Trusted P2P Transactions with Fuzzy Reputation Aggregation
IEEE Internet Computing
| Hi-index | 0.00 |
This dissertation investigates the trust and security issues of computational Grids and Peer-to-Peer systems. Realistic platforms for these two distributed computing paradigms are facing security threats from network attacks and system vulnerability. Both systems demand high degree of resource sharing through trust establishment among the peers or among the owning organizations. P2P applications are facing a serious challenge of distrust among the peers who are strangers to each other. In Grid systems, user jobs dispatched across the Grid sites are subject to failures or delays caused by insecure site conditions. To meet the challenges, this thesis provides trust models, defense mechanisms, reputation systems, and security infrastructure to assure security in Grid and P2P systems. A coherent model is provided for trust establishment and security enforcement in distributed systems. The model is based on fuzzy logic inferences. A distributed trust and reputation aggregation scheme is developed through fuzzification and integration of security attributes. To map large-scale applications onto wide-area computational Grids, a security-binding scheme is developed through trust integration across Grid sites. The security binding is achieved by periodic exchange of site security information or peer reputations and matchmaking to satisfy the user job demands. I propose three risk-resilient job scheduling strategies: preemptive, replication, and delay-tolerant. Simulation results show that risk resilient heuristics outperform the traditional heuristic scheduling algorithms. A fuzzy reputation aggregation system---FuzzyTrust---was developed for establishing the mutual trust between peers in P2P transaction applications. FuzzyTrust was built over DHT-based overlay networks. Fuzzy logic inferences were introduced to perform local trust calculation and global reputation aggregation. DHT based implementation offers fast reputation dissemination. The FuzzyTrust system was evaluated with simulation experimental results. In summary, this thesis pushes the state of the art in Trusted Grid and P2P computing and secure resource mapping for large-scale workloads. The research findings, security binding techniques, FuzzyTrust reputation systems, and reported experimental results should be useful to those who work on distributed supercomputing architecture and scalable P2P applications.