GhostBuy: An All-Steps Anonymous Purchase Platform (ASAPP) based on Separation of Data

• Main Author: Willems, Fabian
• Other Authors: Adams, Carlisle
• Format: Others
• Language: en
• Published: Université d'Ottawa / University of Ottawa 2021
• Subjects: GhostBuy; Master Thesis; All-Steps Anonymous Purchase Platform; ASAPP; Anonymous Online Shopping; Separation of Data
• Online Access: http://hdl.handle.net/10393/42161; http://dx.doi.org/10.20381/ruor-26383

In recent years – and especially since the beginning of the COVID-19 pandemic – online shopping has become a part of everyday life for many people. Yet, in contrast to buying at a traditional retail store, staying anonymous is at least difficult if not impossible when shopping online – in particular, when physical goods are to be delivered. From the customer perspective, reasons for seeking anonymity when shopping online can be manifold, for example some do not want anyone to know about their purchases, others do not want their data to be used by Big Data-enabled online retailers. From the point of view of online retailers, the prospect of anonymous online shopping should therefore not only be seen as a threat to their data-driven business models, but also as an opportunity to attract new customers. In this thesis we search and find support in the literature regarding the question whether there is indeed a demand for anonymous online shopping, and we discuss system architecture designs that were proposed by other authors for potentially realizing what we call All-Steps Anonymous Purchase Platforms (ASAPP). We propose a new architecture design that improves earlier work by realizing the concept of Separation of Data within a single platform: GhostBuy. We implement a working prototype of this platform that demonstrates not only the fundamental feasibility of the architecture but also that such a platform can be realized with a look-and-feel similar to that of common online shops. We also propose solutions for certain related aspects that are particularly important in the context of such a platform, as for example a guaranteed use of secure user passwords or application-level database encryption. We evaluate to what extent the proposed architecture and prototype preserve the customers’ anonymity/privacy, showing that the prototype provides it to the maximum possible extent that can be achieved based on the proposed architecture. We also show that the system provides 256-bit security against all but one considered cryptographic and mis-authentication attack vectors and discuss how this can also be achieved for the remaining attack vector. Closing our evaluation, we show how well the platform could presumably be deployed in the real world. Finally, limitations, possible improvements, and potential further future work are discussed and proposed.