The Community for Technology Leaders
RSS Icon
Issue No.01 - January (2009 vol.20)
pp: 83-96
Ke Chen , Zhejiang University, Hangzhou
Kai Hwang , University of Southern California, Los Angeles
Gang Chen , Zhejiang University, Hangzhou
Abstract: Credential chains are needed in trusted peer-to-peer (P2P) applications, where trust delegation must be established between each pair of peers at specific role level. Role-based trust is refined from the coarse-grained trust model used in most P2P reputation systems. This paper offers a novel heuristic-weighting approach to selecting the most likely path to construct a role-based trust chain. We apply history-sensitive heuristics to measure the path complexity and assess the chaining efficiency. We discover successive edges of a trust chain, adaptively, to match with the demands from various P2P applications. New heuristic chaining algorithms are developed for backward, forward, and bi-directional discovery of trust chains. Our heuristic chain discovery scheme shortens the search time, reduces the memory requirement, and enhances the chaining accuracy in scalable P2P networks. Consider a trust graph over N credentials and M distinct role nodes. Our heuristic trust-chain discovery algorithms require O(N2logN) search time and O(M) memory space, if the secondary heuristics are generated off-line in advance. These are improved from O(N3) search time and O(NM) space required in non-heuristic discovery algorithms by Li, Winsborough, and Mitchell (2003). Our analytical results are verified by extensive simulation experiments over typical classes of role-based trust graphs.
Peer-to-peer networks, trust delegation, role-based credentials, heuristic semantics, Internet applications
Ke Chen, Kai Hwang, Gang Chen, "Heuristic Discovery of Role-Based Trust Chains in Peer-to-Peer Networks", IEEE Transactions on Parallel & Distributed Systems, vol.20, no. 1, pp. 83-96, January 2009, doi:10.1109/TPDS.2008.60
[1] K. Aberer and Z. Despotovic, “Managing Trust in a Peer-2-Peer Information System,” Proc. 10th Int'l Conf. Information and Knowledge Management (CIKM), 2001.
[2] R. Agrawal, T. Imielinski, and A. Swami, “Mining Association Rules between Sets of Items in Large Databases,” Proc. ACM SIGMOD '93, pp. 207-216, 1993.
[3] T. Aura, “Fast Access Control Decisions from Delegation Certificate Databases,” Proc. Third Australasian Conf. Information Security and Privacy (ACISP '98), pp. 284-295, 1998.
[4] E. Bertino, E. Ferrari, and A.C. Squicciarini, “Trust-X: A Peer-to-Peer Framework for Trust Establishment,” IEEE Trans. Knowledge and Data Eng., pp. 827-842, July 2004.
[5] M. Blaze, J. Feigenbaum, and J. Lacy, “Decentralized Trust Management,” Proc. IEEE Symp. Security and Privacy (ISSP '96), pp. 164-173, May 1996.
[6] M. Blaze, J. Feigenbaum, and M. Strauss, “Compliance-Checking in the PolicyMaker Trust Management System,” Proc. Second Int'l Conf. Financial Cryptography (FC '98), pp. 254-274, 1998.
[7] D. Clarke, J. Elien, C. Ellison, M. Fredette, A. Morcos, and R.L. Rivest, “Certificate Chain Discovery in SPKI/SDSI,” J.Computer Security, vol. 9, no. 4, pp. 285-322, 2001.
[8] P.E. Hart, N.J. Nilsson, and B. Raphael, “A Formal Basis for the Heuristic Determination of Minimum-Cost Paths in Graphs,” IEEE Trans. System Science and Cybernetics, vol. SSC-4, no. 2, pp.100-107, 1968.
[9] Y. Kulbak and D. Bickson, “The eMule Protocol Specification,” Technical Report TR-2005-03, Hebrew Univ., Jan. 2005.
[10] J. Leskovec, J. Kleinberg, and C. Faloutsos, “Graphs over Time: Densification Laws, Shrinking Diameters and Possible Explanations,” The 11th ACM Int'l Conf. Knowledge Discovery in Data Mining (SIGKDD '05), Aug. 2005.
[11] N.H. Li, J.C. Mitchell, and W.H. Winsborough, “Design of a Role-Based Trust Management Framework,” Proc. IEEE Symp. Security and Privacy (ISSP '02), pp. 114-130, May 2002.
[12] N.H. Li, W.H. Winsborough, and J.C. Mitchell, “Distributed Credential Chain Discovery in Trust Management,” J. Computer Security, vol. 11, no. 1, pp. 35-86, Feb. 2003.
[13] N.H. Li and J.C. Mitchell, “Datalog with Constraints: A Foundation for Trust Management Languages,” Proc. Fifth Int'l Symp. Practical Aspects of Declarative Languages (PADL '03), pp. 58-73, 2003.
[14] Z. Mao, N.H. Li, and W.H. Winsborough, “Distributed Credential Chain Discovery in Trust Management with Parameterized Roles and Constraints,” Proc. Int'l Conf. Information and Comm. Security (ICICS '06), Dec. 2006.
[15] N.H. Li, J.W. Byun, and E. Bertino, “A Critique of the ANSI Standard on Role-Based Access,” IEEE Security and Privacy, pp.41-49, Nov. 2007.
[16] J. Pearl, Heuristics: Intelligent Search Strategies for Computer Problem Solving. Addison-Wesley, 1984.
[17] J.A. Pouwelse, P. Garbacki, D.H. Epema, and H.J. Sips, “The BitTorrent P2P File-Sharing System: Measurements and Analysis,” Proc. Fourth Int'l Workshop Peer-to-Peer Systems (IPTPS), 2005.
[18] R.S. Sandhu, “Rationale for the RBAC96 Family of Access Models,” Proc. First ACM Workshop Role-Based Access Control (RBAC), 1996.
[19] R.S. Sandhu, D. Ferraio, and R. Kuhn, “The NIST Model for Role-Based Access Control: Towards a Unified Standard,” Proc. Fifth ACM Workshop Role-Based Access Control (RBAC '00), pp. 47-63, 2000.
[20] S. Song, K. Hwang, R. Zhou, and Y.K. Kwok, “Trusted P2P Transactions with Fuzzy Reputation Aggregation,” IEEE Internet Computing, pp. 18-28, Nov./Dec. 2005.
[21] S. Song, K. Hwang, and Y. Kwok, “Risk-Tolerant Heuristics and Genetic Algorithms for Security-Assured Grid Job Scheduling,” IEEE Trans. Computers, pp. 703-719, June 2006.
[22] K. Walsh and E. Sirer, “Experience with an Object Reputation System for Peer-to-Peer File-Sharing,” Proc. Third Symp. Networked System Design and Implementation (NSDI '06), May 2006.
[23] D.J. Watts and S.H. Strogatz, “Collective Dynamics of Small-World Networks,” Nature, vol. 393, pp. 440-442, 1998.
[24] W.H. Winsborough and N.H. Li, “Towards Practical Automated Trust Negotiation,” Proc. IEEE Third Int'l Workshop Policies for Distributed Systems and Networks (POLICY '02), pp. 92-103, 2002.
[25] L. Xiao, Y. Liu, and L.M. Ni, “Improving Unstructured Peer-to-Peer Systems by Adaptive Connection Establishment,” IEEE Trans. Computers, pp. 1091-1103, Sept. 2005.
[26] L. Xiong and L. Liu, “PeerTrust: Supporting Reputation-Based Trust for P2P Electronic Communities,” IEEE Trans. Knowledge and Data Eng., pp. 43-857, July 2004.
[27] R. Zhou and K. Hwang, “PowerTrust: A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing,” IEEE Trans. Parallel and Distributed Systems, vol. 18, no. 4, pp. 460-473, Apr. 2007.
[28] R. Zhou, K. Hwang, and M. Cai, “GossipTrust for Fast Reputation Aggregation in Peer-to-Peer Networks,” IEEE Trans. Knowledge and Data Eng., 2008.
14 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool