This paper presents a new way of deploying security properties and trust in an open peer-to-peer network. The originality is that the security properties are freely defined by the user and are attached to the exchanged resources that are associated with domains. The paper proposes an implementation of a monitoring agent that looks after an open source peer-to-peer client and detects any attempt of bypassing the defined security policy. The monitoring agent evaluates the consistency of policies when a transaction occurs and measures the trust of peers before authorizing the transaction. Even if an experienced hacker can defeat locally the enforcement of the security policy, we show that this malicious user will be progressively excluded from the network by the computation of its trust. The trust measure of a peer is based on the consistency of the declared policy, its history of transactions and the evaluation of download challenges sent to a set of neighbors of the evaluated peer. A prototype of monitoring agent and a peer-to-peer client have been implemented and we show how a policy can be enforced locally to protect the resources at filesystem level. A second experiment has been performed in order to evaluate the trust computation using a peer-to-peer simulator for a network of 100 nodes.
Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.