![Page 1: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/1.jpg)
A Trust Based Assess Control Framework for P2P File-Sharing System
Speaker : Jia-Hui Huang
Adviser : Kai-Wei Ke
Date : 2004 / 3 / 15
![Page 2: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/2.jpg)
Outline
Introduction Access Control Framework Search techniques Conclusion Reference
![Page 3: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/3.jpg)
Introduction
P2P Concept P2P file sharing allows users on the edge of
network to directly access files from on another’s drives.
Why P2P so attractive ? Provide a flexible and universal model for the
exchange of information. Success of P2P file sharing network (i.e. Gnutella,
Napster.....) But most P2P file sharing no provide access
control.
![Page 4: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/4.jpg)
Outline
Introduction Access Control Framework Search techniques Conclusion Reference
![Page 5: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/5.jpg)
Requirement
Access control model requirements No centralized control or support Peer classification Encourage sharing files Limit spreading of malicious and harmful digital
content
![Page 6: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/6.jpg)
Basic idea of Framework
An access control framework based on the discretionary access control.
Each file being assigned two threshold which capture two access aspects.
Two threshold values Trust Contribution
![Page 7: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/7.jpg)
Overall Architecture
RD : Resource Discovery
FT : File Transfer AC : Access
Control
![Page 8: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/8.jpg)
Authentication
In this framework, a peer is equipped with a 128-bit GUID number and a pair of public/private keys.
Authentication procedure Client sends authentication request. Host checks in its database. Host carries out authentication protocol.
Authentication protocol based on SSL.
![Page 9: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/9.jpg)
Scoring system
Host peer needs to classify its client peers. Client peer is required to supply its rating
certificates for the host. Access values are evaluated via four types of
scores Direct trust Indirect trust Direct contribution Indirect contribution
![Page 10: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/10.jpg)
Direct trust
The host’s belief on the client’s capacities, honesty and reliability based on the host’s direct experiences.
In this model, use Bethetal’s formula
denotes the trust value that peer i has in peer j
nijT 1
ijT
![Page 11: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/11.jpg)
Direct trust ( Cont. )
n is the number of peer i’s
satisfied transactions with peer j.
is the learning rate – a real number in the interval [0,1]
must chose high enough.
![Page 12: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/12.jpg)
Indirect trust
Host peer often encounters a client peer that it has never met.
The host’s belief on the client’s capacities, honesty and reliability based on recommendations from other peers.
![Page 13: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/13.jpg)
Indirect trust ( Cont. )
The indirect trust calculated as
denotes the indirect trust of peer i in peer j
k is a number fixed by the host.
will be range 0 to 1 and less than or
kTTRk
ttjitij /)(
1
ijR
ijR itT tjT
![Page 14: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/14.jpg)
Indirect trust ( Cont. )
Indirect trust calculate example
assume k = 1
![Page 15: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/15.jpg)
Indirect trust ( Cont. )
The two main reasons why divide by k ? Avoid the client submit only one highest
recommendation. Allowing the host to specify a required number of
recommending peers.
![Page 16: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/16.jpg)
Direct contribution
The contribution of the client to the host in term of information download/upload between them.
The direct contribution calculated as
is the direct contribution of peer j to peer I
denotes the amount information i download from j
denotes the amount information j download from i
jiijij DDQ
ijQ
ijD
jiD
![Page 17: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/17.jpg)
Indirect contribution
The contribution of the client to the network in term of information volume exchange.
denotes the indirect contribution of peer j from peer i’s point of view.
k
ttjitij QTP
1
ijP
![Page 18: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/18.jpg)
Granting access ( Cont. )
The client’s overall trust and contribution values calculated as
value depending on host’s control policy.
ijRijTij RCTCA
ijPijQij PCQCB
1 RT CC
1 PQ CC
PQRT CCCC 、、、
![Page 19: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/19.jpg)
Granting access
Before making a file available for sharing, a host peer defines two thresholds value for the file.
Any client peer who has equal to or greater than the corresponding thresholds can access the file
![Page 20: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/20.jpg)
Trust and contribution management After completing a download operation, client
peer has to issue the host peer a rating certificate.
Rating certificate contains the direct trust and direct contribution value based on the transaction’s satisfaction level.
![Page 21: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/21.jpg)
Rating certificate
Rating certificate format
![Page 22: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/22.jpg)
Satisfaction level
Evaluate satisfaction level based on the download speeds and file quality.
Five levels of satisfaction Good Fair T unchanged Poor Corrupted Unknown Harmful or malicious add to the black list
0T
)1(1 nT )2/(1 nT
)1(1 nT
![Page 23: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/23.jpg)
Local file system
In local storage it stores follow Received certificates in which the peer itself is the
recommended peer. Certificates which the peer issued to other peers. A black list of peers who it believes to have
committed malicious acts.
![Page 24: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/24.jpg)
Framework interaction procedure
![Page 25: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/25.jpg)
Outline
Introduction Access Control Framework Search techniques Conclusion Reference
![Page 26: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/26.jpg)
Metrics
Some metrics for evaluate the effectiveness of search technique. Cost
Bandwidth
consumed over every edge in the network on behalf of each query.
Processing cost
processing power consumed at every node on behalf of each query.
![Page 27: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/27.jpg)
Metrics
Quality of results Satisfaction of query
user specify a value Z, if the number of result is equal or more than Z, the query is satisfied.
Time to satisfaction
the time of result arrive.
![Page 28: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/28.jpg)
Search techniques
Inefficiency search blind search (BFS)
Three efficient search techniques: Iterative deepening Directed BFS Local indices
![Page 29: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/29.jpg)
Blind search
Node forward to all their neighbors
Find max number of results
But inefficiency
![Page 30: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/30.jpg)
Iterative deepening
Satisfaction is the metric of chose. Multiple breadth-fist searches are initiated
with successively larger depth limits until query is satisfied or max depth reached.
Time cost smaller than blind search
![Page 31: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/31.jpg)
Iterative deepening
ex.
if policy is Source node initiates a
BFS of depth a. When depth reach, if
query not satisfied then continue to depth b and c
},,{ cbaP
![Page 32: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/32.jpg)
Directed BFS
Minimizing response time. DBFS technique send query messages to
just a subset of its neighbors. In order to intelligently select neighbors, node
will maintain statistic on its neighbors.
![Page 33: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/33.jpg)
Directed BFS
Some heuristic can help us to select the best neighbors Highest number of results for previous query. Response messages taken the lowest average
hop. Has forwarded the largest number of messages. Shortest message queue.
![Page 34: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/34.jpg)
Local indices
Maintaining a high satisfaction rate and number of results while keeping low costs.
Node maintains an index over the data of each node within r hops of itself.
Parameter r is adjustable and independent of total size of network.
It must notify when host joint network Node index the leaving node’s collective will
remove after a timeout.
![Page 35: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/35.jpg)
Local indices
ex.
if policy is Query source will send the
query message out to all its neighbors at depth 1.
All node at depth will process and forward to depth 2.
Depth not in list, it forward directly.
Process continue to depth 5
}5,1{P
![Page 36: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/36.jpg)
Outline
Introduction Access Control Framework Search techniques Conclusion Reference
![Page 37: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/37.jpg)
Conclusion
The framework satisfies the requirements of access control for P2P file-sharing system by trust and contribution model, and the implemented contribution work effectively as a payment scheme that giving incentive for users to share their resource.
The disadvantage is some overheads in validity of signatures in the rating certificate.
![Page 38: A Trust Based Assess Control Framework for P2P File-Sharing System](https://reader035.vdocument.in/reader035/viewer/2022062806/56814f05550346895dbc98ab/html5/thumbnails/38.jpg)
Reference
B. Yang and H. Carcia-Molina. Efficient Search in peer-to-peer Networks, ICDCS 2002, Jul 2002
Thomas Beth and Malte Borcherding and Birgit klein Valuation of trust in open network