Name
Abstract | ||
|---|---|---|
This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-to-peer network remains an open problem as the literature have mainly proposed contribution on availability of resources and anonymity of users. That paper proposes a novel architecture that eases the administration of a P2P network. It considers a network of safe P2P clients in the sense that it is a commune client software that is shared by all the participants to cope with the sharing of various resources associated with different security requirements. However, our proposal deals with possible malicious peers that attempt to compromise the requested security properties. Despite the safety of an open P2P network cannot be formally guaranteed, since a end user has privileges on the target host, our solution provides several advanced security enforcement. First, it enables to formally define the requested security properties the various shared resources. Second, it evaluates the trust and the reputation of the requesting peer by sending challenges that test the fairness of its P2P security policy. Moreover, it proposes an advanced Mandatory Access Control that enforces the required P2P security properties through an automatic projection of the requested properties onto SELinux policies. Thus, the SELinux system of the requesting peer is automatically configured with respect to the required P2P security properties. That solution prevents from a malicious peer that could use ordinary applications such as a video reader to access confidential files such as a video requesting fee paying. Since the malicious peer could try to abuse the system, SELinux challenges and traces are also used to evaluate the fairness of the requester. That paper ends with different research perspectives such as a dedicated MAC system for the P2P client and honeypots for testing the security of the proposed P2P infrastructure. |
Year | Venue | Keywords |
|---|---|---|
2010 | International Journal of Network Security & Its Applications | secure computation,security policy |
Field | DocType | Volume |
Security testing,Security through obscurity,Network security policy,Security engineering,Computer science,Computer security,Computer network,Security service,Cloud computing security,Network Access Control,Computer security model | Journal | abs/1004.0 |
Issue | ISSN | Citations |
3 | International Journal of Network Security & Its Applications 1.3
(2009) 73-89 | 1 |
PageRank | References | Authors |
0.38 | 4 | 3 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jean-François Lalande | 1 | 24 | 6.44 |
| David Rodriguez | 2 | 22 | 2.72 |
| Christian Toinard | 3 | 40 | 10.33 |