Advertisement

Enforcement of Communal Policies for P2P Systems

  • Mihail Ionescu
  • Naftaly Minsky
  • Thu D. Nguyen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2949)

Abstract

We consider the question of how to establish and enforce communal policies for peer-to-peer (P2P) communities. Generally, members of each P2P community must conform to an application specific communal policy if the community is to operate smoothly and securely. An open question, however, is how can such communal policies be established reliably and in a scalable manner? While some communities can rely on voluntary compliance with their stated policies, voluntary compliance will not be sufficient for many future P2P applications. We illustrate the nature of policies that must be enforced to be reliable by means of an example of a community that operates like Gnutella, but which is established to exchange more sensitive and critical information than music files. Then, we propose to employ the intrinsically distributed control mechanism called Law-Governed Interaction (LGI) for the scalable enforcement of communal P2P policies. To demonstrate the efficacy of the proposed approach, we show how our example policy can be formulated and enforced under LGI. Finally, we modify an existing open-source Gnutella client to work with LGI and show that the use of LGI incurs little overhead.

Keywords

Home Agent Reputation System Deontic Logic Communal Policy Query Message 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aberer, K., Despotovic, Z.: Managing Trust in a Peer-2-Peer Information System. In: Proceedings of the 10th International Conference on Information and Knowledge Management (ACM CIKM) (2001)Google Scholar
  2. 2.
    Advogado. Website, http://www.advogato.org/
  3. 3.
    Anderson, J.P.: Computer security technology planning study. Technical Report TR-73-51, Air Force Electronic System Division (1972)Google Scholar
  4. 4.
    Ao, X., Minsky, N., Nguyen, T., Ungureanu, V.: Law-governed communities over the internet. In: Porto, A., Roman, G.-C. (eds.) COORDINATION 2000. LNCS, vol. 1906, pp. 133–147. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Brown, M.: Agents with changing and conflicting commitments: a preliminary study. In: Proc. of Fourth International Conference on Deontic Logic in Computer Science (DEON 1998) (January 1998)Google Scholar
  6. 6.
    Chen, R., Yeager, W.: Poblano: A Distributed Trust Model for Peer-to-Peer Networks, http://www.jxta.org/docs/trust.pdf
  7. 7.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: A Distributed Anonymous Information Storage and Retrieval System. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 46–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Clip2 DSS. Gnutella: To the Bandwidth Barrier and Beyond (November 2000), http://www.clip2.com/gnutella.html
  9. 9.
    Cornelli, F., Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Implementing a Reputation-Aware Gnutella Servent. In: Proceedings of International Workshop on Peer to Peer Computing (2002)Google Scholar
  10. 10.
    Dingledine, R., Freedman, M.J., Molnar, D.: The Free Haven Project: Distributed Anonymous Storage Service. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 67–95. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Ferraiolo, D., Barkley, J., Kuhn, R.: A role based access control model and refernce implementation within a corporate intranets. ACM Transactions on Information and System Security 2(1) (February 1999)Google Scholar
  12. 12.
  13. 13.
    Ionescu, M., Minsky, N., Nguyen, T.: Enforcement of communal policies for p2p systems. Technical Report DCS-TR-537, Department of Computer Science, Rutgers University (December 2003)Google Scholar
  14. 14.
    Karjoth, G.: The authorization service of tivoli policy director. In: Proc. of the 17th Annual Computer Security Applications Conference, ACSAC 2001 (December 2001) (to appear)Google Scholar
  15. 15.
  16. 16.
    Linington, P.F.: Options for expressing ODP enterprise communities and their policies by using UML. In: Proceedings of the Third Internantional Enterprise Distributed Object Computing (EDOC 1999) Conference. IEEE, Los Alamitos (September 1999)Google Scholar
  17. 17.
    Linington, P.F., Milosevic, Z., Raymond, K.: Policies in communities: Extending the odb enterprise viewpoint. In: Proceedings of the Second Internantional Enterprise Distributed Object Computing (EDOC 1998) Conference. IEEE, Los Alamitos (November 1998)Google Scholar
  18. 18.
    Meyer, J.J.C., Wieringa, R.J., Dignum, F.P.M.: The role of deontic logic in the specification of information systems. In: Chomicki, J., Saake, G. (eds.) Logic for Databases and Information Systems. Kluwer, Dordrecht (1998)Google Scholar
  19. 19.
    Minsky, N., Ungureanu, V.: Scalable Regulation of Inter-Enterprise Electronic Commerce. In: Proceedings of the Second International Workshop on Electronic Commerce (2001)Google Scholar
  20. 20.
    Minsky, N.H.: The imposition of protocols over open distributed systems. IEEE Transactions on Software Engineering (February 1991)Google Scholar
  21. 21.
    Minsky, N.H., Ungureanu, V.: A mechanism for establishing policies for electronic commerce. In: The 18th International Conference on Distributed Computing Systems (ICDCS), pp. 322–331 (May 1998)Google Scholar
  22. 22.
    Minsky, N.H., Ungureanu, V.: Law-governed interaction: a coordination and control mechanism for heterogeneous distributed systems. TOSEM, ACM Transactions on Software Engineering and Methodology 9(3), 273–305 (2000)CrossRefGoogle Scholar
  23. 23.
  24. 24.
    Oram, A.: PEER-TO-PEER: Harnessing the Benefits of a Disruptive Technology. O’Reilly & Associates, Inc., Sebastopol (2001)Google Scholar
  25. 25.
    Ratnasamy, S., Francis, P., Handley, M., Karp, R., Shenker, S.: A scalable content addressable network. In: Proceedings of the ACM SIGCOMM 2001 Conference (2001)Google Scholar
  26. 26.
    Rowstron, A., Druschel, P.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: Guerraoui, R. (ed.) Middleware 2001. LNCS, vol. 2218, p. 329. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  27. 27.
    Schneier, B.: Applied Cryptography. John Wiley and Sons, Chichester (1996)zbMATHGoogle Scholar
  28. 28.
    Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications. In: Proceedings of the ACM SIGCOMM 2001 Conference (August 2001)Google Scholar
  29. 29.
    The Furi Project. Website, http://www.furi.org
  30. 30.
    The SlashDot Home Page. Website: 164, http://www.slashdot.org/
  31. 31.
    Ungureanu, V., Minsky, N.H.: Establishing business rules for inter-enterprise electronic commerce. In: Herlihy, M.P. (ed.) DISC 2000. LNCS, vol. 1914, pp. 179–193. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  32. 32.
    Waldman, M., Rubin, A.D., Cranor, L.F.: Publius: A Robust, Tamper-Evident, Censorship-Resistant, Web Publishing System. In: Proceedings of the 9th USENIX Security Symposium (August 2000)Google Scholar
  33. 33.
    Zhao, Y., Kubiatowicz, J., Joseph, A.: Tapestry: An infrastructure for faulttolerant wide-area location and routing. Technical Report UCB/CSD-01-1141. University of California, Berkeley (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Mihail Ionescu
    • 1
  • Naftaly Minsky
    • 1
  • Thu D. Nguyen
    • 1
  1. 1.Department of Computer ScienceRutgers UniversityPiscatawayUSA

Personalised recommendations