Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Trusted P2P computing environments with role-based access control

Trusted P2P computing environments with role-based access control

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

© The Institution of Engineering and Technology
Published

A P2P computing environment can be an ideal platform for resource-sharing services in an organisation if it provides trust mechanisms. Current P2P technologies offer content-sharing services for non-sensitive public domains in the absence of trust mechanisms. The lack of sophisticated trust mechanisms in the current P2P environment has become a serious constraint for broader applications of the technology although it has great potential. Therefore in this work an approach for securing transactions in the P2P environment is introduced, and ways to incorporate an effective and scalable access control mechanism – role-based access control (RBAC) – into current P2P computing environments has been investigated, proposing two different architectures: requesting peer-pull (RPP) and ultrapeer-pull (UPP) architectures. To provide a mobile, session-based authentication and RBAC, especially in the RPP architecture, lightweight peer certificates (LWPCs) are developed. Finally, to prove the feasibility of the proposed ideas, the RPP and UPP RBAC architectures are implemented and their scalability and performance are evaluated.

Inspec keywords: authorisation; peer-to-peer computing

Other keywords: role-based access control; trust mechanisms; nonsensitive public domains; resource-sharing services; lightweight peer certificates; P2P computing environments; session-based authentication; content-sharing services; ultrapeer-pull architecture; access control mechanism; P2P technology; requesting peer-pull architecture

Subjects: Distributed systems software; Data security

References

    1. 1)
      • Park, J.S., Sandhu, R.: `Binding identities and attributes using digitally signed certificates', Proc. 16th IEEE Annual Computer Security Applications Conference, Dec 2000, New Orleans, LA, p. 120–127.
    2. 2)
      • Saxena, N., Tsudik, G., Yi, J.H.: `Admission control in peer-to-peer: design and performance evaluation', Proc. 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, 2003, Fairfax, VA, p. 104–113.
    3. 3)
      • C. Shirky . Web services and context horizons. Computer , 9 , 98 - 100
    4. 4)
      • Nejdl, W., Wolpers, M., Siberski, W., Schmitz, C., Schlosser, M., Brunkhorst, I., Löser, A.: `Super-peer-based routing and clustering strategies for RDF-based peer-to-peer networks', Proc. 12th Int. Conf. on World Wide Web, May 2003, Budapest, Hungary, p. 536–543.
    5. 5)
      • R. Sandhu , E.J. Coyne , H.L. Feinstein , C.E. Youman . Role based access control models. Computer , 2 , 38 - 47
    6. 6)
      • Park, J.S., Ahn, G.-J., Sandhu, R.: `RBAC on the web using LDAP', Proc. 15th IFIP WG 11.3 Working Conference on Database and Application Security, July 2001, Ontario, Canada, p. 19–30.
    7. 7)
      • (2002) An internet attribute certificate profile for authorization.
    8. 8)
      • Li, N., Mitchell, J.C., Winsborough, W.H.: `Design of a role-based trust management framework', Proc. IEEE Symp. on Research in Security and Privacy, May 2002, Oakland, CA, p. 114–130.
    9. 9)
      • Park, J.S., Costello, K.P., Diosomito, J.A.: `A composite RBAC approach for large, complex organizations', 9thACM Symp. on Access Control Models and Technologies, June 2004, Yorktown Heights, New York, p. 163–172.
    10. 10)
      • Fenkam, P., Dustdar, S., Kirda, E., Reif, G., Gall, H.: `Towards an access control system for mobile peer-to-peer collaborative environments', Proc. 11th IEEE Int. Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, June 2002, Pittsburgh, PA, p. 95–102.
    11. 11)
      • S. Androutsellis-Theotokis , D. Spinellis . A survey of peer-to-peer content distribution technologies. ACM Comput. Sur. , 4 , 335 - 371
    12. 12)
      • J.S. Park , R. Sandhu , G.-J. Ahn . Role-based access control on the web. ACM Trans. Inf. Syst. Secur. , 1 , 37 - 71
    13. 13)
      • Good, N.S., Krekelberg, A.: `Usability and privacy: a study of Kazaa P2P file-sharing', Proc. SIGCHI Conf. on Human Factors in Computing Systems, April 2003, Lauderdale, FL, p. 137–144.
    14. 14)
      • (1997) Information technology–open systems interconnection – the directory: authentication framework.
    15. 15)
      • Kang, M.H., Park, J.S., Froscher, J.N.: `Access control mechanisms for inter-organization workflow', Proc. 6th ACM Symp. on Access Control Models and Technologies, May 2001, Chantilly, VA, p. 66–74.
    16. 16)
      • Park, J.S., Hwang, J.: `Role-based access control for collaborative enterprise in peer-to-peer computing environment', Proc. 8th ACM Symp. on Access Control Models and Technologies, June 2003, Como, Italy, p. 93–99.
    17. 17)
      • Steiner, J., Neuman, C., Schiller, J.: `Kerberos: an authentication service for open network systems', Proc. Winter USENIX Conf., 1988, Berkeley, CA, p. 191–202.
    18. 18)
      • B.C. Neuman , T. Tso . Kerberos: an authentication service for computer networks. IEEE Commun. Mag. , 9 , 33 - 38
    19. 19)
      • J.E. Bailes , G.F. Templeton . Technical opinion: Managing P2P security. Commun. ACM , 9 , 95 - 98
    20. 20)
      • Tran, H., Hitchens, M., Varadharajan, V., Watters, P.A.: `A trustbased access control framework for P2P file-sharing systems', Proc. 38th Annual Hawaii Int. Conf. on System Sciences, January 2005.
    21. 21)
      • (2004) Web services architecture.
    22. 22)
      • Winslett, M., Zhang, C.C., Bonatti, P.A.: `Access control: PeerAccess: a logic for distributed authorization', Proc. 12th ACM Conf. on Computer and Communications Security, November 2005.
    23. 23)
      • A. Singla , C. Rohrs . (2000) Ultrapeers–another step towards scalability.
    24. 24)
      • Sandhu, R., Zhang, X.: `Peer-to-peer access control architecture using trusted computing technology', Proc. 10th ACM Symp. on Access Control Models and Technologies, June 2005, Stockholm, Sweden, p. 147–158.
    25. 25)
      • G.-J. Ahn , R.S. Sandhu . Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. , 4 , 207 - 226
    26. 26)
      • D.F. Ferraiolo , R. Sandhu , S. Gavrila , D.R. Kuhn , R. Chandramouli . Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. , 3 , 224 - 274
    27. 27)
      • (2006) Project JXTA, http://www.jxta.org/.
    28. 28)
      • Schechter, S., Greenstadt, R., Smith, M.: `Trusted computing, peer-to-peer distribution, and the economics of pirated entertainment', Proc. 2nd International Workshop on Economics and Information Security, May 2003, MD, USA.
    29. 29)
    30. 30)
      • `The economic impact of role-based access control', Planning Report 02-1, March 2002.
    31. 31)
      • Li, N., Tripunitara, M.V.: `Security analysis in role-based access control', Proc. 9th ACM Symp. on Access Control Models and Technologies, June 2004, Yorktown Heights, NY, p. 126–135.
    32. 32)
      • Yu, B., Singh, M.P., Sycara, K.: `Developing trust in large-scale peer-to-peer systems', Proc. IEEE Symp. on Multi-Agent Security and Survivability, August 2004, p. 1–10.
    33. 33)
      • Kim, W., Graupner, S., Sahai, A.: `A secure platform for peer-to-peer computing in the internet', Proc. 35th Annual Hawaii Int. Conf. on System Sciences, January 2002.
    34. 34)
      • (1998) Internet X.509 public-key infrastructure certificate and CRL profile.
    35. 35)
      • Zhang, K., Kindberg, T.: `An authorization infrastructure for nomadic computing', Proc. Seventh ACM Symp. on Access Control Models and Technologies, June 2002, Monterey, CA, p. 107–113.
    36. 36)
      • (1993) ITU-T recommendation X.509. Information technology–open systems interconnection – the directory: authentication framework.
    37. 37)
      • Pyun, Y.J., Reeves, D.S.: `Constructing a balanced, (log(', Proc. 4th Int. Conf. on Peer-to-Peer Computing, Zurich, August 2004, Switzerland.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs_20060084
Loading

Related content

content/journals/10.1049/iet-ifs_20060084
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address