|
 ABSTRACT
In this paper we introduce a system called Crowds for protecting users' anonymity on the world-wide-web. Crowds, named for the notion of “blending into a crowd,” operates by grouping users into a large and geographically diverse group (crowd) that collectively issues requests on behalf of its members. Web servers are unable to learn the true source of a request because it is equally likely to have originated from any member of the crowd, and even collaborating crowd members cannot distinguish the originator of a request from a member who is merely forwarding the request on behalf of another. We describe the design, implementation, security, performance, and scalability of our system. Our security analysis introduces degrees of anonymity as an important tool for describing and proving anonymity properties.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
BRIER, S. 1997. How to keep your privacy: Battle lines get clearer. New York Times (Jan. 13).
|
 |
2
|
|
| |
3
|
CRISTIAN, F. 1991. Reaching agreement on processor group membership in synchronous distributed systems. Distrib. Comput. 4, 175-187.
|
| |
4
|
DESWARTE, Y., BLAIN, L., AND FABRE, J. 1991. Intrusion tolerance in distributed computing systems. In Proceedings of the 1991 IEEE Symposium on Research on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, 110-121.
|
| |
5
|
DIFFIE, W. AND HELLMAN, M. E. 1976. New directions in cryptography. IEEE Trans. Inf. Theor. 22, 6.
|
| |
6
|
Eran Gabber , Phillip B. Gibbons , Yossi Matias , Alain J. Mayer, How to Make Personalized Web Browising Simple, Secure, and Anonymous, Proceedings of the First International Conference on Financial Cryptography, p.17-32, February 24-28, 1997
|
| |
7
|
|
| |
8
|
GONG, L. 1993. Increasing availability and security of an authentication service. IEEE J. Sel. Areas Commun. 5, 11 (June), 657-662.
|
| |
9
|
|
| |
10
|
MILLER, L. 1997. No solitude in cyberspace. USA Today (June 9).
|
| |
11
|
MOSER, L. E., MELLIAR-SMITH, P. M., AND AGRAWALA, V. 1991. Membership algorithms for asynchronous distributed systems. In Proceedings of the 11th IEEE International Conference on Distributed Computing Systems (Arlington, TX, May). IEEE Computer Society Press, Los Alamitos, CA, 480-488.
|
| |
12
|
|
| |
13
|
|
| |
14
|
Andreas Pfitzmann , Birgit Pfitzmann , Michael Waidner, ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead, Kommunikation in Verteilten Systemen, Grundlagen, Anwendungen, Betrieb, GI/ITG-Fachtagung, p.451-463, February 20-22, 1991
|
| |
15
|
|
| |
16
|
|
| |
17
|
|
| |
18
|
|
| |
19
|
|
| |
20
|
|
| |
21
|
|
CITED BY 161
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Robert Morris , John Jannotti , Frans Kaashoek , Jinyang Li , Douglas Decouto, CarNet: a scalable ad hoc wireless network system, Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system, September 17-20, 2000, Kolding, Denmark
|
|
|
Eran Gabber , Phillip B. Gibbons , David M. Kristol , Yossi Matias , Alain Mayer, Consistent, yet anonymous, Web access with LPWA, Communications of the ACM, v.42 n.2, p.42-47, Feb. 1999
|
|
|
|
|
|
|
|
|
|
|
|
Bruno Gusmão Rocha , Virgílio A. F. Almeida , Lucila Ishitani , Wagner Meira, Jr., Disclosing users' data in an environment that preserves privacy, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.71-80, November 21-21, 2002, Washington, DC
|
|
|
|
|
|
Robert M. Arlein , Ben Jai , Markus Jakobsson , Fabian Monrose , Michael K. Reiter, Privacy-preserving global customization, Proceedings of the 2nd ACM conference on Electronic commerce, p.176-184, October 17-20, 2000, Minneapolis, Minnesota, United States
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jan Camenisch , abhi shelat , Dieter Sommer , Simone Fischer-Hübner , Marit Hansen , Henry Krasemann , Gérard Lacoste , Ronald Leenes , Jimmy Tseng, Privacy and identity management for everyone, Proceedings of the 2005 workshop on Digital identity management, November 11-11, 2005, Fairfax, VA, USA
|
|
|
Csilla Farkas , Gábor Ziegler , Attila Meretei , András Lörincz, Anonymity and accountability in self-organizing electronic communities, Proceedings of the 2002 ACM workshop on Privacy in the Electronic Society, p.81-90, November 21-21, 2002, Washington, DC
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Azzedine Boukerche , Khalil El-Khatib , Li Xu , Larry Korba, A novel solution for achieving anonymity in wireless ad hoc networks, Proceedings of the 1st ACM international workshop on Performance evaluation of wireless ad hoc, sensor, and ubiquitous networks, October 04-04, 2004, Venezia, Italy
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jiejun Kong , Dapeng Wu , Xiaoyan Hong , Mario Gerla, Mobile traffic sensor network versus motion-MIX: tracing and protecting mobile wireless nodes, Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks, November 07-07, 2005, Alexandria, VA, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Flavio D. Garcia , Ichiro Hasuo , Wolter Pieters , Peter van Rossum, Provable anonymity, Proceedings of the 2005 ACM workshop on Formal methods in security engineering, November 11-11, 2005, Fairfax, VA, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Leonardo A. Martucci , Markulf Kohlweiss , Christer Andersson , Andriy Panchenko, Self-certified Sybil-free pseudonyms, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Marc Waldman , Aviel D. Rubin , Lorrie Faith Cranor, Publius: a robust, tamper-evident, censorship-resistant web publishing system, Proceedings of the 9th conference on USENIX Security Symposium, p.5-5, August 14-17, 2000, Denver, Colorado
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Daniel Bleichenbacher , Eran Gabber , Phillip B. Gibbons , Yossi Matias , Alain Mayer, On secure and pseudonymous client-relationships with multiple servers, Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce, p.9-9, August 31-September 03, 1998, Boston, Massachusetts
|
|
|
|
|
|
Shintaro Urabe , Jiahong Wong , Eiichiro Kodama , Toyoo Takata, A high collusion-resistant approach to distributed privacy-preserving data mining, Proceedings of the 25th conference on Proceedings of the 25th IASTED International Multi-Conference: parallel and distributed computing and networks, p.326-331, February 13-15, 2007, Innsbruck, Austria
|
|
|
Fengjun Li , Bo Luo , Peng Liu , Dongwon Lee , Chao-Hsien Chu, Automaton segmentation: a new approach to preserve privacy in xml information brokering, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
|
|
|
G. Aggarwal , M. Bawa , P. Ganesan , H. Garcia-Molina , K. Kenthapadi , N. Mishra , R. Motwani , U. Srivastava , D. Thomas , J. Widom , Y. Xu, Vision paper: enabling privacy for the paranoids, Proceedings of the Thirtieth international conference on Very large data bases, p.708-719, August 31-September 03, 2004, Toronto, Canada
|
|
|
Mayank Bawa , Roberto J. Bayardo, Jr. , Rakesh Agrawal, Privacy-preserving indexing of documents on the network, Proceedings of the 29th international conference on Very large data bases, p.922-933, September 09-12, 2003, Berlin, Germany
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Kevin Bauer , Damon McCoy , Dirk Grunwald , Tadayoshi Kohno , Douglas Sicker, Low-resource routing attacks against tor, Proceedings of the 2007 ACM workshop on Privacy in electronic society, October 29-29, 2007, Alexandria, Virginia, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Kevin Bauer , Damon McCoy , Dirk Grunwald , Douglas Sicker, BitBlender: light-weight anonymity for BitTorrent, Proceedings of the workshop on Applications of private and anonymous communications, p.1-8, September 22-25, 2008, Istanbul, Turkey
|
|
|
|
|
|
|
|
|
|
|
|
Michael Backes , Marek Hamerlik , Alessandro Linari , Matteo Maffei , Christos Tryfonopoulos , Gerhard Weikum, Anonymous and censorship resistant content sharing in unstructured overlays, Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing, August 18-21, 2008, Toronto, Canada
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Douglas J. Kelly , Richard A. Raines , Michael R. Grimaila , Rusty O. Baldwin , Barry E. Mullins, A survey of state-of-the-art in anonymity metrics, Proceedings of the 1st ACM workshop on Network data anonymization, October 31-31, 2008, Alexandria, Virginia, USA
|
|
|
|
|
|
Li-ming Hao , Song-nian Lu , Shu-tang Yang , Ning Liu , Qi-shan Huang, Analysis and Improvement of an Anonymity Scheme for P2P Reputation Systems, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, v.E91-A n.10, p.2893-2895, October 2008
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Jianming Zhou , Wensheng Zhang , Daji Qiao, Protecting storage location privacy in sensor networks, The Fourth International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness & Workshops, August 14-17, 2007, Vancouver, Canada
|
|
|
|
|
|
|
|
|
|
|
|
|
REVIEW
"Valentin Cristea : Reviewer"
The Crowds system implements a new approach to protecting users'
privacy when they retrieve information on the Web. The approach is based
on the idea of grouping Web users into a geographically diverse
collection, called a crowd, and hiding ea
more...
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
C.2