ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 Secure Trust Management Model for Peer-to-Peer               ...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011                           Start                              ...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011                                                              ...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011                III. PROPOSED SYSTEM                          ...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011     The credibility table (illustrate in Table II). It stores...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011                                             Host Peer        ...
ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011                                                              ...
Upcoming SlideShare
Loading in...5

Secure Trust Management Model for Peer-to-Peer File Sharing System


Published on

File sharing refers to the providing and receiving of
file over the network, a central server that operates a
centralized data repository search engine within a peer-topeer
network performs authentication and authorization
operations with respect to users that access its services. Trust
mechanism and access control technology are used in the p2p
file sharing system to be more secure with respect to the
existing one.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Secure Trust Management Model for Peer-to-Peer File Sharing System

  1. 1. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 Secure Trust Management Model for Peer-to-Peer File Sharing System Amuthan.A, Marimuthu.G and Kaliaperumal.G Pondicherry Engineering College/Dept of Computer Science, India. Email: {amuthan, cs0711, kaliaperumal.g}@pec.eduAbstract---File sharing refers to the providing and receiving of Startfile over the network, a central server that operates acentralized data repository search engine within a peer-to-peer network performs authentication and authorizationoperations with respect to users that access its services. Trust Send a request for a filemechanism and access control technology are used in the p2pfile sharing system to be more secure with respect to the Receive a list of peers that have the fileexisting one.Index Terms---P2P, File sharing, Trust, Reputation, Access Receive a list of peers that have the fileControl. Receive a list of peers that have the file 1. INTRODUCTIONA. Background Yes No File is good Stop In a Peer-to-Peer (P2P) file sharing system, peercommunicates directly with each other to exchangeinformation and share files. P2P system can divide into Figure 1.2 Traditional P2Pseveral categories (illustrate in Fig. 1.1). Centralized P2Psystems (e.g., Napster [1]) use a centralized control serverto manage the systems. Decentralized P2P systems try to 1. Send a file requestdistribute control over several peers. They can be divide 2. Receive a list of peers that have the requested fileinto purely decentralized (e.g., Gnutella [2]) and Hybrid 3. Select a peerdecentralized systems (e.g., KaZaA [3]). 4. Download the file P2P Systems However, P2P file sharing system make the security issue a challenging problem. There is no trusted server to Partially Centralized validate the peer. At the same time, a trust mechanism is Decentralized E.g., Napster needed to punish peers that exhibit malicious behavior (i.e., those that provide malicious content or misleading filenames) and furthermore, an access control mechanism Purely Decentralized Hybrid Decentralized E.g., Gnutella E.g., KaZaA is developed to secure the file sharing P2P network. B. Motivation and Contribution Figure 1.1: P2P System Partially centralized P2P systems have been proposed to reduce the control overhead needed to run the P2P file sharing system. They also provide lower discovery timeIn traditional P2P System (i.e., without any trust because the discovery process involves in the server. Themechanism and access control), a user is given a list of proposed trust management model uses a reputation trustpeers that can provide the requested file. The user has then mechanism system and access mechanism system. Into choose one peer from which the download will be reputation mechanism system, each peer may recordperformed. In traditional P2P systems, little information is information on past experience with all peers it hasgiven to the user to help in the selection process. interacted with and the opinion regarding the peers thatThe following is the life cycle of a peer in a traditional P2P have the requested file. In access control mechanism,system (illustrate in Fig. 1.2) determines who can access the system, what kind of resources can be accessed (illustrate in Fig. 1.3): The following is the life cycle of a peer in a Trust Management Model based P2P system. 1© 2011 ACEEEDOI: 01.IJNS.02.01.28
  2. 2. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 Start Partially Centralized Architecture – In these systems, (illustrate in Fig. 2.1) there is a central server facilitate the interaction between peers by maintain directories of metadata, describing the shared files stored by the peer Send a request for a file nodes. Although the end-to-end interaction and file exchange may take place directly between two peer nodes, Receive a list of peers that have the file the central servers facilitate this interaction by performing the lookups and identifying the nodes storing the files. Select a peer based on a reputation metrics Access permission No Yes Access the file File is good Figure 2.1: Partially Centralized No Yes Purely Decentralized Architectures – All nodes in the network perform exactly the same tasks, (illustrate in Update Update Fig. 2.2) acting both as servers and clients, and there is Reputation Reputation Stop Data Data no central coordination of their activities. The nodes of such networks are often termed “servents” (SERVers + Figure 1.3 Trust Management Model P2P cliENTS), 1. Send a file request 2. Receive a list of peers that have the requested file 3. Select a peer based on a reputation metric 4. Check the access permission 5. Access the file 6. Send feedback and update the reputation data Figure 2.2: Purely Decentralized P2PC. Organization This paper is organized as follows. In section 2 Hybrid Decentralized Architectures – The basis is thediscusses the literature survey of existing system, P2P file same as with purely decentralized systems. (Illustratesharing network and the list of reputation based system that in Fig. 2.3) Some of the nodes, however, assume awe feel is more appropriate for peer-to-peer more important role, acting as local central indexes forcommunication. In Section 3 we enlist and discuss our file shared by local peers. The way in which thesemodel of reputation based system. In Section 4 we present supernodes are assigned their role by the networkan access control model for our P2P file sharing system. In varies between different systems. It is important,Section 5 we enlist the interaction procedure for our model. however, to note that these supernodes do notSection 6 is the summary of this paper. Finally we constitute single points of failure for a peer-to-peerconcluded with our conclusion. network, since they are dynamically assigned and, if they fail, the network will automatically take action to II. RELATED WORK replace them with others. Several surveys have addressed the problem ofenforcing trust on P2P networks based on reputation.A. P2P File Sharing Technologies Peer-to-Peer file sharing networks are supposed to betotally decentralized, in practice this is not always true, andsystems with various degrees of centralization areencountered. Specifically the following three categories areidentified. 2© 2011 ACEEEDOI: 01.IJNS.02.01.28
  3. 3. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 Directly Directly Trust Trust Peer A Peer B Peer C Indirectly Trust Figure 2.5: Indirect Trust D. Existing P2P Reputation-based Systems This section briefly review some of the existing P2P Figure 2.3: Hybrid Decentralized P2P reputation systems, we start by giving an overview of theB. Trust and Reputation reputation systems. OpenPrivacy – In OpenPrivacy, the reputationTrust and reputation mechanisms have been proposed for information is stored in a certificate. The system is similarlarge environments in peer-to-peer computing, in concept to web of trust. A peer certifies another peerrecommender systems. However, there is no universal through the use of certificate. Every certificate stores theagreement on the definition of trust and reputation. In this value of the target’s reputation and the confidence of thepaper, we adopt the following working definitions: certificate creator. To prevent tampering, each certificate is Trust – a peer’s belief in another peers capabilities, digitally signed with the private key of the certificatehonesty and reliability based on its own direct experiences; creator. This certificated are stored at the certificate creator Reputation – a peer’s belief in another peer’s as well as the certification target.capabilities, honesty and reliability based on P2Prep – In P2Prep, every peer in the system storesrecommendations received from other peers. their interaction experience with other peers (based on Reputation can be centralized, computed by a trusted pseudonym). This reputation records are being updatethird party or it can be decentralized, computed every time an interaction takes place. These reputationindependently by each peer after asking other peers and records can be used by other peers to make decision whenrecommendations. initializing an interaction. In this case, before a peer Although trust and reputation are different in how they consumes a service, the peer polls other peers about theirare developed, they are closely related. They are both used knowledge of the service provider. At the end of theto evaluate a peer’s trustworthiness, so they also share interaction, the service consumer updates the reputation ofsome common characteristics. the provider and at the same time updates the credibility of the peers that addressed opinion on the provider.C. Classification of Reputation in P2P Communication Managing Trust – Managing Trust stores the In this section we present classification of reputation complaints about a peer in the P-Grid. The underlying ideafor peer-to-peer communication. of the P-Grid approach is to create a virtual binary search The classification of reputation signifies if the structure with replication that is distributed over the peersreputation is obtained from a witness peer directly or and supports efficient search. The construction and theindirectly. Based on whether the reputation is obtained search/update operations can be performed without anydirectly or indirectly we identify two types of reputation central control or global knowledge.they are: RMS – Reputation Management System (RMS) also  Direct Reputation(Trust) stores the reputation information in a certificate. However,  Indirect Reputation(Trust) RMS is different from OpenPrivacy in the implementation Direct reputation – A peer’s belief in another peer’s of the reputation certificate. In RMS, there exists a trustedcapabilities, honesty and reliability based on its own direct third party to record the transaction history for theexperiences (illustrate in Fig. 2.4). subscribers. The transaction history that the trusted party stored is used by others to check the correctness of the Directly certificate presented by a peer. Trust EigenRep – In EigenRep, two types of value, local and Peer A Peer B global value, are being stored in the systems. The local Figure 2.4: Direct Trust value is stored in every peer and the global value, which is derived from multiple local values, are being handled by random peers in distributed hash table (DHT) such as CAN Indirect reputation – A peer’s belief in another peer’s or Chord.capabilities, honesty and reliability based onrecommendations received from another peers (illustrate inFig. 2.5). 3© 2011 ACEEEDOI: 01.IJNS.02.01.28
  4. 4. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 III. PROPOSED SYSTEM reputation means the aggregated general opinion given by multiple peers. P2PRep is generally combining these two In the proposed peer-to-peer file sharing system is a factors program that allows you to host a secure peer-to-peer file sharing system without any additional software or C. Trusting Peerservices. Users just need to install the client software on Xab(i)  each peer. This is the following key feature in our model. 1 if a s transacti on is success 0 otherwise  Symmetric encryption with shared secret key   Asymmetric encryption with public/private keys.  Xab (i): the ith transaction between a and b.  Peer authentication with username/password  After n transactions. We obtained the history data  Binary data transfer between peers History: Dab = {Xab(1), Xab(2), … , Xab(n)}  All standard FTP operations  sat(a, b): +1, a downloads an authentic file from  Access control privileges to system resources b.  unsat(a, b): +1, a downloads an inauthentic file from b, or a fails to download a file from b.A. Peer software architecture model In peer software architecture model it consists mainly D. Evaluate Peerthree components (illustrate in Fig. 3.1): In our model each client is requested to report the  P2P Substrate transaction detail. Also the client will calculate the  Middleware credibility of the other clients, which is the total number of  P2P Application good transaction by over the total number of transaction by In P2P substrate, it manages two things overlay the client.Management and Resource managements. In overlaymanagement construction of the peer and maintenance of Ri = ∑GAi / ∑ TAithe peer join/leave in the P2P network. In resource  Ri : trust score of peer imanagement allocation (storage) of the file location and  GAi : Number of good actions for this peer idiscovery (routing and lookup) of the peer, are handled in  TAi : total number of considered actions for thisP2P substrate. peer i In middleware, provides services to the P2Papplication, e.g., peer selection, reputation based system, Notation and Assumptionsauthentication, authorization, integrity and FTP operation. In P2P application, potentially there could be multiple  Let ID denotes Peer ID.applications running on top of a single P2P substrate.  Let PTV denotes Positive trust value.Application includes file sharing and file storage systems  Let NTV denotes Negative trust value.etc.  Let SBU denotes Sum byte up.  Let SBD denotes Sum byte download. P2P Application  T denotes the Time.  SPTV denotes Sum of Positive trust value Middlewa  SNTV denotes Sum of Negative trust value P2P re  CV denotes Credibility value Substrat In this model each peer maintains two tables, a trust Operating System table and a credibility table. The trust table is similar to the one (illustrate in the Table I) and it contain the following Hardware information: Figure 3.1: Software Architecture Table I. Model for P2P Trust TableB. P2PRep model ID PTV NTV SBU SBD T P2Prep is a reputation-based protocol runs in acompletely anonymous P2P networks. In P2Prep, localreputation management and community-wide reputation When uploading & downloadingmanagement are two different levels. Local reputation is PTV = 1; if SBU = SBD, otherwise PTV=0defined as one single peer’s opinion of one other peer’s NTV = 1; if SBU≠ SBD, otherwise NTV=0reputation, based on its formal experience. The community 4© 2011 ACEEEDOI: 01.IJNS.02.01.28
  5. 5. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 The credibility table (illustrate in Table II). It stores Subjectthe credibility of a peer in reporting the trust value of otherpeers. It contains the following information. Subject Access control Access information Table Ii. Request Credibility Table Request Access ID SPTV SNTV CV T Fail Monitor CV = SPTV / SNTV SPTV > SNTV; Trusted peer Access Access SPTV < SNTV; Un-trusted peer Yes Function Permit Rules SPTV = SNTV; Indeterminate peer IV. ACCESS CONTROL Object Access control The process of giving an authenticated entity information Objectpermission to do some action or access some resource. In RequestP2P application, a peer might be authenticated to access Figure 4.1: Access Control Architecturesome subset of the resources on another peer. In the proposed model (illustrate in the Fig. 4.1) the Table Iiiconcept of access control is best described as the following Access Tablethings. The subject is defined as an active entity which ID Upload Download Search … Tinitiates access requests and operates on objects. Users orautonomous agents can be subjects. The object is a passiveentity which is target of an access. The examples of objectare files, devices or any other resources that can be used by V. INTERACTION PROCEDURESsubjects. However sometimes, a subject can be an objectand vice versa under the dynamic situation of access in a Interaction procedure (illustrate in Fig. 5.1) in asystem or an organization. typical interaction between a host and a client in our Note that identifying a subject is under the assumption framework. An interaction generally consists of threeof successful authentication of the subject. The model, phases:which mediates the access from a subject to an object,  Preparation phasegrants or denies access requests, based on the security  Transaction phaserelevant attributes of subjects and objects. The model is a  Reputation phasepowerful tool for designing and analyzing system securityunder the assumption of complete invocation for every Firstly, the preparation phase involves theaccess. authentication process. Secondly, the transaction phase allows the client to interact with the host in order to accessA. Discretionary Access Control the files from the other peers, an access of the file can be Discretionary access control (DAC) is an access policy based on the authorization. Finally, the reputation phasethat restricts access to files (and other system objects such consists of judging the interaction based on the transactionas directories and devices) based on the identity of users. of the file quality factors. Not only does DAC let you tell the system that can It can be seen from the whole interaction procedureaccess your data, it lets you specify the type of access that the client plays an active role in everyallowed. For example, you might want everyone in thesystem to be able to read a particular file, but you might phase: from initializing the interaction. The host does awant only yourself and your manager to be able to change minimum amount of work and gets all the requiredit information from the client and from its own database to make the decision. We believe that this is appropriate because the design principle is that the host should not waste much of its resources (such as network bandwidth and CPU cycles), which is primarily beneficial to the client (which is obtaining the files). Hub (Host) - Hub is responsible for keeping information of authentication and authorization of the peer. Agent (Client) - Agent acts as both a client and a server at the same time 5© 2011 ACEEEDOI: 01.IJNS.02.01.28
  6. 6. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 Host Peer Table Iv Client Peer Trust Threshold Authentication Authentication Trust Threshold Meaning Less than x1 Distrust No Valid Preparation phase Between x1 and x2 Average Greater than x2 Full trust Yes B. Screenshots Request a file Search the file Server – A server is a P2P program dedicated to providing Select the peer Send the file one or more services over a computer network. based on reputation location No Check Privileges Access the file Yes Transaction Transaction phase Yes No Figure 6.1 The Server Update reputation Client – A client is a P2P Program dedicated to providing sharing the resources over a computer network Update reputation Reputation phase Yes Another file No Figure 5.1 Flow chart of an interaction between a host peer and client peer Figure 6.2 The Client VI. SIMULATION AND RESULTS File sharing – File sharing refers to the providing Our proposed system was implemented using and receiving of files over a P2P networkMicrosoft Visual VB.Net version 8.0 and SQL Server2005. For implementation we created the peer-to-peernetwork and file sharing system with the following.  Elegant event driven paradigm for easy integration into windows application.  Peer authentication and authorization at application level with username/password and with private key or with the public key.  Instant alert and chart messaging  All standard FTP operations. Figure 6.3 File sharing  Finding the trust worthiness of the peerA. Experimental Setup C. Results Our proposed experiment is built on one central serverand with seven P2P clients setup with 5 upload peer, 2 In our experiments we examined the dependence ofdownload peers with the following thresholds peer performance from its reputation in the following scenarios. Senario1 - Increase in security when including authorization in P2P network 6© 2011 ACEEEDOI: 01.IJNS.02.01.28
  7. 7. ACEEE Int. J. on Network Security, Vol. 02, No. 01, Jan 2011 mechanisms for evaluating a transaction not only help to differentiate poorly performing peers from good ones but also ensure that malicious peers are punished and isolated. Although we have designed our trust based access control framework to work specifically with P2P file sharing networks. REFERENCES Figure 6.4 Authorizations vs. Unauthorization [1] Huafeng Wu, Chaojian Shi, Haiguang Chen,Chuanshan Gao, “A Trust Management Model for P2P File Sharing System”Senario2 - Decrease of positive trust value when peer 2008 International Conference on Multimedia andstarts “acting” maliciously. Ubiquitous Engineering, , page(s) 41-44, February 2008. [2] Lara Srour, Aymaan Kayssi, Ali Chehab “Reputation-Based Algorithm for Managing Trust in File Sharing Network”, IEEE International Conference on Computer and Information Technology, January 2006. [3] S. Q. Zhang, Y.T. Yang, A trust management model for peer-to-peer computer systems, Journal of Harbin Engineering University Vol. 26, No 4, PP 522-525,Aug 2005 [4] Y. Wang, E.J. Vassil, Trust and reputation model in Peer-to- Peer networks. The Third IEEE International Conference on Peer2to2Peer Computing, Linkopings, 2003. [5] E. Damian, D.C. Vimercati et al, A reputation-based Figure 6.5 Peer acting maliciously approach for choosing reliable resources in Peer-to-PeerSenario3 – Gain in positive trust value when peer starts networks, The 9th ACM Conference on Computer and“acting” properly. Communications Security. Washington DC, 2002 [6] A. Singh, L. Liu,, Anonymous management of trust relationships in decentralized P2P systems, The Third IEEE International Conference on Peer-to-Peer Computing, Linkopings, 2004. [7] K. Aberer, Z. Despotovic, Managing trust in a Peer-to-Peer information system, The Tenth International Conference on Information and Knowledge Management (ACM CIKM’01), Linkopings, 2001. [8] Li Xiong and Ling Liu. A Reputation-Based Trust Model for Peer-to-Peer eCommerce Communities. Proceedings of the IEEE International Conference on E- Figure 6.6 Peer acting properly Commerce. [9] Yao Wang and Julita Vassileva. Trust and Reputation Model in Peer-to-Peer Networks. IEEE Proceedings of the Third CONCLUSION International Conference on Peer-to-Peer Computing The proposed trust based access control framework (P2Pa˛r´03), 2003.satisfies the requirements of access control for P2P file- [10] Ali Aydin Selpk, Ersin Uzun and Mark Regat Pariente. A Reputation-Based Trust Management System for P2Psharing systems, by extending the discretionary access Networks. In IEEE International Symposium on Clustercontrol model, P2P’s partial decentralized properties and Computing and the Grid, 2004.peers autonomy are preserved while enabling and [11] Bin Yu, Munindar P. Singh and Katia Sycara. Developingmaintaining collaboration between peers. The trust model Trust in Large-Scale Peer-to-Peer Systems. IEEE 2004.and score systems help to classify both known and [12] Sergio Marti and Hector Garcia-Molina. Limited Reputationunknown visitors according to their trustworthiness and Sharing in P2P Systems. In EC’04 May20.08, 2004, Newcontribution. Hence, appropriate access privileges can be York, New York, USA.assigned to each visitor accordingly. The proposed 7© 2011 ACEEEDOI: 01.IJNS.02.01.28