Managing and Sharing Servents' Reputations in P2P Systems

Peer-to-peer information sharing environments are increasingly gaining acceptance on the Internet as they provide an infrastructure in which the desired information can be located and downloaded while preserving the anonymity of both requestors and providers. As recent experience with P2P environments such as Gnutella shows, anonymity opens the door to possible misuses and abuses by resource providers exploiting the network as a way to spread tampered-with resources, including malicious programs, such as Trojan Horses and viruses. We propose an approach to P2P security where servants can keep track, and share with others, information about the reputation of their peers. Reputation sharing is based on a distributed polling algorithm by which resource requestors can assess the reliability of perspective providers before initiating the download. The approach complements existing P2P protocols and has a limited impact on current implementations. Furthermore, it keeps the current level of anonymity of requestors and providers, as well as that of the parties sharing their view on others' reputations.

[1]  Nicholas Bohm,et al.  Digital Signatures, Certificates and Electronic Commerce , 1999 .

[2]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.

[3]  James F. Doyle,et al.  Peer-to-Peer: harnessing the power of disruptive technologies , 2001, UBIQ.

[4]  Marianne Winslett,et al.  Interoperable strategies in automated trust negotiation , 2001, CCS '01.

[5]  Steve M. Bellovin,et al.  Security aspects of napster and gnutella , 2001 .

[6]  Steven J. Brams,et al.  The AMS Nomination Procedure Is Vulnerable to ‘Truncation of Preferences’ , 1982 .

[7]  Lakshminarayanan Subramanian,et al.  An investigation of geographic mapping techniques for internet hosts , 2001, SIGCOMM.

[8]  Andy Oram,et al.  Peer-to-Peer: Harnessing the Power of Disruptive Technologies , 2001 .

[9]  Ronald Fagin,et al.  Combining Fuzzy Information from Multiple Systems , 1999, J. Comput. Syst. Sci..

[10]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[11]  Stefan Saroiu,et al.  A Measurement Study of Peer-to-Peer File Sharing Systems , 2001 .

[12]  R. Chen,et al.  Poblano A Distributed Trust Model for Peer-to-Peer Networks , 2001 .

[13]  Ernesto Damiani,et al.  Choosing reputable servents in a P2P network , 2002, WWW.

[14]  Pierangela Samarati,et al.  Regulating service access and information release on the Web , 2000, CCS.

[15]  Matei Ripeanu,et al.  Peer-to-peer architecture case study: Gnutella network , 2001, Proceedings First International Conference on Peer-to-Peer Computing.

[16]  Sushil Jajodia,et al.  Using attribute certificates with mobile policies in electronic commerce applications , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[17]  Eytan Adar,et al.  Free Riding on Gnutella , 2000, First Monday.

[18]  Andrew B. Whinston,et al.  P2P Networking: An Information-Sharing Alternative , 2001, Computer.

[19]  A. Bárdossy,et al.  Combination of fuzzy numbers representing expert opinions , 1993 .

[20]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[21]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[22]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[23]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[24]  environmet.,et al.  JXTA : A Network Programming Environment , 2022 .

[25]  Munindar P. Singh,et al.  A Social Mechanism of Reputation Management in Electronic Communities , 2000, CIA.

[26]  Antony I. T. Rowstron,et al.  PAST: a large-scale, persistent peer-to-peer storage utility , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[27]  E. Friedman,et al.  The Social Cost of Cheap Pseudonyms , 2001 .

[28]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[29]  J. Frankel,et al.  The gnutella protocol specification v0.4 document revision 1.2 , 2000 .