Ap3

Mislove, Alan; Oberoi, Gaurav; Post, Ansley; Reis, Charles; Druschel, Peter; Wallach, Dan S.

doi:10.1145/1133572.1133578

Cited by 70 publications

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indirect routing improves the anonymity of the sender but it also increases the number of messages needed to route a query and its latency. A similar routing alternative is used in the AP3 system [157].…”

Section: Chapter 2 Attacks and Defenses On P2psipmentioning

confidence: 99%

See 1 more Smart Citation

Security in peer-to-peer communication systems

Suárez Touceda

View full text Add to dashboard Cite

P2PSIP (Peer-to-Peer Session Initiation Protocol) is a protocol developed by the IETF (Internet Engineering Task Force) for the establishment, completion and modi¿cation of communication sessions that emerges as a complement to SIP (Session Initiation Protocol) in environments where the original SIP protocol may fail for technical, ¿nancial, security, or social reasons. In order to do so, P2PSIP systems replace all the architecture of servers of the original SIP systems used for the registration and location of users, by a structured P2P network that distributes these functions among all the user agents that are part of the system. This new architecture, as with any emerging system, presents a completely new security problematic which analysis, subject of this thesis, is of crucial importance for its secure development and future standardization. Starting with a study of the state of the art in network security and continuing with more speci¿c systems such as SIP and P2P, we identify the most important security services within the architecture of a P2PSIP communication system: access control, bootstrap, routing, storage and communication. Once the security services have been identi¿ed, we conduct an analysis of the attacks that can a¿ect each of them, as well as a study of the existing countermeasures that can be used to prevent or mitigate these attacks. Based on the presented attacks and the weaknesses found in the existing measures to prevent them, we design speci¿c solutions to improve the security of P2PSIP communication systems. To this end, we focus on the service that stands as the cornerstone of P2PSIP communication systems¿ security: access control. Among the new designed solutions stand out: a certi¿cation model based on the segregation of the identity of users and nodes, a model for secure access control for on-the-¿y P2PSIP systems and an authorization framework for P2PSIP systems built on the recently published Internet Attribute Certi¿cate Pro¿le for Authorization. Finally, based on the existing measures and the new solutions designed, we de¿ne a set of security recommendations that should be considered for the design, implementation and maintenance of P2PSIP communication systems.

show abstract

Section: Chapter 2 Attacks and Defenses On P2psipmentioning

confidence: 99%

“…• Methods as the forwarding tables in AP3 [157] or the Truncated Via-Lists in RELOAD [57] should be used to obfuscate the information needed to route back the response of a query.…”

Section: Headers Obfuscationmentioning

confidence: 99%

Security in peer-to-peer communication systems

Suárez Touceda

View full text Add to dashboard Cite

show abstract

Structural‐based tunneling: preserving mutual anonymity for circular P2P networks

Naghizadeh

Berenjian

Meamari

et al. 2015

Int J Communication

View full text Add to dashboard Cite

Summary Many methods are suggested to preserve anonymity of users for peer‐to‐peer (P2P) networks. Most of these methods, by relying on established anonymous solutions on client/server applications, are presented for unstructured P2P networks. However, structured overlays, by using distributed hash tables for their routing, do not resemble traditional paradigms. Therefore, current anonymous methods cannot be implemented for them easily. In this paper, we introduce structural‐based tunneling (SBT) to provide mutual anonymity for circular P2P structures. In this method, we get help from inherited features of network infrastructure to establish a standard way for making tunnels. SBT introduces a flexible design that is able to manage different parts of the tunnels on current infrastructures. For this purpose, we incorporate SBT with Chord to show how such design can be managed for real‐world applications. The results of applied method with simulations show that by managing critical features of SBT, a trade‐off can be made between stronger security and performance of the network. Copyright © 2015 John Wiley & Sons, Ltd.

show abstract

CoFeed: privacy‐preserving Web search recommendation based on collaborative aggregation of interest feedback

et al. 2011

View full text Add to dashboard Cite

SUMMARY Search engines essentially rely on the structure of the graph of hyperlinks. Although accurate for the main trend, this is not effective when some query is ambiguous. Leveraging semantic information by the mean of interest matching allows proposing complementary results that are tailored to the user's expectations. This paper proposes a collaborative search companion system, CoFeed, that collects user search queries and that considers feedback to build user‐centric and document‐centric profiling information. Over time, the system constructs ranked collections of elements that maintain the required information diversity and enhance the user search experience by presenting additional results tailored to the user's interest space. This collaborative search companion requires a supporting architecture adapted to large user populations generating high request loads. To that end, it integrates mechanisms for ensuring scalability and load balancing of the service under varying loads and user interest distributions. Moreover, collecting the recommendation data poses the problem of users’ privacy, and the bias one peer can induce to the system by sending fake recommendations. To that end, CoFeed ensures both publisher anonymity and rate limitation. With the former, the origin of the data is never known by the server that processes it, even if several servers collude to spy on some user. The latter, combined with decoupled authentication, allows to minimize the influence of cheating peers sending fake recommendations. Experiments with a deployed prototype highlight the efficiency of the system by analyzing improvement in search relevance, computational cost, scalability and load balancing. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

Ap3

Cited by 70 publications

References 25 publications

Security in peer-to-peer communication systems

Security in peer-to-peer communication systems

Structural‐based tunneling: preserving mutual anonymity for circular P2P networks

CoFeed: privacy‐preserving Web search recommendation based on collaborative aggregation of interest feedback

Contact Info

Product

Resources

About