Abstract
Peer-to-peer (P2P) resource dissemination has raised some security concerns for privacy protection and intellectual property rights protection along resource dissemination over the network. To solve these challenges, we propose the Role-Based P2P model, in which the role notion is functioned as the bridge component between users and resources to enforce secure resource dissemination together with relative constraints. The property rights attached to resource and user’s private identity information are both protected as promise by taking each local role as a permission set in local centralized network and each global role as a user’s pseudonym in global decentralized network. Furthermore, we propose the access control algorithm to describe how to handle access requests by the role policy in the role-based hybrid P2P model. In addition, we illustrate the intra and inter access schemas as two kinds of access processes. The model is feasible as its role structure and the connection with user and resource in open environment are consistent with the application objectives. The model is extensible, as the role structure can be also available for Purpose-Based Privacy Protection technologies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lysyanskaya, A., Rivest, R.L., et al.: Pseudonym Systems, theory.lcs.mit.edu/rivest/LysyanskayaRivestSahaiWolf-PseudonymSystems.pdf
Anonymity, Unlinkability, Unovervability, Pseudonymity and Identity Management–A Consolidated Proposal for Terminology, http://dud.inf.tu-dresden.de
Clarke, I., et al.: Protecting Free Expression Online with Freenet. IEEE Internet Computing 6(1), 40–49 (2002)
Daswani, N., Garcia-Molina, H., Yang, B.: Open Problems in Data-Sharing Peerto-Peer Systems. In: Proceedings of the 9th International Conference on Database Theory, Siena, Italy (2003)
Cvrček, D., Matyáš Jr., V.: Pseudonymity in the light of evidence-based trust. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2004. LNCS, vol. 3957, pp. 109–116. Springer, Heidelberg (2002)
Ferraiolo, D., Kuhn, R.: Role-Based Access Controls. In: Proceedings of the 15th National Computer Security Conference, vol. II, pp. 554–563 (1992)
Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based AccessControl. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Milojicic, D.S., Kalogeraki, V., Lukose, R., et al.: Peer-to-peer Computing. HP Laboratories, HPL-2002-57, March 8 (2002)
Druschel P., Rowstorn, A.: PAST: A Large-Scale, Persistent Peer-to-Peer Storage Utility, HotOS VIII, Schloss Elmau, Germany (May 2001)
Graham, R.L.: Traditional and Non-Traditional Applications. Peer-to-Peer Networks. Lecture (2001), http://www.ida.liu.se/TDTS43/tdts43-10-peer-topeer.pdf
Park, J., Sandhu, R., Schifalacqua, J.: Security Architectures for Controlled Digital Information Dissemination. IEEE, Los Alamitos (2000)
Byun, J.-w., Bertino, E., Li, N.: Purpose-Based Access Control of Complex Data For Privacy Protection. In: SACMAT 2005, Sweden (June 2005)
Byun, J.-w., Bertino, E., Li, N.: Purpose-Based Access Control For Privacy Protection In Rrelational Database Systems, Technical Report 2004-52, Purdue University (2004)
Peer-to-Peer Working Group (2001), http://www.p2pwg.org
Thomas, R.K., Sandhu, R.: Towards Multi-dimensional Characterization of Dissemination Control. In: Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2004 (2004)
Lannella, R., Higgs, P.: Driving Content Management with Digital Rights Management. IPR systems whitepaper series (2003)
Stephanos, Theotokis, D., Spinellis, D.: A Survey of Peer-to- Peer Content Distributioon technologies. ACM Computing Survey 36(4), 335–371 (2004)
Sandhu, R., et al.: Role-based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Gavrila, S.I., Barkley, J.F.: Formal Sepcification for Role Based Access Control User/Role and Role/Role Relationship Management. In: 3rd ACM Workshop on Role-Based Access Fairfax VA, pp. 81–91 (1998)
The Common Criteria Project Sponsoring Organisations. Common Criteria for Information Technology Security Evaluation, part 2, draft version 3 and version 2.1-2.3 (August 2005)
Todd Sundsted: A New-Fangled Name, but An Old and Useful Approach to Computing Level: Introductory (2001), http://www-128.ibm.com/developerworks/library/j-p2p/index.html
Zhang, Y., Li, X., et al.: Access Control in Peer-to-Peer Collaborative Systems. In: Distributed Computing Systems Workshops, 25th IEEE International Conference, June 2005, pp. 835–840 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Z., Zhan, G., Ye, X. (2006). Role-Based Peer-to-Peer Model: Capture Global Pseudonymity for Privacy Protection. In: Yu, J.X., Kitsuregawa, M., Leong, H.V. (eds) Advances in Web-Age Information Management. WAIM 2006. Lecture Notes in Computer Science, vol 4016. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11775300_17
Download citation
DOI: https://doi.org/10.1007/11775300_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35225-9
Online ISBN: 978-3-540-35226-6
eBook Packages: Computer ScienceComputer Science (R0)