Between Trust and Secrecy: Decentralized Reputation with Privacy Assurance via Self-Sovereign Digital Identities
Abstract
While authentication and authorization ensure identity and access control, they do not guarantee essential attributes such as service quality and reliability over time. In this context, reputation serves as a crucial complementary mechanism, reflecting factors like availability, data integrity, and compliance with SLAs. However, centralized approaches reduce system resilience and compromise user sovereignty. The proposed architecture adopts a decentralized model based on Decentralized Digital Identities (DDIs) and blockchain technologies, enabling verifiable and privacy-preserving proof of reputation. The PoC demonstrated that the system effectively penalizes malicious behavior, enhancing the security and robustness of the environment.References
Allen, C. (2018). Decentralized identity: Where did it come from and where is it going? [link]. Acessado: 2025-05-14.
Arshad, J., Azad, M. A., Prince, A., Ali, J., and Papaioannou, T. G. (2022). Reputable– a decentralized reputation system for blockchain-based ecosystems. IEEE Access, 10:79948–79961.
Ernstberger, J., Lauinger, J., Elsheimy, F., Zhou, L., Steinhorst, S., Canetti, R., Miller, A., Gervais, A., and Song, D. (2023). Sok: data sovereignty. In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), pages 122–143. IEEE.
Feraudo, A., Romandini, N., Mazzocca, C., Montanari, R., and Bellavista, P. (2024). Diva: A did-based reputation system for secure transmission in vanets using iota. Computer Networks, page 110332.
Hoang, A.-T., Ileri, C. U., Sanders, W., and Schulte, S. (2024). zkssi: A zero-knowledge-based self-sovereign identity framework. In 2024 IEEE International Conference on Blockchain (Blockchain), pages 276–285.
Kerschbaum, F. (2012). Privacy-preserving computation: (position paper). In Annual privacy forum, pages 41–54. Springer.
Liu, D., Alahmadi, A., Ni, J., Lin, X., and Shen, X. (2019). Anonymous reputation system for iiot-enabled retail marketing atop pos blockchain. IEEE Transactions on Industrial Informatics, 15(6):3527–3537.
Liu, Y., Xiong, Z., Hu, Q., Niyato, D., Zhang, J., Miao, C., Leung, C., and Tian, Z. (2022). Vrepchain: A decentralized and privacy-preserving reputation system for social internet of vehicles based on blockchain. IEEE Transactions on Vehicular Technology, 71(12):13242–13253.
Mazzocca, C., Acar, A., Uluagac, S., Montanari, R., Bellavista, P., and Conti, M. (2025). A survey on decentralized identifiers and verifiable credentials. IEEE Communications Surveys & Tutorials, pages 1–1.
Nalini, N., Kumar, A., Sharma, M., Sil, A., and Khan, W. (2023). Pseudonymous decentralised reputation system. In 2023 9th International Conference on Smart Computing and Communications (ICSCC), pages 682–687.
Solomon, R., Weber, R., and Almashaqbeh, G. (2023). smartfhe: Privacy-preserving smart contracts from fully homomorphic encryption. In 2023 IEEE 8th European symposium on security and privacy (euroS&p), pages 309–331. IEEE.
Sporny, M., Longley, D., Chadwick, D., Reed, D., and Sabadello, M. (2022). Decentralized identifiers (dids) v1.0. Technical report, W3C. Acessado: 2025-05-02.
Zhou, Z., Wang, M., Yang, C.-N., Fu, Z., Sun, X., and Wu, Q. J. (2021). Blockchain-based decentralized reputation system in e-commerce environment. Future Generation Computer Systems, 124:155–167.
Arshad, J., Azad, M. A., Prince, A., Ali, J., and Papaioannou, T. G. (2022). Reputable– a decentralized reputation system for blockchain-based ecosystems. IEEE Access, 10:79948–79961.
Ernstberger, J., Lauinger, J., Elsheimy, F., Zhou, L., Steinhorst, S., Canetti, R., Miller, A., Gervais, A., and Song, D. (2023). Sok: data sovereignty. In 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), pages 122–143. IEEE.
Feraudo, A., Romandini, N., Mazzocca, C., Montanari, R., and Bellavista, P. (2024). Diva: A did-based reputation system for secure transmission in vanets using iota. Computer Networks, page 110332.
Hoang, A.-T., Ileri, C. U., Sanders, W., and Schulte, S. (2024). zkssi: A zero-knowledge-based self-sovereign identity framework. In 2024 IEEE International Conference on Blockchain (Blockchain), pages 276–285.
Kerschbaum, F. (2012). Privacy-preserving computation: (position paper). In Annual privacy forum, pages 41–54. Springer.
Liu, D., Alahmadi, A., Ni, J., Lin, X., and Shen, X. (2019). Anonymous reputation system for iiot-enabled retail marketing atop pos blockchain. IEEE Transactions on Industrial Informatics, 15(6):3527–3537.
Liu, Y., Xiong, Z., Hu, Q., Niyato, D., Zhang, J., Miao, C., Leung, C., and Tian, Z. (2022). Vrepchain: A decentralized and privacy-preserving reputation system for social internet of vehicles based on blockchain. IEEE Transactions on Vehicular Technology, 71(12):13242–13253.
Mazzocca, C., Acar, A., Uluagac, S., Montanari, R., Bellavista, P., and Conti, M. (2025). A survey on decentralized identifiers and verifiable credentials. IEEE Communications Surveys & Tutorials, pages 1–1.
Nalini, N., Kumar, A., Sharma, M., Sil, A., and Khan, W. (2023). Pseudonymous decentralised reputation system. In 2023 9th International Conference on Smart Computing and Communications (ICSCC), pages 682–687.
Solomon, R., Weber, R., and Almashaqbeh, G. (2023). smartfhe: Privacy-preserving smart contracts from fully homomorphic encryption. In 2023 IEEE 8th European symposium on security and privacy (euroS&p), pages 309–331. IEEE.
Sporny, M., Longley, D., Chadwick, D., Reed, D., and Sabadello, M. (2022). Decentralized identifiers (dids) v1.0. Technical report, W3C. Acessado: 2025-05-02.
Zhou, Z., Wang, M., Yang, C.-N., Fu, Z., Sun, X., and Wu, Q. J. (2021). Blockchain-based decentralized reputation system in e-commerce environment. Future Generation Computer Systems, 124:155–167.
Published
2025-09-01
How to Cite
SOUSA, Antonio Mateus de; FREITAS, Allan Edgard S.; SAMPAIO, Leobino N..
Between Trust and Secrecy: Decentralized Reputation with Privacy Assurance via Self-Sovereign Digital Identities. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 25. , 2025, Foz do Iguaçu/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 1043-1050.
DOI: https://doi.org/10.5753/sbseg.2025.11475.
