Protecting Resources in an Open and Trusted Peer-to-Peer Network

This paper presents a new way of deploying security properties and trust in an open peer-to-peer network. The originality is that the security properties are freely defined by the user and are attached to the exchanged resources that are associated with domains. The paper proposes an implementation of a monitoring agent that looks after an open source peer-to-peer client and detects any attempt of bypassing the defined security policy. The monitoring agent evaluates the consistency of policies when a transaction occurs and measures the trust of peers before authorizing the transaction. Even if an experienced hacker can defeat locally the enforcement of the security policy, we show that this malicious user will be progressively excluded from the network by the computation of its trust. The trust measure of a peer is based on the consistency of the declared policy, its history of transactions and the evaluation of download challenges sent to a set of neighbors of the evaluated peer. A prototype of monitoring agent and a peer-to-peer client have been implemented and we show how a policy can be enforced locally to protect the resources at filesystem level. A second experiment has been performed in order to evaluate the trust computation using a peer-to-peer simulator for a network of 100 nodes.