Decentralized Peer-to-Peer (P2P) offer both opportunities and threats. Most of the P2P networks operational today are voluntary file sharing applications. However, because of its open and decentralized nature, it has been very susceptible to malicious users sharing harmful content like viruses, trojans or probably just wasting valuable resources of the network. In order to use P2P networks in a more useful setting, it is extremely important to provide security and to prevent unwanted elements from participating.
One way to minimize threats in P2P networks is to use community-based reputations as trust measurements. The use of such trust ratings in one form or another is fast becoming a de-facto standard. The idea is to dynamically assign each peer a trust rating based on its performance in the overlay network and store it at a suitable place. Any peer wishing to interact with another peer can make an informed decision based on such a rating.
An important challenge in managing such trust relationships is to design a protocol to secure the placement and access of these trust ratings. In a decentralized scenario, this has to be done by the peers themselves. This opens a host of interesting issues. One of the issues is the reluctance of peers to be a trust store for another peer in the network, since that attracts malicious behavior from its competitors (if the peer performs well) or from the peer itself (if it doesnt want the community to know of its poor performance). Another issue is the fear of retaliation, preventing peers from giving negative ratings (the issue that is troubling eBay).
We try to solve this problem through the use of mutual anonymity. If nobody knows who the trust store is (including the peer whose trust value is being stored), there is hardly a chance that the trust store will be attacked. Similary, we also provide a right to secret ballot to peers providing ratings for peers. We provide a complete protocol using Public Key Cryptography mechanisms to provide a fair and honest mechanism. There are various challenging issues that need to handled e.g. how to select good trust stores, how to access ratings from them without knowing who/where they are? TrustMe provides all the answers.
Aameek Singh, Ling Liu, "TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems", Proceedings of the third IEEE International Conference on P2P Computing, Linköping, Sweden, Sept, 2003. |Slides|
Huaizhi Li and Mukesh Singhal, "Trust Management in Distributed Systems", Cover Feature, IEEE Computer, Feb 2007. [html]
Tassos Dimitriou, Ghassan Karame, Ioannis Christou, "SuperTrust - A Secure and Efficient Framework for Handling Trust in Super Peer Networks", Athens Insitute of Technology, 2007. [pdf]
Gheorghe Cosmin Silaghi, Alvaro E. Arenas, Luis Moura Silva, "Reputation-based trust management systems and their applicability to grids", CoreGRID Technical Report Number TR-0064, 2007. [pdf]
Hiroyuki Kawano, "P2P Contents Distribution System with Routing and Trust Management", International Symposium on Operations Research and Its Applications (ISORA), 2006. [pdf]
Bo Zhu, Sanjeev Setia, Sushil Jajodia, "Anonymity: Providing witness anonymity in peer-to-peer systems", ACM conference on Computer and communications security CCS 2006. [html]
J. Risson, T. Moors, "Survey of research towards robust peer-to-peer networks: search methods", Elsevier Computer Networks Journal, 2006. [pdf]
T. Repantis, V. Kalogeraki, "Decentralized Trust Management forAd-Hoc Peer-to-Peer Networks", 4th International Workshop on Middleware for Pervasive and Ad-Hoc Computing (MPAC) 2006. [pdf]
Liang Ge, Junzhou Luo, Yaobin Xu, "Developing and Managing Trust in Peer-to-Peer Systems", DEXA 2006. [html]
S. Androutsellis-Theotokis, D. Spinellis, V. Vlachs, "The MoR-Trust distributed trust management system: Design and simulation results", 2nd International Workshop on Security and Trust Management (STM) 2006. [pdf]
Dimitri Konstantas (ed), "From Objects to Mobile Systems and Services", 2006 technical report of the Advanced Systems Group, Universite de Geneve, 2006. [html]
Runfang Zhou, Kai Hwang, "PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing ," IEEE Transactions on Parallel and Distributed Systems, 2006. [pdf]
P. A. Bonatti, "Semantic Web Policies: where are we and what is still missing", Tutorial, ESWC 2006. [pdf]
G. Arora, M. Hanneghan, M. Merabti, "P2P Overlay Network to Support E-commerce", Seventh Annual Postgraduate Symposium, Liverpool John Moores University, 2006. [pdf]
Marcus Dobrinkat, "Applying Recent Enhancements in Reputation Based Mechanisms for Promoting Trust in Mobile Communities", Seminar on Internetworking, Helsinki University of Technology, 2006. [pdf]
Xin Fei, Rong Xu, "Online Games and P2P Networks", Multimedia Communications, University of Ottawa, 2006. [pdf]
Reading List, CoreGrid Network of Excellence, 2006. [html]
M. Dobrinkat, "Applying Recent Enhancements in Reputation Based Mechanisms for Promoting Trust in Mobile Communities", Seminar on Internetworking, Helsinky University of Tecnology, 2006. [pdf]
Martijn Frints, "Possibilities of Peer-to-Peer Technology in Network Management", Masters Thesis, University of Twente, 2006. [pdf]
P. A. Bonatti, P. Festa, "On Optimal Service Selection", WWW 2005 [pdf]
Shanshan Song, Kai Hwang, Runfang Zhou, and Yu-Kwong Kwok, "Trusted P2P Transactions with Fuzzy Reputation Aggregation," IEEE Internet Computing Magazine, 2005. [pdf]
Adam Wierzbicki, Tomasz Kucharski. "Fair and Scalable Peer-to-Peer Games of Turns," 11th International Conference on Parallel and Distributed Systems (ICPADS), 2005. [html]
S. Chen, X. Du, F. Ma, J. Shen, "A Grid Resource Management Approach Based on P2P Technology", HPCASIA 2005. [html]
C. Duma, N. Shahmehri, G. Caronni, "Dynamic Trust Metrics for Peer-to-Peer Systems", DEXA 2005. [html]
Natalia Stakhanova, Samik Basu, Johny Wang, Oleg Stakhanov, "Trust Framework for P2P Networks using Peer-Profile based Anamoly Technique", ICDCS 2005. [pdf]
Huu Tran, Paul Watters, Michael Hitchens, Vijay Varadharajan, "Trust and Authorization in the Grid: A Recommendation Model", International Conference on Pervasive Services (ICPS) 2005. [html]
Sergio Marti and Hector Garcia-Molina, "Taxonomy of Trust: Categorizing P2P Reputation Systems", COMNET Special Issue on Trust and Reputation in Peer-to-Peer Systems, 2005. [pdf]
Shanyu Zhao and Virginia Lo, "Result Verification and Trust-based Scheduling in Open Peer-to-Peer Cycle Sharing Systems", IEEE Fifth International Conference on Peer-to-Peer Systems (IEEE P2P) 2005. [pdf]
Jason D. Sonnek and Jon B. Weissman, "A Quantitative Comparison of Reputation Systems in the Grid", 6th IEEE/ACM International Workshop on Grid Computing 2005. [pdf]
Tharam S. Dillon, "Trust and Reputation Relationships in Service-Oriented Environments", Keynote, ICITA 2005. [pdf]
Huu Tran, Michael Hitchens, Vijay Varadharajan, Paul Watters, "A Trust based Access Control Framework for P2P File-Sharing Systems", HICSS 2005. [pdf]
Hany A. Samuel, Yasser H. Dakroury, Hussein I. Shahein, "Recard: Using Recommendation Cards Approach for Building Trust in Peer-to-Peer Networks", ISPEC 2005. [pdf]
M. Klonowski, M. Kutylowski, B. Rozanski, "Hiding Data Sources in P2P Networks", Proceedings of the 4th International Workshop for Applied PKI (IWAP'05). [pdf]
Masashi Yamada, Takashige Hoshiai, Shoji Kimura, "Brokerless trust and reputation implementation for intelligent community spaces", European Transactions on Telecommunications, Vol 15, Issue 6, 2004. [pdf]
F. K. Hussain, E. Chang, T. S. Dillon, "Trustworthiness and CCCI metrics in P2P communication", International Journal of Computer System Science and Engineering, Volume-19(2), 2004. [html]
Mauro Stocco, Thomas Engel, Uwe Roth, "Trust Arrays: Allowing P2P nodes to personally evaluate trustworthiness of potential partners", AISTA 2004. [pdf]
Tharam S. Dillon, "A Framework for a Trusted Environment for Virtual Collaboration", Keynote Speech, WAIM 2004. [ppt]
Virginia Lo, Daniel Zappala, Dayi Zhou, Yuhong Liu, Shanyu Zhao, "Cluster Computing on the Fly: P2P Scheduling of Idle Cycles in the Internet", IPTPS 2004. [pdf]
K. Berket, A. Essiari and A. Muratas, "PKI-Based Security for Peer-to-Peer Information Sharing", P2P 2004 [pdf]
S. Das, A. Thakur, T. Bose and N. Chaki, "A New Adaptive, Semantically Clustered Peer-to-Peer Network Architecture", ICEIC 2004 [pdf]
A. Wierzbicki, T. Kucharski, "P2P Scrabble: Can P2P Games Commence?", P2P 2004 [pdf]
Elliot Jaffe, Dahlia Malkhi, Elan Pavlov, "Limiting Duplicate Identities in Distributed Systems", 2nd Workshop on Future Directions in Distributed Computing, 2004 [pdf]
T. Dariotaki and A. Delis, "Detecting Reputation Variations on a P2P Network", 6th Workshop on Distributed Data and Structures (WDAS'04), 2004. [pdf]
Yi Lu, W. Wang, D. Xu, B. Bhargava, "Trust-Based Privacy Preservation for Peer-to-peer Data Sharing", SKM 2004. [pdf
Reading List, CoreGRID - European Research Network on Foundations, 2006. [html]
J. Vroonhoven, "Peer to Peer Security", 4th Twente Student Conference on IT, Enschede 30 January, 2006. [pdf]
Minaxi Gupta, "Quality-consciousness in Large-scale Content Distribution in the Internet", PhD Thesis, Georgia Tech. [pdf]
P. Neophytou, J. Beaver, A. Berfield, A. Labrinidis, P. K. Chrysanthis. "WhiteBoard P2P: A Peer-to-Peer Approach to Reliable and Secure Information Dissemination Infrastructure for Collaborative Applications". University of Pittsburgh, CS Department Technical Report. [pdf]
Marcus Ojes, "Trust and Reputation Simulations in Peer-to-Peer Network", Masters Thesis, Mid Sweden University. [pdf]
Elliot Jaffe, "Multiple Identity Attacks on Distributed Systems", Masters Thesis, Hebrew University. [pdf]
Raimo Kantola, "Peer to Peer and SPAM in the Internet", Helsinki University of Technology. [pdf]
D. Bright, J. Lemmergaard, C. Gersbo-Moeller, T. Hannson, "Information-sharing within an industry-based virtual community: trust, repulation, and performance, measurement", University of Southern Denmark. [pdf]
R. Nelson, G. Pitigoi-Aron, "p2p Trust Infrastructure", UCLA, 2004. pdf
Reading List, IS 3957 Doctoral Seminar, University of Pittsburgh. [html]
Reading List, CS 610 Security and Privacy Issues in Wireless Networks and P2P Systems, Iowa State University. [html]
Reading List, CIS 607 Seminar, University of Oregon [html]
Prof. Ross's P2P Reading List [html]
Cares Lab Seminar, Seoul National University [ppt]
Research Methodology Topics, University of Trento [pdf]
Georg Wittenburg, "Recent Trends in Peer-to-Peer Research" [pdf]
"... This paper addresses a key concern in the future of peer-to-peer networks; the potential contribution is thus to be regarded as
significant..."
Jerry Alan Fails, Jack Kustanwitz, "AGNIZE: A NICE Aggregator of Trust", [pdf]
Shanyu Zhao P2P Reading List [html]
Dayi Zhou, Comprehensive Exam Reading List [html]
Current Trends in P2P Research [pdf]
Seminar: Advanced Peer-to-Peer Technologies [html]
Trust and Reputation in P2P Networks [html]
Implementation of a peer-to-peer news distribution network [html]
... After studying a variety of trust management protocols, we see that amongst the protocols studied so far, the TrustMe protocol is best
suitable to be adopted as the trust management protocol for the P2P news distribution network that we proposed.
Vishwas Bhat, "Survey Paper: Reputation Management in Peer-to-Peer Systems", University of Texas, Austin. [pdf]
GTKgREP - Design and Implementation of a Gnutella-based Reputation Management System, Prashant Murthy Master's Thesis [pdf]
Aameek Singh <aameek[AT]aameeksingh.com>
This work is partially supported by the National Science Foundation under a CNS Grant, an ITR grant, a Research Infrastructure grant, and a DoE SciDAC grant, an IBM SUR grant, an IBM faculty award, and an HP equipment grant. Any opinions, findings, and conclusions or recommend ations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation or DoE.
© 2007 Aameek Singh