Flexible security in peer-to-peer applications: Enabling new opportunities beyond file sharing

Authors:
Luciano Paschoal Gaspary;Marinho P. Barcellos;André Detsch;Rodolfo S. Antunes
Affiliations:
Universidade Federal do Rio Grande do Sul (UFRGS), Av. Bento Gonçalves, 9500, Bloco IV, 91.501-970 Porto Alegre, Brazil;PIPCA/UNISINOS, Postgraduate Program on Applied Computing, Av. Unisinos, 950, 93.022-000 São Leopoldo, Brazil;PIPCA/UNISINOS, Postgraduate Program on Applied Computing, Av. Unisinos, 950, 93.022-000 São Leopoldo, Brazil;PIPCA/UNISINOS, Postgraduate Program on Applied Computing, Av. Unisinos, 950, 93.022-000 São Leopoldo, Brazil
Venue:
Computer Networks: The International Journal of Computer and Telecommunications Networking
Year:
2007

Citing 25
Cited 2

Query-flood DoS attacks in gnutella

Proceedings of the 9th ACM conference on Computer and communications security
JXTA: A Network Programming Environment

IEEE Internet Computing
Protecting Free Expression Online with Freenet

IEEE Internet Computing
Distributed Search in P2P Networks

IEEE Internet Computing
Security Considerations for Peer-to-Peer Distributed Hash Tables

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
The Eigentrust algorithm for reputation management in P2P networks

WWW '03 Proceedings of the 12th international conference on World Wide Web
Role-based access control for collaborative enterprise in peer-to-peer computing environments

Proceedings of the eighth ACM symposium on Access control models and technologies
Security for Grid Services

HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
Admission Control in Peer Groups

NCA '03 Proceedings of the Second IEEE International Symposium on Network Computing and Applications
Is Peer-to-Peer Secure Enough for Corporate Use?

Computer
Shilling recommender systems for fun and profit

Proceedings of the 13th international conference on World Wide Web
Dependability in Peer-to-Peer Systems

IEEE Internet Computing
Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
A survey of peer-to-peer content distribution technologies

ACM Computing Surveys (CSUR)
Secure routing for structured peer-to-peer overlay networks

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Denial-of-service resilience in peer-to-peer file sharing systems

SIGMETRICS '05 Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Trusted P2P Transactions with Fuzzy Reputation Aggregation

IEEE Internet Computing
Defending against eclipse attacks on overlay networks

Proceedings of the 11th workshop on ACM SIGOPS European workshop
Taxonomy of trust: categorizing P2P reputation systems

Computer Networks: The International Journal of Computer and Telecommunications Networking - Management in peer-to-peer systems
Tor: the second-generation onion router

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Policy-Based Access Control in Peer-to-Peer Grid Systems

GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A survey of peer-to-peer security issues

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Sybil-resistant DHT routing

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A survey and comparison of peer-to-peer overlay network schemes

IEEE Communications Surveys & Tutorials

IndNet: towards a peer-to-peer community network that connects the information technology industry and academia in India

International Journal of Networking and Virtual Organisations
Toward a Quality-of-Service Framework for Peer-to-Peer Applications

International Journal of Distributed Systems and Technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

The widespread adoption of P2P applications in environments beyond ordinary file sharing demands the fulfillment of several security requirements. Important steps have been taken towards security in P2P systems, with relevant mechanisms being proposed in the past to address specific vulnerabilities. However, existing approaches lack flexibility, since they do not (include enough mechanisms to) tackle a wide range of requirements in an integrated fashion. In addition, they oblige the user/application to manipulate a complex programming interface, as well as going through a cumbersome configuration process. To address these issues, we present P2PSL (P2P Security Layer), a software architecture that allows gradual and flexible integration of security functionality into P2P applications. To show concept and technical feasibility, we have implemented P2PSL, assessed the overhead it induces, and estimated the feasibility of incorporating the layer into two categories of real world P2P applications.