230 likes | 244 Views
Security Issues in P2P Systems. Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu. Mainframe → Client-Server → P2P. Mainframe era: 1970’s Dumb terminals connected to a big mainframe
E N D
Security Issues in P2P Systems Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu
Mainframe → Client-Server → P2P • Mainframe era: • 1970’s • Dumb terminals connected to a big mainframe • Mainframes possibly networked together • Client-server: • Late 1980’s • Many clients, 1 user per client • Dedicated servers • Single client can access multiple servers • Significant computing resources on client • Peer-to-Peer (P2P) • Late 1990’s • Each computer is a client and a server • Takes on whatever role is appropriate for a given task at a given time • Harnesses computing and communication power of the entire network
P2P versus Client-Server: Idealized View From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
No Clear Border From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Hybrid P2P Systems From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
P2P Perspective From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Napster From THE FUTURE OF PEER-TO-PEER COMPUTING, Loo, CACM Sept 2003
Power Server From THE FUTURE OF PEER-TO-PEER COMPUTING, Loo, CACM Sept 2003
Power Server Coordinator From THE FUTURE OF PEER-TO-PEER COMPUTING, Loo, CACM Sept 2003
Comparison of Different P2P Models From THE FUTURE OF PEER-TO-PEER COMPUTING, Loo, CACM Sept 2003
Taxonomy of Computer Systems From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Taxonomy of P2P Systems From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Classification of P2P Systems From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Taxonomy of P2P Applications From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Taxonomy of P2P Markets From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
P2P Markets versus P2P Applications From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
P2P System Architecture From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Security Issues in P2P Systems • Many old issues carry over • New issues emerge • Old issues are re-emphasized
Security • Protection against malicious downloaded P2P application code • Enabling technologies • Java sandboxing • Trusted computing Old issue re-emphasized From THE FUTURE OF PEER-TO-PEER COMPUTING, Loo, CACM Sept 2003
Security (claimed to be new issues) • Multi-key encryption • Annonymity requirement for Publius • Sandboxing • Digital Rights Management • Reputation and Accountability • Firewall Traversal and Hidden Peers From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Annonymity (is this a security issue?) From Peer-to-Peer Computing, Milojicic et al, HP Laboratories, HPL-2002-57, March 8th, 2002
Security in Data Sharing Systems • Availability • DOS attack, e.g., chosen-victim attack • Use “amplification” mechanism of P2P system • File availability • File authenticity • How do I know this is the file I am looking for? • Anonymity • Lots of work in this area • Need anonymity at all layers of the network stack • Access Control • DRM • Usage Control From Open Problems in Data-Sharing Peer-to-Peer Systems, Neil Daswani, Hector Garcia-Molina, and Beverly Yang, LNCS 2572, pp. 1–15, 2003.
Security in Data Sharing Systems(P2P Overlay Networks) • Routing • Secure nodeId assignment • Robust routing primitives • Ejecting misbehaving nodes • Storage • Quota architectures • Distributed auditing • Other forms of fairness • Trust From A Survey of Peer-to-Peer Security Issues, Dan S.Wallach, LNCS 2609, pp. 42–57, 2003..