Abstract :
Various online, networked systems offer a lightweight process for obtaining identities (e.g., confirming a valid e-mail address), so that users can easily join them. Such convenience comes with a price, however: with minimum effort, an attacker can subvert the identity management scheme in place, obtain a multitude of fake accounts, and use them for malicious purposes. In this work, we approach the issue of fake accounts in large-scale, distributed systems, by proposing a framework for adaptive identity management. Instead of relying on users´ personal information as a requirement for granting identities (unlike existing proposals), our key idea is to estimate a trust score for identity requests, and price them accordingly using a proof of work strategy. The research agenda that guided the development of this framework comprised three main items: (i) investigation of a candidate trust score function, based on an analysis of users´ identity request patterns, (ii) combination of trust scores and proof of work strategies (e.g. cryptograhic puzzles) for adaptively pricing identity requests, and (iii) reshaping of traditional proof of work strategies, in order to make them more resource-efficient, without compromising their effectiveness (in stopping attackers).
Keywords :
Internet; security of data; trusted computing; adaptive identity management; candidate trust score function; cryptograhic puzzles; fake accounts; identity request patterns; large-scale distributed systems; online networked systems; proof of work strategy; Adaptation models; Complexity theory; Computational modeling; Cryptography; Green products; Mathematical model; Proposals; Identity management; collusion attacks; fake accounts; peer-to-peer; proof of work; sybil attack;
