Abstract
In a Peer-to-Peer (P2P) system, a large number of nodes are pooled together to share their resources, information and services. Here all nodes are considered to be peers and so they should be at the same level with no hierarchy, like clients or servers. An ideal P2P system is supposed to be dynamic, where a node can join or leave the network any time. Exploiting this idea, many systems have already been developed for different application areas. A major concern of a P2P system is the searching of proper resources among different autonomous peers. Two well known P2P systems, Napster and Gnutella, have shown two different approaches. Napster [1] provides a central indexing facility where any search process has to go through the machine that provides the central index. On the other hand, Gnutella [2] is an absolutely open P2P environment where searching is done by flooding and it uses IP for its underlying network service. Kaaza [3] provides a service that may be viewed as a hybrid of Gnutella and Napster. It has nodes distributed in two layers. Some nodes, called super nodes or Super-Peers, act as indexing servers for other nodes. Searching across Super-Peers may be done in Gnutella style. Nodes, other than super-peers, are known as ordinary peers One ordinary peer is connected to only one Super-Peer. So, each super-peer is connected to many ordinary peers where the super-peer provides the indexing service to its ordinary peers. An ordinary peer, on the other hand, reports to its Super-Peer the resources that it likes to share in the P2P environment. While the communication between a Super-Peer and its ordinary peers may be done in the Napster style, communication among Super-Peers is supposed to adopt the Guntella protocol. In order to make efficient search in a P2P environment, many good search protocols have already been proposed. Development of an efficient P2P architecture is also an interesting area of study. A recent review paper [9] has made a summary of all these research efforts. Security is another important area of investigation in a P2P environment. [9] and [5] have listed the essential security requirements in a P2P environment. These requirements may be divided into two groups. While the first group includes secure storage, access control, identity management and authentication, the second group deals with secure routing, provisions of anonymity and resilience against denial of service. Individual nodes handle the security requirements in the first group. However, the second set of requirements can be met only by considering the entire network with all the nodes and their interconnections. So the required security measures must be embedded in the network architecture and in the different protocols of peer-to-peer communication. SPEAR is a research effort that ventures to design a secured peer-to-peer architecture. It aspires to provide two-way anonymity, resilience against denial of service and network stability against withdrawal of nodes. Subsequent sections discuss the salient features of the project.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Daswani, N., Garcia-Molina, H., Yang, B.: Decentralized Trust Management. In: Proceedings of the 17th Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)
Daswani, N., Garcia-Molina, H., Yang, B.: Open problems in data-sharing peer-to-peer systems. In: Proceedings of International Conference on Database Theory (2003)
Kim, Y., Mazzocchi, D., Tsudik, G.: Admission control in peer groups. In: Proceedings of IEEE International Symposium on Network Computing and Applications (NCA) (April 2003)
Saxena, N., Tsudik, G., Yi, J.H.: Admission control in Peer-to-Peer: design and Performance Evaluation. In: Proceedings of ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN 2003) (October 2003)
Stinson, D.: Cryptography: Theory & Practicer, 4th Printing. CRC Press, Boca Raton (1999)
Theotokis, S.A., Spinellis, D.: A survey of Peer-to-Peer Content Distribution Technologies. ACM Computing Surveys 38(4), 335–371 (2004)
Winsborough, W., Li, N.: Towards practical trust negoitiation. In: Proceedings of IEEE 3rd. International Workshop on policies for distributed systems and networks (June 2002)
Yang, B., Garcia-Molina, H.: Comparing hybrid peer-to-peer systems. In: Proceedings of 27th Very Large Databases Conference, Roma, Italy (2001)
Yang, B., Garcia-Molina, H.: Designing a super-peer network. In: Proceedings International Conference on Data Engineering, pp. 49–60 (2003)
Yu, T., Winslett, M., Seamons, K.E.: Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM transactions on Information and System Security 6 (February 2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Misra, J., Pal, P., Bagchi, A. (2005). SPEAR: Design of a Secured Peer-to-Peer Architecture. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_25
Download citation
DOI: https://doi.org/10.1007/11593980_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30706-8
Online ISBN: 978-3-540-32422-5
eBook Packages: Computer ScienceComputer Science (R0)