Security properties in an open peer-to-peer network

This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-topeer network remains an open problem as the literature have mainly proposed contribution on availability of resources and anonymity of users. That paper proposes a novel architecture that eases the administration of a peer-to-peer network. It considers a network of safe peer-to-peer clients in the sense that it is a commune client software that is shared by all the participants to cope with the sharing of various resources associated with different security requirements. However, our proposal deals with possible malicious peers that attempt to compromise the requested security properties. Despite the safety of an open peer-to-peer network cannot be formally guaranteed, since a end user has privileges on the target host, our solution provides several advanced security enforcement. First, it enables to formally define the requested security properties of the various shared resources. Second, it evaluates the trust and the reputation of the requesting peer by sending challenges that test the fairness of its peer-to-peer security policy. Moreover, it proposes an advanced Mandatory Access Control that enforces the required peer-to-peer security properties through an automatic projection of the requested properties onto SELinux policies. Thus, the SELinux system of the requesting peer is automatically configured with respect to the required peer-to-peer security properties.

[1]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[2]  Dennis Kügler,et al.  An Analysis of GNUnet and the Implications for Anonymous, Censorship-Resistant Networks , 2003, Privacy Enhancing Technologies.

[3]  Jérémy Briffaut,et al.  Security and Results of a Large-Scale High-Interaction Honeypot , 2009, J. Comput..

[4]  Chris Sherman Napster : copyright killer or distribution hero? , 2000 .

[5]  Ian Clarke,et al.  Protecting Free Expression Online with Freenet , 2002, IEEE Internet Comput..

[6]  Roger Dingledine,et al.  The Free Haven Project: Distributed Anonymous Storage Service , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[7]  David Mazières,et al.  Kademlia: A Peer-to-Peer Information System Based on the XOR Metric , 2002, IPTPS.

[8]  B. Plattner,et al.  Flow-Based Identification of P2P Heavy-Hitters , 2006, International Conference on Internet Surveillance and Protection (ICISP’06).

[9]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[10]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[11]  Diomidis Spinellis,et al.  A survey of peer-to-peer content distribution technologies , 2004, CSUR.

[12]  Ravi S. Sandhu,et al.  On Five Definitions of Data Integrity , 1993, Database Security.