Contact at mumbai.academics@gmail.com or 8097636691/9323040215
Responsive Ads Here

Thursday, 22 February 2018

P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains(2010)

P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains(2010)

Abstract:
     Peer-to-peer (P2P) networks are vulnerable to peers who cheat, propagate malicious code, leech on the network, or simply do not cooperate. The traditional security techniques developed for the centralized distributed systems like client-server networks are insufficient for P2P networks by the virtue of their centralized nature. The absence of a central authority in a P2P network poses unique challenges for reputation management in the network. These challenges include identity management of the peers, secure reputation data management, Sybil attacks, and above all, availability of reputation data. In this paper, we present a cryptographic protocol for ensuring secure and timely availability of the reputation data of a peer to other peers at extremely low costs. The past behavior of the peer is encapsulated in its digital reputation, and is subsequently used to predict its future actions. As a result, a peer’s reputation motivates it to cooperate and desist from malicious activities. The cryptographic protocol is coupled with self-certification and cryptographic mechanisms for identity management and countering Sybil attack. We illustrate the security and the efficiency of the system analytically and by means of simulations in a completely decentralized Gnutella-like P2P network.
Existing System:
       The peers in the P2P network have to be discouraged from leeching on the network. It has been shown in Tragedy of Commons that a system where peers work only for selfish interests while breaking the rules decays to death. Policing these networks is extremely difficult due to the decentralized and ad hoc nature of these networks. Besides, P2P networks, like the Internet, are physically spread across geographic boundaries and hence are subject to variable laws.
       The traditional mechanisms for generating trust and protecting client-server networks cannot be used for pure1 P2P networks. This is because the trusted central authority used in the traditional client-server networks is absent in P2P networks. Introduction of a central trusted authority like a Certificate Authority (CA) can reduce the difficulty of securing P2P networks. The major disadvantage of the centralized approach is, if the central authority turns malicious, the network will become vulnerable. In the absence of any central authority, repository, or global information, there is no silver bullet for securing P2P networks.
Proposed System:
      In this paper, we investigate Reputation Systems for P2P networks—a more ambitious approach to protect the P2P network without using any central component, and thereby harnessing the full benefits of the P2P network. The reputations of the peers are used to determine whether a peer is a malicious peer or a good peer. Once detected, the malicious peers are ostracized from the network as the good peers do not perform any transactions with the malicious peers. Expulsion of malicious peers from the network significantly reduces the volume of malicious activities. All peers in the P2P network are identified by identity certificates (aka identity). The reputation of a given peer is attached to its identity. The identity certificates are generated using self-certification, and all peers maintain their own (and hence trusted) certificate authority which issues the identity certificate(s) to the peer. Each peer owns the reputation information pertaining to all its past transactions2 with other peers in the network, and stores it locally. A two-party cryptographic protocol not only protects the reputation information from its owner, but also facilitates secure exchange of reputation information between the two peers participating in a transaction.
Advantages:
    1. A self-certification-based identity system protected by cryptographically blind identity mechanisms.
     2. A light weight and simple reputation model.
     3. An attack resistant cryptographic protocol for generation of authentic global reputation information of a peer.                                
Module Description
  Login Module
  Active Node in Dynamic root
  Group Controller
  Trusted Group Members
  Data Transfer
  Find Group Key
Login Module
  1. Authentication checking
In this module checks whether the user is authenticated or not if the user is authenticated then they have the permission to process further transactions otherwise they cannot access any transaction in this system.
  1. Registration process.
If the new user to this system first they must registered in the register module after they have continue to process in the system. During the registration the user must enter the valid information for create new user name and password if only valid user. Once user registered after they have authorized user of this system.
Active Node in Dynamic route
In our communication group have number of client nodes are interconnected in the server. Each group has the separate group key for communication in the group. When a new member joins or leaves the communication group, only it’s reflecting for local subgroup. The each group has separate group key for communication in between who are in the communication group in that time.
Group Controller
a.       Backward Secrecy
Backward Secrecy is used to prevent a new member from decoding messages exchanged before it joined the group. This property guarantees that a passive adversary who knows a subset of group keys cannot discover the previous group keys.
b.      Forward Secrecy
Forward Secrecy is used to prevent a leaving user or expelled group member to continue accessing the group communication. This property guarantees that a passive adversary who
Trust  Group Members
Our protocol directly addresses the problem of reducing the overload of the group controller. We divide the multicast communication group into regional subgroups. Each subgroup is independently managed by a subgroup controller (SGC) like a separate multicast group with its own subgroup key. Thus, when a member joins or leaves the communication group, it joins or leaves only its local subgroup. As a result, only the local subgroup communication key needs to be refreshed and the scalability problem is greatly mitigated.
Data Transfer
  In cryptography encryption is the process of transforming information referred to as plaintext using an algorithm called cipher to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information in cryptography, referred to as ciphertext. In many contexts, the word encryption also implicitly refers to the reverse process, called decryption. In our multicast communication group mainly concentrates on enabeling the data transfer among the servar and multiple clients in the network communications. The server sends encrypted data and clients receive the decrypted data.
a.       Encryption
Encryption is the conversion of data into a form, called a cipher text that cannot be easily understood by unauthorized people. The translation of data into a secret code. Encryption is the most effective way to achieve data security. In our communication protocol each sub group maintain the separate group key for the communication among the network. Server send data transfer to multiple clients in encrypted data because in between the data transfer unauthorized people cannot see easily what the server sending data to clients.
b.      Decryption
Decryption is the process of converting encrypted data back into its original form. The process of decoding data that has been encrypted into a secret format. Decryption requires a secret key or password. Server send data transfer to multiple clients in encrypted data because in between the data transfer unauthorized people cannot see easily what the server sending data to clients. After receiving encrypted data back into original form in client side. Converting encryption and decryption only for security purpose. 
Block Untrusted Users
 Trusted users are formed a group. If a new member request to join in group, the IP Address will be validated. IP address will be validate with the help of subnet masking, such as the Class A, Class B, Class C Part of the IP address. If the IP is not matched with the trusted group then it will not be allowed to enter into the trusted group.
 Find Group Key
We divide the multicast communication group into regional subgroups. Each subgroup is independently managed by a subgroup controller like a separate multicast group with its own subgroup key. when a new member joins in the communication group then we create a new group key for only for  its local group as wells as existing member leaves from the communication group after that they don’t want to access the local subgroup so only the local subgroup communication key needs to be refreshed.
System Requirements:
Hardware requirements:
Processor                     : Any Processor above 500 MHz.
Ram                              :  128Mb.
Hard Disk                    :  10 Gb.
Compact Disk             :  650 Mb.
Input device                :  Standard Keyboard and Mouse.
Output device             :  VGA and High Resolution Monitor.
Software requirements:
Operating System       : Windows Family.
Language                    : JDK 1.5
Front End                   : Java Swing

No comments:

Post a Comment