Advertisement

Security Issues in Cross-Organizational Peer-to-Peer Applications and Some Solutions

  • Ankur Gupta
  • Lalit K. Awasthi
Part of the Communications in Computer and Information Science book series (CCIS, volume 40)

Abstract

Peer-to-Peer networks have been widely used for sharing millions of terabytes of content, for large-scale distributed computing and for a variety of other novel applications, due to their scalability and fault-tolerance. However, the scope of P2P networks has somehow been limited to individual computers connected to the internet. P2P networks are also notorious for blatant copyright violations and facilitating several kinds of security attacks. Businesses and large organizations have thus stayed away from deploying P2P applications citing security loopholes in P2P systems as the biggest reason for non-adoption. In theory P2P applications can help fulfill many organizational requirements such as collaboration and joint projects with other organizations, access to specialized computing infrastructure and finally accessing the specialized information/content and expert human knowledge available at other organizations. These potentially beneficial interactions necessitate that the research community attempt to alleviate the security shortcomings in P2P systems and ensure their acceptance and wide deployment. This research paper therefore examines the security issues prevalent in enabling cross-organizational P2P interactions and provides some technical insights into how some of these issues can be resolved.

Keywords

Peer-to-Peer Networks/Computing Peer Enterprises Security Issues in Cross-Organizational P2P Interactions 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Oram, A. (ed.): P2P: Harnessing the Power of Disruptive Technologies. O’Reilly, Sebastopol (2001)Google Scholar
  2. 2.
  3. 3.
    Verso Technologies Report: The High Cost of P2P on the Enterprise (July 2003), http://jobfunctions.bnet.com/abstract.aspx?docid=312772
  4. 4.
    Gupta, A., Awasthi, L.K.: Peer Enterprises: Possibilities, Challenges and Some Ideas Towards Their Realization. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM-WS 2007, Part II. LNCS, vol. 4806, pp. 1011–1020. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Gupta, A., Awasthi, L.K.: Peer Enterprises: Enabling Advanced Computing and Collaboration Across Organizations. In: IEEE International Conference on Advanced Computing, pp. 3543–3548. IEEE Press, Los Alamitos (2009)Google Scholar
  6. 6.
    Engle, M., Khan, J.I.: Vulnerabilities of P2P Systems and a Critical Look at their Solutions. Technical Report, Internet and Media Communications Research Laboratories, Kent State University (2006)Google Scholar
  7. 7.
    Kamwar, S.D., Schlosser, M.T., Garcia-Molina, H.: The EigenTrust Algorithm for Reputation Management in P2P Networks. In: 12th International Conference on World Wide Web, pp. 640–651 (2003)Google Scholar
  8. 8.
    Singh, A., Liu, L.: TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems. In: Proceedings of the Third International Conference on Peer-to-Peer Computing, pp. 142–149 (2003)Google Scholar
  9. 9.
    Marti, S., Garcia-Molina, H.: Taxonomy of Trust: Categorizing P2P Reputation Systems. J. Comp. Net. 50(4), 472–484 (2006)CrossRefGoogle Scholar
  10. 10.
    Lesueur, F., Me, L., Tong, V.V.T.: A Sybilproof Distributed Identity Management for P2P Networks. In: IEEE Symposium on Computers and Communications, pp. 246–253 (2008)Google Scholar
  11. 11.
    Gupta, R., Manion, T.R., Rao, R.T., Singhal, S.K.: Peer-to-Peer Authentication and Authorization. United States Patent: 7350074 (2008)Google Scholar
  12. 12.
    Kim, Y., Mazzocchi, D., Tsudik, G.: Admission Control in Peer Groups. In: Second IEEE International Symposium on Network Computing and Applications, p. 131 (2003)Google Scholar
  13. 13.
    Tran, H., Hitchens, M., Varadharajan, V., Watters, P.: A Trust based Access Control Framework for P2P File-Sharing Systems. In: Proceedings of International Conference on System Sciences, p. 302 (2005)Google Scholar
  14. 14.
    Park, J.S., An, G., Chandra, D.: Trusted P2P Computing Environments With Role-Based Access Control. Information Security, IET 1(1), 27–35 (2007)CrossRefGoogle Scholar
  15. 15.
    Gaspary, L.P., Barcellos, M.P., Detsch, A., Antunes, R.S.: Flexible Security in Peer-to-Peer Applications: Enabling New Opportunities Beyond File Sharing. J. Comp. Net. 51(17), 4797–4815 (2007)CrossRefGoogle Scholar
  16. 16.
    Lua, E.K.: Hierarchical Peer-to-Peer Networks Using Lightweight SuperPeer Topologies. In: Proceedings of the 10th IEEE Symposium on Computers and Communications, pp. 143–148 (2005)Google Scholar
  17. 17.
    Peng, Z., Duan, Z., Qi, J., Cao, Y., Lv, E.: HP2P: A Hybrid Hierarchical P2P Network. In: First International Conference on the Digital Society, pp. 8–18 (2007)Google Scholar
  18. 18.
    Gupta, A., Awasthi, L.K.: Secure Thyself: Securing Individual Peers in Collaborative Peer-to-Peer Environments. In: International Conference on Grid Computing and Applications, pp. 140–146 (2008)Google Scholar
  19. 19.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Ankur Gupta
    • 1
  • Lalit K. Awasthi
    • 2
  1. 1.Model Institute of Engineering and TechnologyJammuIndia
  2. 2.National Institute of TechnologyHamirpurIndia

Personalised recommendations