MobChain:Three-Way Collusion Resistance in Witness-Oriented Location Proof Systems Using Distributed Consensus

Smart devices have accentuated the importance of geolocation information. Geolocation identification using smart devices has paved the path for incentive-based location-based services (LBS). However, a user’s full control over a smart device can allow tampering of the location proof. Witness-oriented location proof systems (LPS) have emerged to resist the generation of false proofs and mitigate collusion attacks. However, witness-oriented LPS are still susceptible to three-way collusion attacks (involving the user, location authority, and the witness). To overcome the threat of three-way collusion in existing schemes, we introduce a decentralized consensus protocol called MobChain in this paper. In this scheme the selection of a witness and location authority is achieved through a distributed consensus of nodes in an underlying P2P network that establishes a private blockchain. The persistent provenance data over the blockchain provides strong security guarantees; as a result, the forging and manipulation of location becomes impractical. MobChain provides secure location provenance architecture, relying on decentralized decision making for the selection of participants of the protocol thereby addressing the three-way collusion problem. Our prototype implementation and comparison with the state-of-the-art solutions show that MobChain is computationally efficient and highly available while improving the security of LPS

Enabling Trustworthy Service Evaluation in Service-Oriented Mobile Social Network

We propose a Trustworthy Service Evaluation (TSE) system to enable users to share service reviews inservice-oriented mobile social networks (S-MSNs). Each service provider independently maintains a TSE for itself, which collects andstores users’ reviews about its services without requiring any third trusted authority. The service reviews can then be made available tointerested users in making wise service selection decisions. It identify three unique service review attacks, i.e., linkability, rejection, and modification attacks, and develop sophisticated security mechanisms for the TSE to deal with these attacks. Specifically, the basicTSE (bTSE) enables users to distributedly and cooperatively submit their reviews in an integrated chain form by using hierarchical and aggregate signature techniques. It restricts the service providers to reject, modify, or delete the reviews. Thus, the integrity and authenticity of reviews are improved. Further, It extend the bTSE to a Sybil-resisted TSE (SrTSE) to enable the detection of two typical sybil attacks. In the SrTSE, if a user generates multiple reviews toward a vendor in a predefined time slot with differentpseudonyms, the real identity of that user will be revealed. Through security analysis and numerical results, It show that the bTSE and the SrTSE effectively resist the service review attacks and the SrTSE additionally detects the Sybil attacks in an efficient manner.Through performance evaluation, It show that the bTSE achieves better performance in terms of submission rate and delay than a service review system that does not adopt user cooperation