Propuesta de acciones para desarrollar las estrategias

The User based recommendation systems are extensively used to help users find different items they might like based on similarity between the users ratings. The items can be of many types: movies, books, restaurants, web pages, sightseeing places or online news [7]. Since millions of people use different online services, the importance of user based recommender systems has been increasing in various application domains [174,175, 176]. One of the most common areas is social networks where people get recommendations for finding new friends,

Privacy Preserving Item Ranking based on User Similarity 80

groups or events using collaborative filtering-based techniques. Another common scenario is online shopping, where users get recommendations for unseen items based on what similar types of users have purchased. It helps customers to find products which they are likely to purchase, as well as increasing the profit of online services. Since collecting users’ data for generating recommendations is an essential part of CF-based recommender systems, it may lead to breaches of private information of users. For instance, exposing users’ data to third parties, misusing data and, generating false recommendations etc [171]. Therefore, it is essential to protect individual information to benefit consumers as well as service providers.

The reason for the popularity of homomorphic-based privacy preserving CF is that it is semantically secure and therefore determining private information from ciphertexts is compu- tationally hard for any intruders. Further, the homomorphic encryption-based solutions ensure privacy without compromising recommendation accuracy. Due to the homomorphic property, the cryptographic based solutions are able to compute certain operations on encrypted data such as addition and multiplication of plaintexts without revealing any private information.

4.1.1.1 The Problem

The user-based CF approaches mainly work in two steps. First, they determine similarities among the users based on their ratings. Second, they generate recommendations using those similarities as weight and ratings of other users. Note that the overall process consists of additions and multiplications on sensitive information (for example, ratings×similarity). However, as we are interested in using public key cryptography-based techniques to secure user ratings, the problem is that whereas computing addition between two private ratings is easy, multiplication requires to build protocols using multiparty computation [97, 116, 95]. When using multi-party computations, users and servers need to actively communicate or collaborate with each other. These collaborations sometimes create bottlenecks.

4.1.1.2 Limitations of Existing Solutions

The main limitation in using multi-party computation techniques to compute multiplications between sensitive data is that it requires to disclose any of the two messages as plaintext (for

Privacy Preserving Item Ranking based on User Similarity 81

example, E(m1)m2 = E(m1·m2), here m2 is disclosed) which cannot be computed by single server, sincem2would be disclosed to it. That is why one party (owner ofm1) computesE(m1) and sends to another party (owner ofm2) who raisesm2 to the power of the ciphertextsE(m1), and finally computesE(m1)m2 =E(m1·m2). However, this may lead to serious privacy issue if the second party from above example has the authority to communicate with decryption server. It may send E(m1) to decryption server to learn m1 (the decryption server has no clue on whether the sender is authentic or malicious [116]). Furthermore, the communication channel between the recommender server and the decryption server in existing protocols [97,116] may also cause privacy leakage, since these two servers may collude to decrypt the computation results.

The goal of our approach is thus to build a new protocol by which the system is able to generate accurate and secure recommendations without: (1) active collaboration among the users and servers; (2) disclosing any information, especially while performing multiplication between two private data; (3) establishing any communication between the recommender server and the decryption server; (4) allowing any user to communicate with the decryption server except the target user, who is actually active in order to obtain recommendations.

4.1.1.3 Our Contributions

We propose a privacy-preserving protocol for user-based CF using a public key cryptography- based approach, in which recommendations are generated based on user similarity. We consider the scenario where a user wants to find the most suitable item within a set of similar items based on other similar users’ preferences, and the service provider directly recommends the item instead of sending the numerical results of the recommendation. In this scenario we protect users’ privacy by means of encrypting their private ratings and generating recommendations in the encrypted domain. Among the various approaches we consider a weighted sum approach to predict the item score because of its better accuracy for generating recommendations [7].

Our cryptographic protocol includes two different service providers: Recommender Server (RS), which generates recommendations and Decryption Server (DS), which provides privacy functions and decryption services. The DS provides required public keys to encrypt users’

Privacy Preserving Item Ranking based on User Similarity 82

data. Once their data are encrypted, users interact with theRS to get item recommendations. We propose a new cryptographic protocol based on the use of Boneh Goh Nissim (BGN) cryp- tosystem [105] by which secure multiplications can be computed by single server. Moreover, we do not require any intermediate decryption or to reveal any message. In our cryptographic protocol, theDS is allowed to decrypt the encrypted recommendations for users without learn- ing any private information (the idea of usingDS is similar to [116]). To achieve this task, we introduce a decryption protocol in which the list of encrypted recommendations is permuted before sending it for decryption. In this way, the DS is unable to learn the corresponding indices of an item. Moreover, to prevent malicious target users from sending fake ciphertexts to the DS, we use a signature scheme by which messages are signed before sending them for decryption.

Specifically, the main contribution of this section of the chapter is a new secure protocol for privacy preserving user-based CF in which the privacy of ratings is preserved from all participants in the system and intermediate computations are carried out without disclosing any private information.