan, Jiang Qi, Liu Ximeng, Ma Xindi, Zhang Ning, Ma Jianfeng, Electrocardiogram based group device pairing for wearables, IEEE Trans. Mob. Comput. (2022) 1–17.

[3]

Zhu Xiaoyu, Luo Yueyi, Liu Anfeng, Xiong Neal N, Dong Mianxiong, Zhang Shaobo, A deep reinforcement learning-based resource management game in vehicular edge computing, IEEE Trans. Intell. Transp. Syst. 23 (3) (2021) 2422–2433.

[4]

Yuan Liujie, Zhang Shaobo, Zhu Gengming, Alinani Karim, Privacy-preserving mechanism for mixed data clustering with local differential privacy, Concurrency and Computation Practice and Experience (2021) Online.

[5]

Zhang Rui, Zhang Jinxue, Zhang Yanchao, Sun Jinyuan, Yan Guanhua, Privacy-preserving profile matching for proximity-based mobile social networking, IEEE J. Sel. Areas Commun. 31 (9) (2013) 656–668.

[6]

Wang Yuyu, Pan Jiaxin, Chen Yu, Fine-grained secure attribute-based encryption, in: Annual International Cryptology Conference, Springer, 2021, pp. 179–207.

[7]

Liu Qin, Hao Zhengzheng, Peng Yu, Jiang Hongbo, Wu Jie, Peng Tao, Wang Guojun, Zhang Shaobo, Secvkq: Secure and verifiable knn queries in sensor–cloud systems, J. Syst. Archit. 120 (2021).

[8]

Xiang Xinyin, Zhao Xingwen, Blockchain-assisted searchable attribute-based encryption for e-health systems, J. Syst. Archit. 124 (2022).

[9]

Dwivedi Yogesh K, Hughes Laurie, Baabdullah Abdullah M, Ribeiro-Navarrete Samuel, Giannakis Mihalis, Al-Debei Mutaz M, Dennehy Denis, Metri Bhimaraya, Buhalis Dimitrios, Cheung Christy MK, et al., Metaverse beyond the hype: Multidisciplinary perspectives on emerging challenges, opportunities, and agenda for research, practice and policy, Int. J. Inf. Manage. 66 (2022).

[10]

Zhang Shaobo, Wang Guojun, Bhuiyan Md Zakirul Alam, Liu Qin, A dual privacy preserving scheme in continuous location-based services, IEEE Internet Things J. 5 (5) (2018) 4191–4200.

[11]

Zhang Shaobo, Choo Kim-Kwang Raymond, Liu Qin, Wang Guojun, Enhancing privacy through uniform grid and caching in location-based services, Future Gener. Comput. Syst. 86 (2018) 881–892.

[12]

Garrison William C, Shull Adam, Myers Steven, Lee Adam J, On the practicality of cryptographically enforcing dynamic access control policies in the cloud, in: 2016 IEEE Symposium on Security and Privacy, SP, IEEE, 2016, pp. 819–838.

[13]

Chen Miaojiang, Liu Wei, Wang Tian, Zhang Shaobo, Liu Anfeng, A game-based deep reinforcement learning approach for energy-efficient computation in MEC systems, Knowl.-Based Syst. 235 (2022).

Digital Library

[14]

Li Xiong, Shang Shuai, Liu Shanpeng, Gu Ke, Jan Mian Ahmad, Zhang Xiaosong, Khan Fazlullah, An identity-based data integrity auditing scheme for cloud-based maritime transportation systems, IEEE Trans. Intell. Transp. Syst. (2022) 2556–2567.

[15]

Liang Wei, Yang Yang, Yang Ce, Hu Yonghua, Xie Songyou, Li Kuan-Ching, Cao Jiannong, PDPChain: A consortium blockchain-based privacy protection scheme for personal data, IEEE Transactions on Reliability (2022) 1–13.

[16]

Xi Nannan, Chen Juan, Gama Filipe, Riar Marc, Hamari Juho, The challenges of entering the metaverse: An experiment on the effect of extended reality on workload, Inf. Syst. Front. (2022) 1–22.

[17]

Agrawal Shweta, Yadav Anshu, Yamada Shota, Multi-input attribute based encryption and predicate encryption, in: Annual International Cryptology Conference, Springer, 2022, pp. 590–621.

[18]

Du Leilei, Li Kenli, Liu Qin, Wu Zhiqiang, Zhang Shaobo, Dynamic multi-client searchable symmetric encryption with support for boolean queries, Inform. Sci. 506 (2020) 234–257.

[19]

Wang Yue, Yang Lin, Chen Xiaoyun, Zhang Xiaofeng, He Zhenyu, Enhancing social network privacy with accumulated non-zero prior knowledge, Inform. Sci. 445 (2018) 6–21.

[20]

Gabrielle Beck, Maximilian Zinkus, Matthew Green, Automating the development of chosen ciphertext attacks, in: 29th USENIX Security Symposium (USENIX Security 20), 2020, pp. 1821–1837.

[21]

Zhang Shiwen, Hu Biao, Liang Wei, Li Kuan-Ching, Gupta Brij B., A caching-based dual k-anonymous location privacy-preserving scheme for edge computing, IEEE Internet of Things Journal (2023) 1–14.

[22]

Liu Qin, Hou Panlin, Wang Guojun, Peng Tao, Zhang Shaobo, Intelligent route planning on large road networks with efficiency and privacy, J. Parallel Distrib. Comput. 133 (2019) 93–106.

[23]

Fatemah Alharbi, Arwa Alrawais, Abdulrahman Bin Rabiah, Silas Richelson, Nael Abu-Ghazaleh, {CSProp}: Ciphertext and Signature Propagation {Low-Overhead}{Public-Key} Cryptosystem for {IoT} Environments, in: 30th USENIX Security Symposium (USENIX Security 21), 2021, pp. 609–626.

[24]

Li Ming, Cao Ning, Yu Shucheng, Lou Wenjing, Findu: Privacy-preserving personal profile matching in mobile social networks, in: 2011 Proceedings IEEE INFOCOM, IEEE, 2011, pp. 2435–2443.

[25]

Zhang Shaobo, Wang Guojun, Liu Qin, Abawajy Jemal H., A trajectory privacy-preserving scheme based on query exchange in mobile social networks, Soft Comput. 22 (2018) 6121–6133.

[26]

Zhu Haojin, Du Suguo, Li Muyuan, Gao Zhaoyu, Fairness-aware and privacy-preserving friend matching protocol in mobile social networks, IEEE Trans. Emerg. Top. Comput. 1 (1) (2013) 192–200.

[27]

Wang Yong, Hou Jie, Xia Yun, Li Hong-zong, Efficient privacy preserving matchmaking for mobile social networking, Concurr. Comput.: Pract. Exper. 27 (12) (2015) 2924–2937.

[28]

Zhang Shaobo, Li Xiong, Tan Zhiyuan, Peng Tao, Wang Guojun, A caching and spatial K-anonymity driven privacy enhancement scheme in continuous location-based services, Future Gener. Comput. Syst. 94 (2019) 40–50.

[29]

Zhang Yinghui, Zheng Dong, Deng Robert H., Security and privacy in smart health: Efficient policy-hiding attribute-based access control, IEEE Internet Things J. 5 (3) (2018) 2130–2145.

[30]

Ning Jianting, Cao Zhenfu, Dong Xiaolei, Wei Lifei, Lin Xiaodong, Large universe ciphertext-policy attribute-based encryption with white-box traceability, in: European Symposium on Research in Computer Security, Springer, 2014, pp. 55–72.

[31]

Ning Jianting, Dong Xiaolei, Cao Zhenfu, Wei Lifei, Lin Xiaodong, White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes, IEEE Trans. Inf. Forensics Secur. 10 (6) (2015) 1274–1288.

Digital Library

[32]

Liu Zhenhua, Duan Shuhong, Zhou Peilin, Wang Baocang, Traceable-then-revocable ciphertext-policy attribute-based encryption scheme, Future Gener. Comput. Syst. 93 (2019) 903–913.

Digital Library

[33]

Hoang Van-Hoan, Lehtihet Elyes, Ghamri-Doudane Yacine, Forward-secure data outsourcing based on revocable attribute-based encryption, in: 2019 15th International Wireless Communications & Mobile Computing Conference, IWCMC, IEEE, 2019, pp. 1839–1846.

[34]

Han Dezhi, Pan Nannan, Li Kuan-Ching, A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection, IEEE Trans. Dependable Secure Comput. (2020).

[35]

Zhou Lei, Luo Entao, Wang Guojun, Yu Shui, Secure fine-grained friend-making scheme based on hierarchical management in mobile social networks, Inform. Sci. 554 (2021) 15–32.

[36]

Sandor Voundi Koe Arthur, Lin Yaping, Li Xiehua, Lin Feng, Zhang Shiwen, Efficient decentralized multi-authority attribute based encryption for mobile cloud data storage, J. Netw. Comput. Appl. 129 (2019) 25–36.

[37]

Zhang Kai, Li Hui, Ma Jianfeng, Liu Ximeng, Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability, Sci. China Inf. Sci. 61 (3) (2018) 1–13.

[38]

Zhang Leyou, Zhao Chuchu, Wu Qing, Mu Yi, Rezaeibagha Fatemeh, A traceable and revocable multi-authority access control scheme with privacy preserving for mhealth, J. Syst. Archit. 130 (2022).

[39]

Zhang Jiawei, Ma Jianfeng, Yang Yanbo, Liu Ximeng, Xiong Neal N, Revocable and privacy-preserving decentralized data sharing framework for fog-assisted internet of things, IEEE Internet Things J. (2021).

[40]

Zhang Shaobo, Guo Tao, Liu Qin, Luo Entao, Choo Kim-Kwang Raymond, Wang Guojun, ALPS: Achieving accuracy-aware location privacy service via assisted regions, Future Generation Computer Systems 145 (2023) 189–199.

[41]

Shafi Goldwasser, Silvio Micali, Probabilistic encryption, J. Comput. System Sci. 28 (2) (1984) 270–299.

[42]

Boneh Dan, Boyen Xavier, Short signatures without random oracles and the SDH assumption in bilinear groups, J. Cryptol. 21 (2) (2008) 149–177.

[43]

Rouselakis Yannis, Waters Brent, Efficient statically-secure large-universe multi-authority attribute-based encryption, in: International Conference on Financial Cryptography and Data Security, Springer, 2015, pp. 315–332.

Cited By

Zhang SPan YLiu QYan ZChoo KWang G(2024)Backdoor Attacks and Defenses Targeting Multi-Domain AI Models: A Comprehensive ReviewACM Computing Surveys10.1145/370472557:4(1-35)Online publication date: 10-Dec-2024
https://dl.acm.org/doi/10.1145/3704725
Sha LChen XXiao FWang ZLong ZFan QDong J(2024)VRVul-Discovery: BiLSTM-based Vulnerability Discovery for Virtual Reality Devices in MetaverseACM Transactions on Multimedia Computing, Communications, and Applications10.1145/367760921:2(1-19)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3677609

Recommendations

Traceable and revocable multi-authority attribute-based keyword search for cloud storage
Abstract
Ciphertext-Policy Attribute-Based Keyword Search (CP-ABKS) provides data privacy and achieves fine-grained access control over encrypted data in the cloud. However, authorized users may misuse the secret key for financial benefits in a ...
Traceable-then-revocable ciphertext-policy attribute-based encryption scheme
Abstract
A traceable ciphertext-policy attribute-based encryption (T-CPABE) scheme can trace a malicious user, who may leak her/his decryption privilege to a third party for some benefits. However, even if the malicious user is traced, the ...
Highlights
- We propose a ciphertext-policy attribute-based encryption with white-box traceability and direct user revocation.
Efficient revocable certificateless public key encryption with a delegated revocation authority

Quite recently, Shen et al. proposed a revocable certificateless public key encryption RCL-PKE scheme in the standard model, in which the key generation center KGC can efficiently revoke misbehaving or compromised users. However, their scheme was shown ...

Comments

Information & Contributors

Information

Published In

cover image Journal of Systems Architecture: the EUROMICRO Journal

Journal of Systems Architecture: the EUROMICRO Journal Volume 140, Issue C

Jul 2023

146 pages

ISSN:1383-7621

Issue’s Table of Contents

Elsevier B.V.

Publisher

Elsevier North-Holland, Inc.

United States

Publication History

Published: 01 July 2023

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang SPan YLiu QYan ZChoo KWang G(2024)Backdoor Attacks and Defenses Targeting Multi-Domain AI Models: A Comprehensive ReviewACM Computing Surveys10.1145/370472557:4(1-35)Online publication date: 10-Dec-2024
https://dl.acm.org/doi/10.1145/3704725
Sha LChen XXiao FWang ZLong ZFan QDong J(2024)VRVul-Discovery: BiLSTM-based Vulnerability Discovery for Virtual Reality Devices in MetaverseACM Transactions on Multimedia Computing, Communications, and Applications10.1145/367760921:2(1-19)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3677609

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents