Modeling group trust for peer-to-peer access control

The information on the Web is growing at a very fast pace. In this ever-accumulating data, the volume of information being exchanged using peer-to-peer applications is on the rise in recent times. As peer-to-peer applications like file sharing, distributed computing and instant messaging are gaining popularity, security issues related to these applications are being taken up more seriously. We focus mainly on two important security issues related to the aspect of peer-to-peer file sharing. First of these is the problem of "Peer Selection", where the notion of security deals with the identification and prevention of peers that display malicious tendencies in their behavior. The second issue is "Request Resolution" which comes into play when a peer needs to decide among the received requests for its resources. Request resolution is of vital importance since some of these requests may tend to exhaust the peer's serving capabilities (like processing capacity and bandwidth), so that it can't respond to any further requests normally. Consequences of such a maligned request may result in the peer loosing its trust among other peers as well as being branded malicious. We show how to model group trust for peer-to-peer access control so as to make them secure and thus provide a redressal to the above-mentioned issues.

[1]  Ernesto Damiani,et al.  Choosing reputable servents in a P2P network , 2002, WWW.

[2]  Dan S. Wallach,et al.  A Survey of Peer-to-Peer Security Issues , 2002, ISSS.

[3]  Karl Aberer,et al.  Peer-to-peer information systems: concepts and models, state-of-the-art, and future systems , 2001, ESEC/FSE-9.

[4]  Hector Garcia-Molina,et al.  Open Problems in Data-Sharing Peer-to-Peer Systems , 2003, ICDT.

[5]  Ling Liu,et al.  A reputation-based trust model for peer-to-peer ecommerce communities , 2003, EC.

[6]  Jianhua Huang,et al.  Implementation of secure peer group in peer-to-peer network , 2003, International Conference on Communication Technology Proceedings, 2003. ICCT 2003..

[7]  Karl Aberer,et al.  Handling identity in peer-to-peer systems , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[8]  Seungjoon Lee,et al.  Cooperative peer groups in NICE , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[9]  Ernesto Damiani,et al.  Managing and Sharing Servents' Reputations in P2P Systems , 2003, IEEE Trans. Knowl. Data Eng..

[10]  Karl Aberer,et al.  Beyond "Web of trust": enabling P2P e-commerce , 2003, EEE International Conference on E-Commerce, 2003. CEC 2003..

[11]  Joan Feigenbaum,et al.  Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[12]  Ravi S. Sandhu,et al.  Induced role hierarchies with attribute-based RBAC , 2003, SACMAT '03.

[13]  Julita Vassileva,et al.  Trust and reputation model in peer-to-peer networks , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).

[14]  Ravi S. Sandhu,et al.  PBDM: a flexible delegation model in RBAC , 2003, SACMAT '03.

[15]  James Bret Michael,et al.  Secure group management in large distributed systems: what is a group and what does it do? , 1999, NSPW '99.

[16]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[17]  Karl Aberer,et al.  Managing trust in a peer-2-peer information system , 2001, CIKM '01.