what-when-how
In Depth Tutorials and Information
10.3.3.6 Matryoshka Maintenance
In case that a node in a matryoshka leaves the network, it sends a path invalidation
message to the nodes on the next inner and outer rings of the matryoshka. In the
system, all nodes check their links in the matryoshkas they participate in to detect
the failure of nodes.
Due to the utilization of the cryptographic mechanism (the public key and the
private key), trust relationship, and trusted identification service, the system in
Reference 8 is able to anonymize the network so effectively that it preserves the pri-
vacy. Besides, it can resist the kind of attacks we mentioned above, as well as keep
the availability of the network by the replication of data on the innermost ring.
However, the storage of a node must be taken account of as the profile duplication
exhausts the cache of the system. Besides, the response time should be consid-
ered because of the distributed structure and the hop-by-hop communication. We
can make use of a Kademlia-based approach [10] instead of a ring-based DHT for
shorter response times. We can optimize the authentication by a distributed TTP
based on threshold cryptography, or even without a TTP [11]. he group key man-
agement is a major issue in the system of [8]. We can employ a degradable crypto
scheme to simplify this management.
10.4
Clarke Tax
Mechanism
In Reference 14, a simple mechanism, the Clarke Tax mechanism [12] [13], is pro-
posed for collaborative management of privacy policies on the shared data based
on game theory. he Clarke Tax mechanism can be used as an incentive for trust
and coownership.
In Reference 14, data access is based on the distance which is defined as the path
with minimal length between two nodes. A privacy policy can be summarized by
the predicate
Pr
P i n
RtSet
, which means all the users who are connected to
i
with a
minimum path of length
n
, by relationships in
RtSet
. If
n
=
0
, it means that the data
is private. If
n
= ∞
, it means that the data is public to all users in the system.
In STNs, there are a lot of data shared among diferent users. hus, the concept
of
co-ownership
in the network is important. In Reference 14 the user collaborative
policy requirements are mapped to an auction based on the Clarke Tax mechanism,
which selects the privacy policy that will maximize the social utility by encourag-
ing truthfulness among the co-owners [15], who have the right to not only edit data
but also manage the access to data. In order to identify co-owners, Reference 14
provides a general classification of users (viewers, originators, and owners) based
on their relationships with the data. As in most STNs, Reference 14 makes use of
tags corresponding to unique user id to identify the potential owners of the data.
he co-ownerships can be automatically established by the originator according to
distance-based policy condition.
( , )
