Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15.

Similar presentations


Presentation on theme: "A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15."— Presentation transcript:

1 A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15

2 Outline Introduction Access Control Framework Search techniques Conclusion Reference

3 Introduction P2P Concept  P2P file sharing allows users on the edge of network to directly access files from on another ’ s drives. Why P2P so attractive ?  Provide a flexible and universal model for the exchange of information.  Success of P2P file sharing network (i.e. Gnutella, Napster.....) But most P2P file sharing no provide access control.

4 Outline Introduction Access Control Framework Search techniques Conclusion Reference

5 Requirement Access control model requirements  No centralized control or support  Peer classification  Encourage sharing files  Limit spreading of malicious and harmful digital content

6 Basic idea of Framework An access control framework based on the discretionary access control. Each file being assigned two threshold which capture two access aspects. Two threshold values  Trust  Contribution

7 Overall Architecture RD : Resource Discovery FT : File Transfer AC : Access Control

8 Authentication In this framework, a peer is equipped with a 128-bit GUID number and a pair of public/private keys. Authentication procedure  Client sends authentication request.  Host checks in its database.  Host carries out authentication protocol. Authentication protocol based on SSL.

9 Scoring system Host peer needs to classify its client peers. Client peer is required to supply its rating certificates for the host. Access values are evaluated via four types of scores  Direct trust  Indirect trust  Direct contribution  Indirect contribution

10 Direct trust The host’s belief on the client’s capacities, honesty and reliability based on the host’s direct experiences. In this model, use Bethetal’s formula denotes the trust value that peer i has in peer j

11 Direct trust ( Cont. ) n is the number of peer i’s satisfied transactions with peer j. is the learning rate – a real number in the interval [0,1] must chose high enough.

12 Indirect trust Host peer often encounters a client peer that it has never met. The host’s belief on the client’s capacities, honesty and reliability based on recommendations from other peers.

13 Indirect trust ( Cont. ) The indirect trust calculated as denotes the indirect trust of peer i in peer j k is a number fixed by the host. will be range 0 to 1 and less than or

14 Indirect trust ( Cont. ) Indirect trust calculate example assume k = 1

15 Indirect trust ( Cont. ) The two main reasons why divide by k ?  Avoid the client submit only one highest recommendation.  Allowing the host to specify a required number of recommending peers.

16 Direct contribution The contribution of the client to the host in term of information download/upload between them. The direct contribution calculated as is the direct contribution of peer j to peer I denotes the amount information i download from j denotes the amount information j download from i

17 Indirect contribution The contribution of the client to the network in term of information volume exchange. denotes the indirect contribution of peer j from peer i’s point of view.

18 Granting access ( Cont. ) The client’s overall trust and contribution values calculated as value depending on host’s control policy.

19 Granting access Before making a file available for sharing, a host peer defines two thresholds value for the file. Any client peer who has equal to or greater than the corresponding thresholds can access the file

20 Trust and contribution management After completing a download operation, client peer has to issue the host peer a rating certificate. Rating certificate contains the direct trust and direct contribution value based on the transaction’s satisfaction level.

21 Rating certificate format

22 Satisfaction level Evaluate satisfaction level based on the download speeds and file quality. Five levels of satisfaction  Good  Fair T unchanged  Poor  Corrupted  Unknown  Harmful or malicious add to the black list

23 Local file system In local storage it stores follow  Received certificates in which the peer itself is the recommended peer.  Certificates which the peer issued to other peers.  A black list of peers who it believes to have committed malicious acts.

24 Framework interaction procedure

25 Outline Introduction Access Control Framework Search techniques Conclusion Reference

26 Metrics Some metrics for evaluate the effectiveness of search technique.  Cost Bandwidth consumed over every edge in the network on behalf of each query. Processing cost processing power consumed at every node on behalf of each query.

27 Metrics  Quality of results Satisfaction of query user specify a value Z, if the number of result is equal or more than Z, the query is satisfied. Time to satisfaction the time of result arrive.

28 Search techniques Inefficiency search  blind search (BFS) Three efficient search techniques :  Iterative deepening  Directed BFS  Local indices

29 Blind search Node forward to all their neighbors Find max number of results But inefficiency

30 Iterative deepening Satisfaction is the metric of chose. Multiple breadth-fist searches are initiated with successively larger depth limits until query is satisfied or max depth reached. Time cost smaller than blind search

31 Iterative deepening ex. if policy is  Source node initiates a BFS of depth a.  When depth reach, if query not satisfied then continue to depth b and c

32 Directed BFS Minimizing response time. DBFS technique send query messages to just a subset of its neighbors. In order to intelligently select neighbors, node will maintain statistic on its neighbors.

33 Directed BFS Some heuristic can help us to select the best neighbors  Highest number of results for previous query.  Response messages taken the lowest average hop.  Has forwarded the largest number of messages.  Shortest message queue.

34 Local indices Maintaining a high satisfaction rate and number of results while keeping low costs. Node maintains an index over the data of each node within r hops of itself. Parameter r is adjustable and independent of total size of network. It must notify when host joint network Node index the leaving node’s collective will remove after a timeout.

35 Local indices ex. if policy is  Query source will send the query message out to all its neighbors at depth 1.  All node at depth will process and forward to depth 2.  Depth not in list, it forward directly.  Process continue to depth 5

36 Outline Introduction Access Control Framework Search techniques Conclusion Reference

37 Conclusion The framework satisfies the requirements of access control for P2P file-sharing system by trust and contribution model, and the implemented contribution work effectively as a payment scheme that giving incentive for users to share their resource. The disadvantage is some overheads in validity of signatures in the rating certificate.

38 Reference B. Yang and H. Carcia-Molina. Efficient Search in peer-to-peer Networks, ICDCS 2002, Jul 2002 Thomas Beth and Malte Borcherding and Birgit klein Valuation of trust in open network


Download ppt "A Trust Based Assess Control Framework for P2P File-Sharing System Speaker : Jia-Hui Huang Adviser : Kai-Wei Ke Date : 2004 / 3 / 15."

Similar presentations


Ads by Google