Modeling group trust for peer-to-peer access control

The information on the Web is growing at a very fast pace. In this ever-accumulating data, the volume of information being exchanged using peer-to-peer applications is on the rise in recent times. As peer-to-peer applications like file sharing, distributed computing and instant messaging are gaining popularity, security issues related to these applications are being taken up more seriously. We focus mainly on two important security issues related to the aspect of peer-to-peer file sharing. First of these is the problem of "Peer Selection", where the notion of security deals with the identification and prevention of peers that display malicious tendencies in their behavior. The second issue is "Request Resolution" which comes into play when a peer needs to decide among the received requests for its resources. Request resolution is of vital importance since some of these requests may tend to exhaust the peer's serving capabilities (like processing capacity and bandwidth), so that it can't respond to any further requests normally. Consequences of such a maligned request may result in the peer loosing its trust among other peers as well as being branded malicious. We show how to model group trust for peer-to-peer access control so as to make them secure and thus provide a redressal to the above-mentioned issues.

[1]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.

[2]  Ernesto Damiani,et al.  Managing and Sharing Servents' Reputations in P2P Systems , 2003, IEEE Trans. Knowl. Data Eng..

[3]  Karl Aberer,et al.  Beyond "Web of trust": enabling P2P e-commerce , 2003, EEE International Conference on E-Commerce, 2003. CEC 2003..

[4]  Hector Garcia-Molina,et al.  EigenRep: Reputation Management in P2P Networks , 2003 .

[5]  Julita Vassileva,et al.  Trust and reputation model in peer-to-peer networks , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[6]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[7]  Ernesto Damiani,et al.  Choosing reputable servents in a P2P network , 2002, WWW.

[8]  Ling Liu,et al.  A reputation-based trust model for peer-to-peer ecommerce communities , 2003, EC.

[9]  Mostafa H. Ammar,et al.  A reputation system for peer-to-peer networks , 2003, NOSSDAV '03.

[10]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[11]  Karl Aberer,et al.  Peer-to-peer information systems: concepts and models, state-of-the-art, and future systems , 2001, ESEC/FSE-9.

[12]  Karl Aberer,et al.  Handling identity in peer-to-peer systems , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[13]  Jianhua Huang,et al.  Implementation of secure peer group in peer-to-peer network , 2003, International Conference on Communication Technology Proceedings, 2003. ICCT 2003..

[14]  Joan Feigenbaum,et al.  Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[15]  James Bret Michael,et al.  Secure group management in large distributed systems: what is a group and what does it do? , 1999, NSPW '99.

[16]  Hector Garcia-Molina,et al.  Open Problems in Data-Sharing Peer-to-Peer Systems , 2003, ICDT.

[17]  Ravi S. Sandhu,et al.  PBDM: a flexible delegation model in RBAC , 2003, SACMAT '03.

[18]  Ravi S. Sandhu,et al.  Induced role hierarchies with attribute-based RBAC , 2003, SACMAT '03.