YANXIA ZHANG,JINLIN WANG

DOI: https://doi.org/10.3969/j.issn.1008-0570.2007.15.028

2007-01-01

Abstract:In fully distributed peer-to-peer systems,secure services have to be fulfilled by the union of peer-group members because there is no centralized authority.This paper investigates the application of threshold cryptography for membership control in p2p system .We analyze the secure flaws in prior works and design a multi-party self-service p2p access control protocol on the basis of threshold computation protocols.No centralized authority is needed through the whole protocol process.The analysis of security,robust and efficiency is provided.

Yu Zhang,Xianxian Li,Jinpeng Huai,Yunhao Liu

DOI: https://doi.org/10.1109/ICDCSW.2005.29

2005-01-01

Abstract:As an emerging model of communication and computation, peer-to-peer networking represents a fully distributed, cooperative network design, and has recently gained significant acceptance. Peer groups share the properties of peer-to-peer overlay network, including full decentralization, symmetric abilities, and dynamism, which make security problems more complicated. In this paper, we propose a fine-grained and attribute-based access control framework forpeer-to-peer systems. This design employs a novel policy model which extends role-based trust management language RT to satisfy security requirements of peer groups. Intend for a pure decentralized model without centralized server, our framework presents distributed delegation authorization mechanism which could avoid single point of failure. We also introduce our implementation experience.

Yingjie Xia,Guanghua Song,Yao Zheng,Jun Ni,Mingzhe Zhu

DOI: https://doi.org/10.1109/ICICSE.2008.7

2008-01-01

Abstract:This paper introduces a small world overlay Peer- to-peer (P2P) transfer system with role based and reputation based access control policies, through which we are able to solve several serious problems existed in traditional P2P systems, like resource piracy, user privacy and network jam. The role based access control policy is implemented by the certificate based cryptography, e.g. X509. The reputation based access control policy consists of artificial scoring and automatic scoring components, corresponding to the quality and quantity evaluation of the transfer resources respectively. This system, upon the two policies and the adaptive small world overlay P2P topology, can restrict the peer's role and select a more credible peer to upload and download without any loss of performance, for the reason of the dramatic topology. Indeed it provides a secure, controllable and efficient resource transfer community.

Ruichuan Chen,Wenjia Guo,Liyong Tang,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-540-85451-7_64

2008-01-01

Abstract:Peer-to-Peer (P2P) communication model has the potential to harness huge amounts of resources. However, due to the self-organizing and self-maintaining nature, current P2P networks suffer from various kinds of attacks. Public key authentication can provide a fundamental building block for P2P communication security. In this paper, we propose a scalable Byzantine fault tolerant public key authentication scheme for P2P networks, in which each participating peer dynamically maintains a trusted group to perform distributed challenge-response authentication without centralized infrastructure. To guarantee the authentication correctness, we additionally present a complementary trusted group maintenance scheme. The experimental results demonstrate that our authentication scheme can work in various different P2P scenarios effectively and efficiently.

Yingjie Xia,Guanghua Song,Yao Zheng

DOI: https://doi.org/10.4304/jcp.3.10.3-11

2008-01-01

Journal of Computers

Abstract:In order to implement both the efficiency and security in the Peer-to-Peer (P2P)network, we design a trusted small world overlay P2P network with the role based and reputation based access control policies, denoted as SW-R2P.TheSW-R2P system integrates the small world topology with zero knowledge identification and Bayesian trust model. The zero knowledge identification is utilized to securely cluster all the peers into several groups without transferring any related information. The peer groups are then linked together to construct a trusted small world network based on the probabilities calculated by the Bayesian trust model. The simulation experiments demonstrate that the SW-R2P system achieves the performance with increased success rate in the resources lookup, strengthened robustness under the overwhelming traffic loadings, reduced reputation errors caused by the malicious peers and enhanced peer satisfaction rate for different trust metrics. In conclusion, the SW-R2P system collectively exploits the advantages of small world, zero knowledge identification and Bayesian trust model, therefore implementing a scalable, secure and efficient P2P network.

Yingjie Xia,Guanghua Song,Yao Zheng,Mingzhe Zhu

DOI: https://doi.org/10.1109/wkdd.2008.28

2007-01-01

Abstract:This paper introduces R2P, a Peer-to-Peer (P2P) transfer system with role based and reputation based access control policies. With the combination of user authentication, organization authorization and scoring system, we solve the problem of resource piracy, user privacy and network jam, which exist in traditional P2P systems. The R2P system takes advantage of the X509 certificate to implement the role based access control policy. By assembling the artificial scoring and the automatic scoring components, the system evaluates the quantity and quality of the transfer resources, putting forward the reputation based access control policy. Upon the two policies and the adaptive P2P transfer model, the R2P system provides a secure, controllable and efficient resource transfer community.

NIU Xin-zheng,SHE Kun,LU Gang,ZHOU Ming-tian

DOI: https://doi.org/10.3969/j.issn.1001-0548.2007.03.003

2007-01-01

Abstract:According to the security requirement of Peer-to-Peer (P2P) technology, this paper analyzes the advantages of current P2P access control strategy and proposes an efficient P2P clustering model. The model urity mechanism based on Rule Based Access Control (RBAC) as well as Java Authentication and Authorization vice (JAAS) are discussed, and the filter technology is also considered. Project application results show that AC technology is efficient for access control in P2P systems.

ZhiXin Sun,BingQing Luo,YaDang Chen,Kai Bu

DOI: https://doi.org/10.1007/s11432-012-4618-3

2013-01-01

Science China Information Sciences

Abstract:Distributed search and routing algorithms based on the DHT (distributed hash table) protocol have attracted considerable attention in structured P2P (peer-to-peer) research as a result of favorable properties such as distribution, self-organization, and high scalability. Compared with a traditional C/S (client/server) network, the probability of peers initiating malicious behavior increases dramatically because of their self-governing and dynamic characteristics, which also make it harder to satisfy the peers’ security required by DHT. In this paper, we propose a new secure DHT protocol based on a multidimensional mapping mechanism. This mechanism maps peers to a multidimensional space by dividing the identifiers into groups. Moreover, a series of secure methods and routing algorithms are provided to achieve secure DHT in smaller spaces. Compared with state-of-the-art approaches, the theoretical analysis and experimental results show that the multidimensional mapping mechanism can effectively improve the average success rate of a resource search by inhibiting malicious behavior.

LIN Huai-qing,LI Zhi-tang,HUANG Qing-feng

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.18.007

2007-01-01

Abstract:Managing trust relationships are important part of trust model.An important challenge in managing such trust relationships is to design a protocol to secure the placement and access of these trust ratings.In this protocol,a verifiable threshold cryptosystem without a trusted center is applied to generate system public/private keys.K managers can generate certification for peer.The protocol provides an anonymous server for peer.The security analysis shows that the protocol has desirable features of anonymity,reliability,accountability and is secure in the presence of a variety of possible attacks.

Chunrui ZHANG,Fan JIANG,Ke XU

DOI: https://doi.org/10.3321/j.issn:1000-0054.2005.10.037

2005-01-01

Abstract:The P2P(peer to peer) technique is now used in many areas,but no good solutions have yet been developed to set up trust among peers.This paper presents a model,called P2Ptrust,which combines a local trust table and a global reputation table.Each peer endows a trust value to other peers respectively whose trades are trustworthy.And the values construct a local trust table.Each peer must save several global reputation tables which belong to other peers.This model uses the friend mechanism and unites the virtue of the local trust table and the global reputation table.This paper also introduces a solution for the sybil attack,the malicious collectives attack,and other such attacks.Simulation results show that the P2Ptrust model reduces communication overhead and is more robust with security and has better extensibility.

Wu Liu,HaiXin Duan,Hong Zhang,Jianping Wu

2008-01-01

Abstract:The trust mechanism was introduced to dynamically evaluate user's behavior in P2P network, and bind user's reputation with its access control privilege in the network. In addition, the trust based dynamic access control mechanism and key algorithm was proposed and implemented. With the trust based network security management system implemented based on the trust mechanism, a malicious user will be kicked out from the network system and refused from accessing resources of the network automatically when the user's reputation is lower than some threshold.

Yang Liu,Zhong Cheng,Hua Bei

DOI: https://doi.org/10.3969/j.issn.1000-386X.2009.07.030

2009-01-01

Abstract:Security is the critical concern for all computer systems,and peer-to-peer network is not an exceptant.Threshold signature is a kind of important digital signature,the biggest weakness in common threshold signature schemes is that when the number of malicious shareholders is no less than the threshold,they can obtain the system secret of the group with high probability,and then forge the group signature.A verifiable P2P distributed digital signing system using(t,n) threshold encryption technique is proposed in this paper.The security of the system relies on the difficulty in computing the discrete logarithm and the factorization of RSA large integer.Part of members inside a group cannot get any system secret parameters in collusion,thus the conspiracy attack is withstood.

JI Wen,YANG Shou-bao,YU Yu

2010-01-01

Abstract:Although Reputation mechanisms are useful to stimulate cooperation between peers in P2P networks,they bring some security problems such as group attacks. However,existing methods for solving these problems do not consider the openness character of P2P networks,which encourages peers to join the network. In this study,the reputation network-based P2P system (P2P reputation network) is divided into some different trust groups based on an analysis of group-structure. And a group-based reputation mechanism is also proposed. The simulation shows that this mechanism could defend against group attacks effectively without limiting the group size and new peers joining in open P2P reputation networks.

Yunhao Liu,Jinsong Han

DOI: https://doi.org/10.14711/thesis-b987542

2007-01-01

Abstract:Peer-to-Peer (P2P) model has become the mainstream of the applications in current and future Internet. Being effective in utilizing and managing globally distributed information over Internet, however, most current P2P systems do not provide protection to their users against the increasing threat from selfish peers or malicious adversaries. Anonymous and trustworthy computing hereby has continuously gained importance because it meets the users’ demands of privacy, fairness, trust, and reliability. In order to construct anonymous and trustworthy P2P systems, we must address several crucial challenges including (1) reliably and efficiently anonymizing the P2P network; (2) authenticating users’ identities; (3) enabling trust management in anonymous environments. Most existing approaches achieve anonymity via fixed paths, which are unreliable and inefficient in dynamic P2P systems. We propose two non-path based protocols to anonymize P2P systems. The results of trace driven simulations show that our proposed protocols are reliable, scalable and effective, and significantly reduce cryptographic overhead. The second issue is that the current authentication approaches face a dilemma in anonymous environments: authenticating other users needs their real identities; while the anonymity requires those users to hide their real identities. We propose a Zero-knowledge based protocol to allow users authenticate with each other without exposing their real identities. We show the effectiveness of our proposed protocol by simulation studies and prototype implementation. We solve the third issue by constructing a reputation based trust management architecture. We particularly focus on the feedback quality problem. In shorting of trusted authority centers in P2P systems, the feedback quality are easily wrecked by the dishonest feedback from malicious peers, which further degrades the computation accuracy of users’ reputation. Our proposed architecture effectively alleviates the damage on computing reputation caused by the feedback cheating. We believe that widely employing above proposed approaches will make P2P systems more secure and reliable. We also extend our study to other distributed systems and propose a privacy-preserving authentication protocol for RFID systems. Keywords: Peer-to-Peer, Anonymity, Privacy-Preserving, Authentication, Key Updating, Secret Sharing, Random Walk, Selected Flooding, Trustworthy Computing, Feedback Quality, Trust Management, Trace Driven Simulation, Zero-Knowledge Proof, Man-in-middle-attack

Chen Yang,Hu Shuang,Chen Gongliang,Li Jianhua

DOI: https://doi.org/10.1109/iccsn.2017.8230277

2017-01-01

Abstract:P2P (Peer to Peer) technology by its virtue of its inherent decentralization, autonomy, fault tolerance and scalability, it is widely applied in file sharing system. P2P file sharing system overcomes the weaknesses of traditional C/S network system like sluggish response, while also embodying security risks such as fraud and unreliable service owing to poor trust mechanism. Establishing an effective trust mechanism in P2P network is significant for improving its feasibility. First, we design a multi-dimensioned trust model, which covers time cost and risk factors and enhances the reliability of existing trust measurement. Then we purpose an improved trust and authorization mechanism, which combines our trust model with SPKI (Simple Public Key Infrastructure) to resolve the trust problem. In general, the proposed trust and authorization mechanism can effectively optimize the trust strategies of P2P file sharing system by experiment, thus ameliorate its reliability and availability, and promotes its extensive application.

Yang Zhen-hui

Abstract:P2P network technology offers information resource for people, it increases availability and robustness of P2P network, but brings new security problems of network too. First, this paper introduces security advantage of P2P network, then analyses security threatening of P2P network facing, finally introduces how to design prevention model of P2P network, and provides some prospect of P2P network technology about P2P network security.

Engineering,Computer Science

LIU Wu,DUAN Hai-Xin,ZHANG Hong,WU Jian-Ping

2008-01-01

Periodical of Ocean University of China

Abstract:In traditional network security management systems,system administrators could not prevent malicious users from illegal actions in time.This paper introduces the trust mechanism to dynamically evaluate user's reputation which is correlated with the user's privilege in the network and based on which we proposed and implemented the key algorithm of trust based access control in P2P Network.

Aiguo Chen,Guangchun Luo,Jinsheng Ren

DOI: https://doi.org/10.1587/transinf.e97.d.1656

2014-01-01

IEICE Transactions on Information and Systems

Abstract:Establishing trust measurements among peer-to-peer (P2P) networks is fast becoming a de-facto standard, and a fair amount of work has been done in the area of trust aggregation and calculation algorithms. However, the area of developing secure underlying protocols to distribute and access the trust ratings in the overlay network has been relatively unexplored. We propose an elliptic curve-based trust management protocol for P2P systems, which is designed to provide authentication and signature functions to protect the processes of trust value query and rating report. Additionally, instead of using single identities, the protocol generates two verifiable pseudonyms, one is used for transaction, the other is applied when the peer acts as a trust holding peer. A security analysis shows that the proposed protocol is extremely secure in the face of a variety of possible attacks.

Zhenquan Qin,Lei Wang,Mingchu Li,Weifeng Sun

DOI: https://doi.org/10.1109/IIHMSP.2010.185

2010-01-01

Abstract:With the proliferation of P2P application, it is critical to consider how these systems can be run in a trust environment. We present a lightweight time-window based effective dynamic trust mechanism(Tw-Trust) considering the peer’s local and global trustworthiness. Simulation results show that Tw-Trust has the advantages in countering strategic altering behavior and dishonest feedbacks of malicious peers.

Zude Li,Guoqiang Zhan,Xiaojun Ye

DOI: https://doi.org/10.1007/11775300_17

2006-01-01

Abstract:Peer-to-peer (P2P) resource dissemination has raised some security concerns for privacy protection and intellectual property rights protection along resource dissemination over the network. To solve these challenges, we propose the Role-Based P2P model, in which the role notion is functioned as the bridge component between users and resources to enforce secure resource dissemination together with relative constraints. The property rights attached to resource and user's private identity information are both protected as promise by taking each local role as a permission set in local centralized network and each global role as a user's pseudonym in global decentralized network. Furthermore, we propose the access control algorithm to describe how to handle access requests by the role policy in the role-based hybrid P2P model. In addition, we illustrate the intra and inter access schemas as two kinds of access processes. The model is feasible as its role structure and the connection with user and resource in open environment are consistent with the application objectives. The model is extensible, as the role structure can be also available for Purpose-Based Privacy Protection technologies.