Primary-Backup Access Control Scheme for Securing P2P File-Sharing Systems

Full Text (PDF, 1213KB), PP.8-15

Views: 0 Downloads: 0

Author(s)

Jianfeng Lu 1,* Ruixuan Li 1 Zhengding Lu 1 Xiaopu Ma 1

1. College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, Hubei, P. R. China

* Corresponding author.

DOI: https://doi.org/10.5815/ijitcs.2009.01.02

Received: 23 Mar. 2009 / Revised: 1 Jun. 2009 / Accepted: 11 Aug. 2009 / Published: 8 Oct. 2009

Index Terms

P2P, role based access control, credential, primary-backup

Abstract

Peer-to-peer (P2P) file-sharing systems have gained large interests among the internet users. However, wide-scale applications of P2P file-sharing technologies are constrained by the limitations associated with the sophisticated control mechanisms. Moreover, the decentralized and anonymous characteristics of P2P environments make it more difficult to control accesses on the shared resources, especially for using traditional access control methods. To overcome these limitations, we propose a role-based access control architecture for P2P file-sharing systems that supports autonomous decisions and centralized controls. The architecture integrates policies of credential, identity and role-based access control models to provide scalable, efficient and fault-tolerant access control services. Furthermore, we employ the primary-backup (PB) scheme to preserve P2P decentralized structure and peers’ autonomy property while enabling collaboration between peers. In particular, we propose a method for setting up interoperating relationships between domains by role mappings and resolve two kinds of interoperability conflicts while mapping roles from foreign domain to local domain without centralized authority. We believe that the proposed architecture is realistic, efficient and can provide controlled communications between peers.

Cite This Paper

Jianfeng Lu, Ruixuan Li, Zhengding Lu, Xiaopu Ma, "Primary-Backup Access Control Scheme for Securing P2P File-Sharing Systems", International Journal of Information Technology and Computer Science(IJITCS), vol.1, no.1, pp.8-15, 2009. DOI: 10.5815/ijitcs.2009.01.02

Reference

[1] S. Saroiu, P. Gummadi, and S. Gribbe (2002), “A measurement study of peer-to-peer file-sharing systems,” Technical report UW-CSE-01-06002, University of Washington.

[2] Napster, http://www.napster.com.

[3] Gnutella, http://www.gnutella.com

[4] Kazaa Media Desktop, http://www.kazaa.com

[5] I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan, “Chord: A scalable peer-to-peer lookup service for internet applications,” in ACM SIGCOMM, August 2001, pp. 149–160.

[6] S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Schenker, “A scalable content-addressable network,” in SIGCOMM. ACM Press, 2001, pp. 161–172.

[7] K. Aberer, P. Cudr´e-Mauroux, M. Hauswirth, and T. V. Pelt, “Gridvine: Building internet-scale semantic overlay networks,” in International Semantic Web Conference, 2004, pp. 107–121.

[8] A. R. Bharambe, M. Agrawal, and S. Seshan, “Mercury: supporting scalable multi-attribute range queries,” in SIGCOMM, 2004.

[9] D. Clark, “Face-to-Face with Peer-to-Peer networking,” IEEE computer, Jan 2001.

[10] Evangelos Markatos, “Tracing a large-scale Peer to Peer System,” an hour in the life of Gnutella, CCGrid'2002, May 2002.

[11] A. Crespo and H. Garcia-Molina, “Semantic Overlay Networks,” Submitted for publication 2002.

[12] ANSI. American National Standard for Information Technology-Role Based Access Control. ANSI INCITS 359-2004, 2004.

[13] M.R. Garey and D.S. Johnson, “Computers and intractability, a guide to the theory of NP-completeness,” W.H. Free-man Company, San Francisco, 1979.

[14] Y. Wang and J. Vassileva, “Bayesian Network Trust Model in Peer-to-Peer Networks,” AP2PC 2003, July 2003.

[15] Selcuk, Ali Aydin and Uzun, Ersin and Pariente, Mark R, “A Reputation-Based Trust Management System for P2P Networks,” CCGRID2004, April 2004.

[16] Winslett, M., Zhang, C.C., and Bonatti, P.A., “Access control: PeerAccess: a logic for distributed authorization. Proc,”12th ACM Conf. on Computer and Communications Security, November 2005.

[17] K. Zhang, and T.Kindberg, “An authorization infrastructure for nomadic computing,” Proc. Seventh ACM Symp. on Access Control Models and Technologies, Monterey, CA, June 2002, pp. 107–113.

[18] Joon S. Park & Junseok Hwang, “Role-based Access Control for Collaborative Enterprise In P2P Computing Environment,” SACMAT, Jun 2003.

[19] R. Sandhu, and X. Zhang, “Peer-to-peer access control architecture using trusted computing technology,” Proc. 10th ACM Symp, On Access Control Models and Technologies, Stockholm, Sweden, June 2005, pp. 147–158

[20] K. Lai, M. Feldman, J. Chuang, and I. Stoica, “Incentives for Cooperation in Peer-to-Peer Networks,” Workshop on Economics of Peer-to-Peer Systems, June, 2003.

[21] R. Buyya, D. Abramson, J. Giddy, and H. Stockinger, “Economic Models for Resource Management and Scheduling in Grid Computing,” CCPE Journal, May 2002.

[22] S. Ghosh, R. Melhem, and D. Mosse, “Fault-tolerant scheduling on a hard real-time multiprocessor system,” In Proc. International Parallel Processing Symposium, Apr. 1994.

[23] Apu Kapadia, Jalal Al2Muhtadi, R1 Campbell, “IRBAC 2000: Secure interoperability using dynamic role translation,” University of Illinois, Technical Report: UIUCDCS-R-2000-2162 , 2000.

[24] E. Lupu and M. Sloman, “Conflicts in Policy-Based Distributed Systems Management,” IEEE Trans. Software Eng., vol 25, no. 6, pp. 852-869, Nov. 1999.