Universität Rostock1 A P2P network traffic and access control protocol Herwig Unger Albert – Einstein-Str. 23, 18051 Rostock, Germany Phone: +49 381 498.

Slides:

Advertisements

Similar presentations

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Advertisements

Data and Computer Communications

Secure Multiparty Computations on Bitcoin

CS3771 Today: deadlock detection and election algorithms  Previous class Event ordering in distributed systems Various approaches for Mutual Exclusion.

Resource Management §A resource can be a logical, such as a shared file, or physical, such as a CPU (a node of the distributed system). One of the functions.

CCNA – Network Fundamentals

A Distributed and Oblivious Heap Christian Scheideler and Stefan Schmid Dept. of Computer Science University of Paderborn.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

EE 4272Spring, 2003 Chapter 10 Packet Switching Packet Switching Principles  Switching Techniques  Packet Size  Comparison of Circuit Switching & Packet.

Efficient Retrieval of User Contents in MANETs Δημόκας Νικόλαος Data Engineering Laboratory, Aristotle University of Thessaloniki.

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Building Low-Diameter P2P Networks Eli Upfal Department of Computer Science Brown University Joint work with Gopal Pandurangan and Prabhakar Raghavan.

Gnutella, Freenet and Peer to Peer Networks By Norman Eng Steven Hnatko George Papadopoulos.

Distributed Token Circulation in Mobile Ad Hoc Networks Navneet Malpani, Intel Corp. Nitin Vaidya, Univ. Illinois Urbana-Champaign Jennifer Welch, Texas.

Performance Evaluation of Peer-to-Peer Video Streaming Systems Wilson, W.F. Poon The Chinese University of Hong Kong.

Freenet A Distributed Anonymous Information Storage and Retrieval System I Clarke O Sandberg I Clarke O Sandberg B WileyT W Hong.

Anonymous Gossip: Improving Multicast Reliability in Mobile Ad-Hoc Networks Ranveer Chandra (joint work with Venugopalan Ramasubramanian and Ken Birman)

Wide-area cooperative storage with CFS

Improving Data Access in P2P Systems Karl Aberer and Magdalena Punceva Swiss Federal Institute of Technology Manfred Hauswirth and Roman Schmidt Technical.

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

Switching Techniques Student: Blidaru Catalina Elena.

P2P File Sharing Systems

Freenet. Anonymity  Napster, Gnutella, Kazaa do not provide anonymity  Users know who they are downloading from  Others know who sent a query  Freenet.

A User Experience-based Cloud Service Redeployment Mechanism KANG Yu.

1 Napster & Gnutella An Overview. 2 About Napster Distributed application allowing users to search and exchange MP3 files. Written by Shawn Fanning in.

Introduction Widespread unstructured P2P network

Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.

Network and Systems Security By, Vigya Sharma (2011MCS2564) FaisalAlam(2011MCS2608) DETECTING SPAMMERS ON SOCIAL NETWORKS.

INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.

CH2 System models.

Computer and Data Communications Semester Mohd Nazri Mahmud Session 4a-12 March 2012.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

DELAYED CHAINING: A PRACTICAL P2P SOLUTION FOR VIDEO-ON-DEMAND Speaker : 童耀民 MA1G Authors: Paris, J.-F.Paris, J.-F. ; Amer, A. Computer.

Aggregation in Sensor Networks

The EigenTrust Algorithm for Reputation Management in P2P Networks

University of Kaiserslautern Department of Computer Science Integrated Communication Systems ICSY License4Grid: Adopting DRM for Licensed.

1 Delay Tolerant Network Routing Sathya Narayanan, Ph.D. Computer Science and Information Technology Program California State University, Monterey Bay.

1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.

Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa

1 ACTIVE FAULT TOLERANT SYSTEM for OPEN DISTRIBUTED COMPUTING (Autonomic and Trusted Computing 2006) Giray Kömürcü.

Trust calculus for PKI Roman Novotný, Milan Vereščák.

P2PComputing/Scalab 1 Gnutella and Freenet Ramaswamy N.Vadivelu Scalab.

K-Anycast Routing Schemes for Mobile Ad Hoc Networks 指導老師 : 黃鈴玲教授學生 : 李京釜.

1 Client-Server Interaction. 2 Functionality Transport layer and layers below –Basic communication –Reliability Application layer –Abstractions Files.

1 Gossip-Based Ad Hoc Routing Zygmunt J. Haas, Joseph Halpern, LiLi Cornell University Presented By Charuka Silva.

Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks Donggang Liu and Peng Ning Department of Computer.

Peer to Peer Network Design Discovery and Routing algorithms

Ad Hoc On-Demand Distance Vector Routing (AODV) ietf

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

Fall 2006CS 395: Computer Security1 Key Management.

Fault Tolerance (2). Topics r Reliable Group Communication.

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

THE LARGEST NAME SERVICE ACTING AS A PHONE BOOK FOR THE INTERNET The Domain Name System click here to next page 1.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 

William Stallings Data and Computer Communications

Presented by Muhammad Abu Saqer

CHAPTER 3 Architectures for Distributed Systems

Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.

Data and Computer Communications

Switching Techniques.

A Scalable Peer-to-peer Lookup Service for Internet Applications

Presentation transcript:

Universität Rostock1 A P2P network traffic and access control protocol Herwig Unger Albert – Einstein-Str. 23, Rostock, Germany Phone: , Fax:

Universität Rostock2 Motivation decentralized P2P system recently gained an increasing popularity due to a lot of advantages communities are built on the base of such systems reflecting it its structures the social relations between ist users however, contents is offered only by a small group of users – e.g. 5% of all machines host 70% of all contents offering contents is not attractive for the users, since hereby a lot of bandwidth is taken to answer remote user‘s request lurker and freerider mostly take advantage from such systems Powerful control mechanisms are needed to control traffic and access of resources

Universität Rostock3 Ideas: what can be done with virtual money Special services (not standard services like search) and information are only available for an additional payment. High priorities for the service execution are given for additional payment, since these priorities may cause shorter answer times. Bandwidth will be limited. Standard user communication is either done with a small percentage of the available communication bandwidth or only available, if the network load is not to high. Hopcounters of message chains are lower for standard users. Therefore, standard users may not see the whole size of the network and cannot access to all available information.

Universität Rostock4 Requirements to virtual money 1.An amount of money represented through tokens must be generated in the community. 2.The amount of money must be adapted to the number of community members and therefore the potential to offer services/resources in a community. 3.Fault tolerance and copy protection must be provided by decentralized algorithms. 4.Safe trading mechanisms must be described Virtual money on the base of a token population shall be used with a respective transmission protocol

Universität Rostock5 Building trust Trusted third authorities (machines) Duration of mutual relations + possibility to predict the other‘s behavior witnesses, control by a group of other machines e.g. trust chains

Universität Rostock6 Control of the token amount f(community_member) oThe number of tokens in the population can be controlled with a decentralized mechanism. oEvery node generates and kills tokens depending on the average time between the visits of 2 tokens. oThe existing number of tokens is an almost stable value over the time and depends from the number and characteristics of the community members. Statistics of the token population

Universität Rostock7 Statistics for the amount of money Statistics – difference between token generation and removal for every node oTokens removal means to destroy money, which is owned by one of the community members. oEven if the monetary value is small, too large lost / win by this process must be avoided. oSince the process is done pretty randomly, the „+“ and „-“ are well balanced for every node of the community over a linger time.

Universität Rostock8 The token structure

Universität Rostock9 The copy safe protocol for money token Time K=2 logical transfer physical transfer by protocol a) Forward (FWD) Protocolb) Token transmission realized by the protocol Machine iMachine i-K (witness) Machine i+K FWD_witness FWD_i+1 Acknowledge RCV Acknowledge FWD Acknowledge FWD_i+1

Universität Rostock10 where is equal. 1.The probability that k nodes are active is 2.The probability that a machine is in the network is not equally distributed over the whole day. It will be significantly higher a few moments after the time when it has been already seen in the network. 3.The exponential distribution can be used to model this stochastic lifetime problem. 4.If a computer c i has been a member of a community at time t i, the probability p(c i ) that it is still connected with this community at time t' i (with t i < t' i ) is given by Analysis I

Universität Rostock11 Analysis II 5. Therefore, the probability p(n) that at least n of K machines are available after some times is given by what can be estimated for equal, average transmission and processing times by with 30 machines are a good compromise

Universität Rostock12 Fault tolerance In case the of no response of the owner node x, the token will be forwarded to the next node without replacing x for a fixed set of L cycles; i.e. in case x joins the community in this time again, it will still have access to its coin. After L cycles the money is assigned to any node from the history. If one other node i-K does not respond, i-(K-1) will be used instead. All predecessors j in the history, j=i-(k-1) (1) i-1, will be put on position j-1 and for position i-1 a randomly selected, new node will be contacted and obtain the needed information of the token. For security reasons, this replacement can be done for limited number of nodes in the history, only. Every owner of a token may keep a copy his tokens. In case one of the tokens is not returned to its owner within a timeout interval, it may use the copy to contact all nodes kept in the history, find out the place of loss an re-initiate the respective token game.

Universität Rostock13 1.The owner crypts his own and the IP address of the receiver (typically with its private key) and put it on the token. 2.The new owner is set as the successor of the old owner in the forward cycle. 3.The token pass another cycle over the new owner and K-2 randomly selected machines. 4.The machines along the history trail check the authenticity of the token and store the old and new owner information. 5.For a second cycle, the old owner adds again the new owner as its sucessor. 6.Now, the new owner replaces the two IP addresses attached by its own (crypted with its provate key), only. This change can be confirmed by the nodes of the history, since they do know both addresses from the last cycle. 7.The token forward will be continued with the new owner (i.e. a new node, where the token return to after K-1 steps). Trading

Universität Rostock14 Network traffic control 1.tokens are used. 2.the number of tokens will be controlled by all community members in a decentral manner, again. 3.the tokens are not used as money but as PERMIT to transfer messages or data ackages with a fixed size. 4.tokens use the before introduced protocol, messages / date may be sent directly. 5.from community members, only incoming messages authorized by tokens are accepted.

Universität Rostock15 Conclusion oThe introduced probabilistic money system may control access and traffic in P2P communities in a fair manner. oThe user do not see the trading activities but the knowledge about its existence may force him to contribute resources. oThe properties of the payment system differ from real money. oThe developed protocol ensures probabilistically security and copy protection for the money tokens. oOn top of a non-stable community a stable structure is built, which probably can be used for other applications, too.

Universität Rostock16 Thank you for your attention !Contact: Herwig Unger FB Informatik, Universität Rostock D Rostock Telefon: