Flexible security in peer-to-peer applications: Enabling new opportunities beyond file sharing

The widespread adoption of P2P applications in environments beyond ordinary file sharing demands the fulfillment of several security requirements. Important steps have been taken towards security in P2P systems, with relevant mechanisms being proposed in the past to address specific vulnerabilities. However, existing approaches lack flexibility, since they do not (include enough mechanisms to) tackle a wide range of requirements in an integrated fashion. In addition, they oblige the user/application to manipulate a complex programming interface, as well as going through a cumbersome configuration process. To address these issues, we present P2PSL (P2P Security Layer), a software architecture that allows gradual and flexible integration of security functionality into P2P applications. To show concept and technical feasibility, we have implemented P2PSL, assessed the overhead it induces, and estimated the feasibility of incorporating the layer into two categories of real world P2P applications.

[1]  Hector Garcia-Molina,et al.  Taxonomy of trust: Categorizing P2P reputation systems , 2006, Comput. Networks.

[2]  Nazareno Andrade,et al.  OurGrid: An Approach to Easily Assemble Grids with Equitable Resource Sharing , 2003, JSSPP.

[3]  Aleksandar Kuzmanovic,et al.  Denial-of-service resilience in peer-to-peer file sharing systems , 2005, SIGMETRICS '05.

[4]  Jonathan Katz,et al.  KeyChains: A Decentralized Public-Key Infrastructure , 2006 .

[5]  Karl Aberer,et al.  Beyond "Web of trust": enabling P2P e-commerce , 2003, EEE International Conference on E-Commerce, 2003. CEC 2003..

[6]  Shanshan Song,et al.  Trusted P2P transactions with fuzzy reputation aggregation , 2005, IEEE Internet Computing.

[7]  Jon Crowcroft,et al.  A survey and comparison of peer-to-peer overlay network schemes , 2005, IEEE Communications Surveys & Tutorials.

[8]  Steve R. Waterhouse,et al.  Distributed Search in P2P Networks , 2002, IEEE Internet Comput..

[9]  Luciano Paschoal Gaspary,et al.  Policy-based access control in peer-to-peer grid systems , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..

[10]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[11]  environmet.,et al.  JXTA : A Network Programming Environment , 2022 .

[12]  George Danezis,et al.  Sybil-Resistant DHT Routing , 2005, ESORICS.

[13]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[14]  Joon S. Park,et al.  Role-based access control for collaborative enterprise in peer-to-peer computing environments , 2003, SACMAT '03.

[15]  Joseph M. Hellerstein,et al.  Induced Churn as Shelter from Routing-Table Poisoning , 2006, NDSS.

[16]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[17]  Diomidis Spinellis,et al.  A survey of peer-to-peer content distribution technologies , 2004, CSUR.

[18]  Luciano Paschoal Gaspary,et al.  Flexible Security Configuration & Deployment in Peer-to-Peer Applications , 2006, 2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006.

[19]  John Riedl,et al.  Shilling recommender systems for fun and profit , 2004, WWW '04.

[20]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[21]  Mudhakar Srivatsa,et al.  Vulnerabilities and security threats in structured overlay networks: a quantitative analysis , 2004, 20th Annual Computer Security Applications Conference.

[22]  Ian Clarke,et al.  Protecting Free Expression Online with Freenet , 2002, IEEE Internet Comput..

[23]  Gene Tsudik,et al.  Admission control in peer groups , 2003, Second IEEE International Symposium on Network Computing and Applications, 2003. NCA 2003..

[24]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[25]  Hector Garcia-Molina,et al.  Query-flood DoS attacks in gnutella , 2002, CCS '02.

[26]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[27]  George Lawton Is peer-to-peer secure enough for corporate use? , 2004, Computer.

[28]  Henning Schulzrinne,et al.  An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol , 2004, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[29]  Leonardo Mariani,et al.  Dependability in Peer-to-Peer Systems , 2004, IEEE Internet Comput..

[30]  Theodore W. Hong,et al.  Not for distribution or attribution : for review purposes only . Protecting Freedom of Information Online with Freenet , 2007 .

[31]  Miguel Castro,et al.  Defending against eclipse attacks on overlay networks , 2004, EW 11.

[32]  Miguel Castro,et al.  Secure routing for structured peer-to-peer overlay networks , 2002, OSDI '02.

[33]  Ian T. Foster,et al.  Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[34]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.