Net Trust: A Privacy-Aware Architecture for Sharing Web Histories

Abstract

Net Trust exposes fraudulent web sites by combining individual opinions and browsing histories over self-selected social networks. This paper describes the security and privacy design choices for the first public-use implementation of the Net Trust web rating system. Net Trust differs from prior rating and recommendation systems which leverage peer production and social networks because it is engineered to withstand Sybil attacks, corruption by producing bogus ratings en masse. The system simultaneously strives to ensure privacy with linking resistance, social network confidentiality, and account deniability. Our implementation strikes a compromise between data availability and structurally imposed privacy through a rich-client/lightweight-server architecture. This paper analyzes Net Trust's participants, attackers, security and privacy goals, and implementation choices.