PERM

Man Ho Au, Apu Kapadia
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
Some users may misbehave under the cover of anonymity by, e.g., defacing webpages on Wikipedia or posting vulgar comments on YouTube. To prevent such abuse, a few anonymous credential schemes have been proposed that revoke access for misbehaving users while maintaining their anonymity such that no trusted third party (TTP) is involved in the revocation process. Recently we proposed BLACR, a TTP-free scheme that supports 'reputation-based blacklisting' -the service provider can score users'
more » ... mous sessions (e.g., good vs. inappropriate comments) and users with insu cient reputation are denied access. The major drawback of BLACR is the linear computational overhead in the size of the reputation list, which allows it to support reputation for only a few thousand user sessions in practical settings. We propose PERM, a revocationwindow-based scheme (misbehaviors must be caught within a window of time), which makes computation independent of the size of the reputation list. PERM thus supports millions of user sessions and makes reputation-based blacklisting practical for large-scale deployments.
doi:10.1145/2382196.2382294 dblp:conf/ccs/AuK12 fatcat:6uv4kdg6ibdiddmuoua7yxjbui