- Email: [email protected]
Management in peer-to-peer systems: Trust, reputation and security
Computer Networks 50 (2006) 469–471 www.elsevier.com/locate/comnet
Guest Editorial
Management in peer-to-peer systems: Trust, reputation and security
Peer-to-Peer (P2P) computing systems have emerged as an important paradigm for distributed computing due to their potential for the involvement of millions of peers in the process of sharing and collaboration. P2P systems facilitate direct resource sharing among dynamic peers and are characterized as being decentralized, self-organizing distributed systems that exploit and efficiently make use of the untapped resources of the heterogeneous hosts in the P2P networks. A pure P2P file transfer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both ‘‘clients’’ and ‘‘servers’’ to the other nodes on the network. This model of network arrangement differs from the client–server model where communication is usually to and from a central server. The P2P architecture embodies one of the key technical concepts of the Internet, described in the first Internet Request For Comments. More recently the concept has achieved wide prominence among the general public in the context of the absence of central indexing servers in architectures used for exchanging multimedia files. The introduction of early P2P systems such as Napster, Gnutella, and KaZaA had a tremendous impact on the evolution of P2P computing. The popularity of these systems has lead to new and exciting research avenues in the application of distributed P2P computing. It has also presented new design challenges such as scalability, robustness,
coordination, adaptability, location, distributed storage, reputation, and security. One feature that has significantly contributed to the success of P2P systems, anonymity, also leaves such systems vulnerable to misuse. A typical concern is that the transfer of large quantities of video and audio files can introduce sporadic congestion into networks. However a more serious concern is their potential to introduce a whole new class of security threats as they can be used to distribute malicious software such as viruses and Trojan horses. Such threats can be considered to originate from malicious peers. Another form of misuse in P2P networks arises from selfish peers, sometimes called ‘‘free riders’’ who wish to avail themselves of the network services while contributing little or nothing in return. The P2P networks that have been widely deployed to date can be observed to have several unique features. They are essentially goodwill networks of mostly unknown peers and the peer population is highly transient. The result is that these networks are open to abuse and misuse by their peers, and so the issues of trust and reputation and security are becoming critical to their continued success. The work presented in this special issue encompasses the state-of-the-art as to how these features can be implemented and managed in P2P networks. The first paper by Marti and Molina presents a taxonomy of trust and reputation systems for P2P
1389-1286/$ - see front matter Ó 2005 Elsevier B.V. All rights reserved. doi:10.1016/j.comnet.2005.07.004
470
Guest Editorial / Computer Networks 50 (2006) 469–471
Networks and presents an excellent overview of the state-of-the-art in this area. The paper categorizes system components and their properties, and discusses how user behavior and technical constraints can conflict. The paper describes three basic components of a reputation system: gathering behavioral information, scoring and ranking peers, and rewarding or punishing peers; and presents mechanisms for achieving these. The second paper by Despotovic and Aberer provides a useful insight into trust-based management for P2P systems. The current work in the field can be roughly divided into two groups: social networks that rely on aggregating the entire available feedback in the network in hopes of achieving as much robustness against possible misbehaviors as possible and probabilistic models that rely on the well known probabilistic estimation techniques but use only a limited fraction of the available feedback. The paper provides an overview of each technique along with a comprehensive comparison of the two classes of approaches. The third paper by Gupta, Ammar and Ahamad discusses the trade-offs between reliability and the overhead incurred in tracking reputation in P2P networks. Consideration of the overhead is an important factor in judging the merits of a practical reputation-tracking scheme in order to maintain the scalability of the underlying P2P network. Methods of reputation tracking are proposed for strong and weak reputations, which differ in the level of overhead required and the reliability of the tracking. The fourth paper by Sherwood, Lee and Bhattacharjee presents a distributed scheme for trust inference in peer-to-peer networks. The work is based on the NICE system, which is used to provide a platform for implementing cooperative applications over the Internet. The paper describes a technique for efficiently storing user reputation information in a decentralized manner, and shows how this information can be used to identify noncooperating users. The robustness of the scheme is demonstrated, and it is shown that cooperative groups of peers can be formed in systems where the vast majority of users are malicious. The fifth paper by Mekouar, Iraqi and Boutaba proposes a reputation management scheme for
partially decentralized peer-to-peer systems. The scheme aims to build trust among peers based on their past experiences and feedback from other peers. In the paper, two selection advisor algorithms are used to help select the most trustworthy peer from which to download. The algorithms are able to detect malicious peers sending inauthentic files. The Malicious Detector algorithm is also proposed to detect liar peers that send misleading feedback to subvert the reputation system. A new concept of suspicious transactions is also introduced and explained. The sixth paper by Papaioannou and Stamoulis provides an in-depth study of how reputation policies can be used to provide incentives in P2P environments. The work shows how the calculation of reputation values should be complimented with the proper policies that determine the peer pairs that are eligible to interact with each other. Two reputation-based policies: provided selection and contention resolution are introduced and shown to have significant influence on the incentives for peers to interact to obtain the highest level of service, and on the overall efficiency of providing services in the P2P network. The final paper by Pathak and Iftode addresses the issues of security in P2P networks. The paper describes a public key authentication method for P2P systems using Byzantine Fault Tolerance. Since malicious attacks and software errors can cause faulty nodes to exhibit Byzantine (i.e. arbitrary) behavior, Byzantine Fault Tolerant algorithms are becoming increasingly important. The mechanism proposed is autonomous and does not require a third party. It tolerates Byzantine faults and is correct if the number of honest peers in the network is above a certain threshold. The work addresses the design, correctness, and fault tolerance of authentication over unsecured P2P networks, and the ideas are implemented for a target application: Self Authenticating Mail (SAM). The issue should give the reader an insight into the challenges of implementing these concepts in future P2P networks and systems in order to make them more robust and secure, while at the same time maintaining the ideal that has driven their success to date. A future special issue should probably focus on practical experiences of implement-
Guest Editorial / Computer Networks 50 (2006) 469–471
ing Trust and Reputation in P2P networks, and on the security challenges and trade-offs facing designers who are implementing the next generation P2P systems. We would like to thank all the authors and reviewers who made this special issue possible. Finally, we would like to express our gratitude to Ian F. Akyildiz and Harry Rudin, Computer Networks Joint Editors-in-Chief, for giving us this opportunity. Raouf Boutaba is an Associate Professor in the School of Computer Science of the University of Waterloo. Before that he was with the Department of Electrical and Computer Engineering of the University of Toronto. Before joining academia, he founded and was the director of the telecommunications and distributed systems division of the Computer Science Research Institute of Montreal (CRIM). He conducts research in the areas of network and distributed systems management and resource management in multimedia wired and wireless networks. He has published more than 170 papers in refereed journals and conference proceedings. He is the recipient of the PremierÕs Research Excellence Award, the NORTEL Research Excellence Award and several Best Paper awards. He is a Fellow of the Faculty of Mathematics of the University of Waterloo and a Distinguished Lecturer of the IEEE Communications Society. He is the Chairman of the Working Group on Networks and Distributed Systems of the International Federation for Information Processing (IFIP), the Vice Chair of the IEEE Communications Society Technical Committee on Information Infrastructure, and the Director of the standards board of the IEEE Communications Society. He is the founder and acting Editor-in-Chief of the IEEE Transactions on Network and Service Management, published electronically, on the advisory editorial board of the Journal of Network and Systems Management, on the editorial board of the KIKS/IEEE Journal of Communications and Networks, the editorial board of the Journal of Computer Networks and the Journal of Computer Communications. He has also served as a guest editor of several special issues of IEEE Journal of Selected Areas in Communications (JSAC), the Journal of Computer Networks, the Journal of Computer Communications and the Journal of Network and System Management. He acted as the program chair for the IFIP Networking conference and the IEEE Consumer Communications and Networking Conference (CCNC), and program co-chair for the IEEE/IFIP Network Operation and Management Symposium (NOMS), the IFIP/IEEE Conference on Management of Multimedia Networks and Services (MMNS), the IEEE Feature Interaction Workshop, the IEEE Autonomic Computing and Communi-
471
cations (ACC) and two IEEE International Conference on Communications (ICC) symposia.
Alan Marshall (MÕ87-SMÕ01) received the B.Sc. degree from the University of Ulster in 1985, and the Ph.D. degree from the University of Aberdeen in 1992. He has been employed at QueenÕs University Belfast since 1993, as lecturer, senior lecturer and professor. He is currently Professor of Telecommunications Engineering and Director of the Advanced Networks Group. He is a senior member of IEEE, a member of ComSoc and IFIP TC6Õs Working Group 6.7 on Smart Networks and is on the executive committee of IEEÕs Professional Network on Communications Networks and Services. He has spent over 20 years working in tele- and computer-communications. From 1988 to 1990 he was employed by the Admiralty Research Establishment (UK) working on real-time computer networks for surface platforms. Between 1990 and 1993 he was employed as a senior systems engineer with Nortel Networks, were he worked on second generation cellular (GSM), and highspeed transmission (SDH) products. He has been active on a number of committees that have made recommendations for local Government policies on future directions for Telecommunications in Northern Ireland and the UK, through Foresight and other related initiatives. He holds joint patents and applications in the areas of spread spectrum communications, packet scheduling and wireless network architectures. His research interests include network architectures and protocols: computer and telecommunications networks; mobile and wireless networks; Quality of service (QoS) architectures; and network management systems and architectures.
Raouf Boutaba School of Computer Science University of Waterloo 200 University Av. West Waterloo, ON Canada N2L 3G1 Tel.: +1 519 888 4820; fax: +1 519 885 1208 E-mail address: [email protected] Alan Marshall School of Electrical & Electronic Engineering Queen’s University, Belfast, Belfast Northern Ireland, UK E-mail address: [email protected] Available online 15 August 2005
Guest Editorial
Management in peer-to-peer systems: Trust, reputation and security
Peer-to-Peer (P2P) computing systems have emerged as an important paradigm for distributed computing due to their potential for the involvement of millions of peers in the process of sharing and collaboration. P2P systems facilitate direct resource sharing among dynamic peers and are characterized as being decentralized, self-organizing distributed systems that exploit and efficiently make use of the untapped resources of the heterogeneous hosts in the P2P networks. A pure P2P file transfer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both ‘‘clients’’ and ‘‘servers’’ to the other nodes on the network. This model of network arrangement differs from the client–server model where communication is usually to and from a central server. The P2P architecture embodies one of the key technical concepts of the Internet, described in the first Internet Request For Comments. More recently the concept has achieved wide prominence among the general public in the context of the absence of central indexing servers in architectures used for exchanging multimedia files. The introduction of early P2P systems such as Napster, Gnutella, and KaZaA had a tremendous impact on the evolution of P2P computing. The popularity of these systems has lead to new and exciting research avenues in the application of distributed P2P computing. It has also presented new design challenges such as scalability, robustness,
coordination, adaptability, location, distributed storage, reputation, and security. One feature that has significantly contributed to the success of P2P systems, anonymity, also leaves such systems vulnerable to misuse. A typical concern is that the transfer of large quantities of video and audio files can introduce sporadic congestion into networks. However a more serious concern is their potential to introduce a whole new class of security threats as they can be used to distribute malicious software such as viruses and Trojan horses. Such threats can be considered to originate from malicious peers. Another form of misuse in P2P networks arises from selfish peers, sometimes called ‘‘free riders’’ who wish to avail themselves of the network services while contributing little or nothing in return. The P2P networks that have been widely deployed to date can be observed to have several unique features. They are essentially goodwill networks of mostly unknown peers and the peer population is highly transient. The result is that these networks are open to abuse and misuse by their peers, and so the issues of trust and reputation and security are becoming critical to their continued success. The work presented in this special issue encompasses the state-of-the-art as to how these features can be implemented and managed in P2P networks. The first paper by Marti and Molina presents a taxonomy of trust and reputation systems for P2P
1389-1286/$ - see front matter Ó 2005 Elsevier B.V. All rights reserved. doi:10.1016/j.comnet.2005.07.004
470
Guest Editorial / Computer Networks 50 (2006) 469–471
Networks and presents an excellent overview of the state-of-the-art in this area. The paper categorizes system components and their properties, and discusses how user behavior and technical constraints can conflict. The paper describes three basic components of a reputation system: gathering behavioral information, scoring and ranking peers, and rewarding or punishing peers; and presents mechanisms for achieving these. The second paper by Despotovic and Aberer provides a useful insight into trust-based management for P2P systems. The current work in the field can be roughly divided into two groups: social networks that rely on aggregating the entire available feedback in the network in hopes of achieving as much robustness against possible misbehaviors as possible and probabilistic models that rely on the well known probabilistic estimation techniques but use only a limited fraction of the available feedback. The paper provides an overview of each technique along with a comprehensive comparison of the two classes of approaches. The third paper by Gupta, Ammar and Ahamad discusses the trade-offs between reliability and the overhead incurred in tracking reputation in P2P networks. Consideration of the overhead is an important factor in judging the merits of a practical reputation-tracking scheme in order to maintain the scalability of the underlying P2P network. Methods of reputation tracking are proposed for strong and weak reputations, which differ in the level of overhead required and the reliability of the tracking. The fourth paper by Sherwood, Lee and Bhattacharjee presents a distributed scheme for trust inference in peer-to-peer networks. The work is based on the NICE system, which is used to provide a platform for implementing cooperative applications over the Internet. The paper describes a technique for efficiently storing user reputation information in a decentralized manner, and shows how this information can be used to identify noncooperating users. The robustness of the scheme is demonstrated, and it is shown that cooperative groups of peers can be formed in systems where the vast majority of users are malicious. The fifth paper by Mekouar, Iraqi and Boutaba proposes a reputation management scheme for
partially decentralized peer-to-peer systems. The scheme aims to build trust among peers based on their past experiences and feedback from other peers. In the paper, two selection advisor algorithms are used to help select the most trustworthy peer from which to download. The algorithms are able to detect malicious peers sending inauthentic files. The Malicious Detector algorithm is also proposed to detect liar peers that send misleading feedback to subvert the reputation system. A new concept of suspicious transactions is also introduced and explained. The sixth paper by Papaioannou and Stamoulis provides an in-depth study of how reputation policies can be used to provide incentives in P2P environments. The work shows how the calculation of reputation values should be complimented with the proper policies that determine the peer pairs that are eligible to interact with each other. Two reputation-based policies: provided selection and contention resolution are introduced and shown to have significant influence on the incentives for peers to interact to obtain the highest level of service, and on the overall efficiency of providing services in the P2P network. The final paper by Pathak and Iftode addresses the issues of security in P2P networks. The paper describes a public key authentication method for P2P systems using Byzantine Fault Tolerance. Since malicious attacks and software errors can cause faulty nodes to exhibit Byzantine (i.e. arbitrary) behavior, Byzantine Fault Tolerant algorithms are becoming increasingly important. The mechanism proposed is autonomous and does not require a third party. It tolerates Byzantine faults and is correct if the number of honest peers in the network is above a certain threshold. The work addresses the design, correctness, and fault tolerance of authentication over unsecured P2P networks, and the ideas are implemented for a target application: Self Authenticating Mail (SAM). The issue should give the reader an insight into the challenges of implementing these concepts in future P2P networks and systems in order to make them more robust and secure, while at the same time maintaining the ideal that has driven their success to date. A future special issue should probably focus on practical experiences of implement-
Guest Editorial / Computer Networks 50 (2006) 469–471
ing Trust and Reputation in P2P networks, and on the security challenges and trade-offs facing designers who are implementing the next generation P2P systems. We would like to thank all the authors and reviewers who made this special issue possible. Finally, we would like to express our gratitude to Ian F. Akyildiz and Harry Rudin, Computer Networks Joint Editors-in-Chief, for giving us this opportunity. Raouf Boutaba is an Associate Professor in the School of Computer Science of the University of Waterloo. Before that he was with the Department of Electrical and Computer Engineering of the University of Toronto. Before joining academia, he founded and was the director of the telecommunications and distributed systems division of the Computer Science Research Institute of Montreal (CRIM). He conducts research in the areas of network and distributed systems management and resource management in multimedia wired and wireless networks. He has published more than 170 papers in refereed journals and conference proceedings. He is the recipient of the PremierÕs Research Excellence Award, the NORTEL Research Excellence Award and several Best Paper awards. He is a Fellow of the Faculty of Mathematics of the University of Waterloo and a Distinguished Lecturer of the IEEE Communications Society. He is the Chairman of the Working Group on Networks and Distributed Systems of the International Federation for Information Processing (IFIP), the Vice Chair of the IEEE Communications Society Technical Committee on Information Infrastructure, and the Director of the standards board of the IEEE Communications Society. He is the founder and acting Editor-in-Chief of the IEEE Transactions on Network and Service Management, published electronically, on the advisory editorial board of the Journal of Network and Systems Management, on the editorial board of the KIKS/IEEE Journal of Communications and Networks, the editorial board of the Journal of Computer Networks and the Journal of Computer Communications. He has also served as a guest editor of several special issues of IEEE Journal of Selected Areas in Communications (JSAC), the Journal of Computer Networks, the Journal of Computer Communications and the Journal of Network and System Management. He acted as the program chair for the IFIP Networking conference and the IEEE Consumer Communications and Networking Conference (CCNC), and program co-chair for the IEEE/IFIP Network Operation and Management Symposium (NOMS), the IFIP/IEEE Conference on Management of Multimedia Networks and Services (MMNS), the IEEE Feature Interaction Workshop, the IEEE Autonomic Computing and Communi-
471
cations (ACC) and two IEEE International Conference on Communications (ICC) symposia.
Alan Marshall (MÕ87-SMÕ01) received the B.Sc. degree from the University of Ulster in 1985, and the Ph.D. degree from the University of Aberdeen in 1992. He has been employed at QueenÕs University Belfast since 1993, as lecturer, senior lecturer and professor. He is currently Professor of Telecommunications Engineering and Director of the Advanced Networks Group. He is a senior member of IEEE, a member of ComSoc and IFIP TC6Õs Working Group 6.7 on Smart Networks and is on the executive committee of IEEÕs Professional Network on Communications Networks and Services. He has spent over 20 years working in tele- and computer-communications. From 1988 to 1990 he was employed by the Admiralty Research Establishment (UK) working on real-time computer networks for surface platforms. Between 1990 and 1993 he was employed as a senior systems engineer with Nortel Networks, were he worked on second generation cellular (GSM), and highspeed transmission (SDH) products. He has been active on a number of committees that have made recommendations for local Government policies on future directions for Telecommunications in Northern Ireland and the UK, through Foresight and other related initiatives. He holds joint patents and applications in the areas of spread spectrum communications, packet scheduling and wireless network architectures. His research interests include network architectures and protocols: computer and telecommunications networks; mobile and wireless networks; Quality of service (QoS) architectures; and network management systems and architectures.
Raouf Boutaba School of Computer Science University of Waterloo 200 University Av. West Waterloo, ON Canada N2L 3G1 Tel.: +1 519 888 4820; fax: +1 519 885 1208 E-mail address: [email protected] Alan Marshall School of Electrical & Electronic Engineering Queen’s University, Belfast, Belfast Northern Ireland, UK E-mail address: [email protected] Available online 15 August 2005