Notary-based self-healing mechanism for centralized peer-to-peer infrastructures

• Autorzy: Oryńczak G. , Kotulski Z.

Identyfikatory

DOI

10.2478/v10065-012-0023-1

• Języki publikacji: EN

Abstrakty

EN

Centralized architecture, due to its simplicity, fast and reliable user management mechanism (authorization, authentication and lookup) and O(1) searching capability, is still a preferable choice for many P2P-based services. However, it suffers from a “single point of failure” vulnerability, so networks based on this topology are highly vulnerable to DoS attacks or other blocking attempts. This paper describes a new mechanism that can be used for centralized P2P networks to prevent a P2P service unavailability after central server failure. High security level is obtained by using notary servers which track server public key changes and collect social feedback from users. This allows not only to detect popular attacks (like man-in-the middle) but also to assess whether the Central Server (CS) behaves properly. In the case of central server failure or when server becomes compromised, decentralized Condorcet voting is preformed and new CS is selected. Additionally, by incorporating a reputation mechanism which uses two kinds of scores respectively for providing good service and fair evaluation of other peers, the best candidates for a new Central Server can be chosen. Valuable data which is used to rebuild user database in new CS is stored in the encrypted form in peers and updated during the user-peer authorization process. The decryption key is divided between peers using the threshold secret sharing method.

Słowa kluczowe

EN

P2P networks; self-healing; notary servers

• Wydawca: Wydawnictwo UMCS
• Czasopismo: Annales Universitatis Mariae Curie-Skłodowska. Sectio AI, Informatica
• Rocznik: 2012
• Tom: Vol. 12, no. 4
• Strony: 97--112
• Opis fizyczny: Bibliogr.17 poz., rys.

Twórcy

autor

Oryńczak G.

• Jagellonian University, Department of Physics, Astronomy and Applied Computer Science, Cracow, Poland

autor

Kotulski Z.

• Institute of Telecommunications, Warsaw University of Technology, Warsaw, Poland

Bibliografia

• [1] Hefeeda M., Habib A., Botev B., Xu D., Bhargava B., PROMISE: Peer-To-Peer Media Streaming Using Collectcast, Proceedings of ACM Multimedia (2003): 45.
• [2] Orynczak G., Kotulski Z., Agent based infrastructure for real-time applications, Annales UMCS Informatica 11 (4) (2011): 33.
• [3] Goldschlag D., Reed M., Syverson P., Onion routing, Communications of the ACM 42 (2) (1999): 39.
• [4] Dingledine R., Mathewson N., Syverson P., Tor: The Second-Generation Onion Router, Proceedings of the 13th USENIX Security Symposium (2004).
• [5] Baset S., Schulzrinne H., An analysis of the skype peer-to-peer internet telephony protocol, Technical Report CUCS-039-04, Computer Science Department, Columbia University, New York, NY (2004).
• [6] Stoica I., Morris R., Karger D., Kaashoek F., Balakrishnan H., Chord: A scalable peer-to-peer lookup service for Internet applications, Proceedings of ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications SIGCOMM’01 (2001): 149.
• [7] Ratnasamy S., Francis P., Handley M., Karp R., Shenker S., A scalable content addressable network, Proceedings of ACM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications SIGCOMM’01 (2001): 161.
• [8] Wang Ch., Li B., Peer-to-peer overlay networks: A survey, Technical Report, Department of Computer Science, HKUST (2003).
• [9] Liu J., Issarny V., Enhanced Reputation Mechanism for Mobile ad hoc Networks, Proceeding of Trust Management: Second International Conference iTrust’04, LNCS 2995 (2004): 48.
• [10] Callegati F., Cerroni W., Ramilli M., Man-in-the-middle attack to the HTTPS protocol, IEEE Security and Privacy 7 (1) (2009): 78.
• [11] Wendlandt D., Andersen D., Perrig A., Perspectives: Improving SSH-style host authentication with multi-path probing, Proceedings of USENIX Annual Technical Conference (2008).
• [12] Sheng S., Wardman B., Warner G., Cranor L. F., Hong J., Zhang C., An empirical analysis of phishing blacklists, Sixth Conference on Email and AntiSpam (2009).
• [13] Gifford D., Weighted Voting for Replicated Data, Proceedings of Symposium on Operating Systems Principles SOSP’79 (1979): 150.
• [14] Jetter O., Dinger J., Hartenstein H., Quantitative analysis of the sybil attack and effective sybil resistance in peer-to-peer systems, Proceedings of IEEE Conference on Communications ICC’10 (2010): 1.
• [15] Schulze M., A new monotonic, clone-independent, reversal symmetric, and condorcet-consistent single-winner election method, Social Choice and Welfare 36 (2) (2011): 303.
• [16] Nakamoto S., Bitcoin: A peer-to-peer electronic cash system; http://bitcoin.org/bitcoin.pdf.
• [17] Karnin E. D., Greene J. W., Hellman M. E., On secret sharing systems, IEEE Transactionson Information Theory 29 (1) (1983): 35.