Research On Key Technologies Of Overlay Optimization And Trust Negotiation In P2P Network

When the traditional client/server model is not adapt to the needs of today's Internet, a new distributed computing technology Peer-to-peer (P2P) has been taken seriously soon and become a research hotspot. As the topology structure of P2P network has a very significant impact on the various aspects of P2P network, topology structure optimization of P2P network is very meaningful and load-balancing problem is the key to structured P2P overlay. Because of the involvement of large scale peers, heterogeneous operating environment, and dynamic characteristics and autonomy of activity goals, the traditional methods for trust management expose many weaknesses across multiple security domains to authorize and access control in P2P network. The appearance of Automated Trust Negotiation (ATN) technology addresses the privacy protection and trust establishment issues across multiple security domains, which is establishing trust among strangers without prior trust relationship. Therefore, research on ATN in P2P domain is very meaningful.The dissertation is supported by The National High Technology Research and Development Program of China (No.2009AA01Z423), Cultivation Fund of the Key Scientific and Technical Innovation Project, Ministry of Education of China (No.707006), major co-constructive project of Beijing Municipal Education Commission, and Fund of Beijing Jiaotong University (2006XM001). The dissertation focuses on topology structure and ATN mechanism of P2P technologies, including fairness-based topology structure optimization, sensitive information protection and attack prevention of ATN, efficiency of ATN, multi-party trust negotiation. In addition, this thesis presents the corresponding solutions. The main contributions of the dissertation are as follows:1. A new P2P protocol R-Chord is proposed, which has recursive structure and uniform distribution. The basic idea is:in order to suppress the production of super peer, when the network may appear super peer, recursively using the Chord topology network construction method to balance the saturation degree of peer, and controlling saturation degree coefficient of peer within the maximum forwarding capacity. Suppressing process includes four main steps:splitting the sub-ring, sub-ring forward, sub-ring expansion and re-splitting. R-Chord has good performance in restraining the emergence of super peer and making connection distribution equably. 2. Distributed fairly optimal (DFO) algorithm based on CAN protocol is proposed, which uses peer's up/down bandwidth usage and overlay multicast link efficiency defined by utility function as standard. DFO defines request/response utility function respective and evaluates global transmit overload based on peer input efficiency vector to conform a fire restrict. DFO can reduce average query latency and global bandwidth cost by optimizing global utility. Simulative results and analysis has shown that DFO improved on hot spot problem in CAN, can achieve the purpose of minimum global query latency and maximal transmit overload balance.3. The inheritance relationship between access control policies is presented, which can effectively prevent the reasoning leading to sensitive information leakage problem. The location function which is checking out credential validation is proposed, and it requires each credential must satisfy validity of the relevant credential preventing mutually exclusive attacks from other credentials in the process of ATN. A P2P trust negotiation framework based on anti-attack and sensitive information protection is provided, which is used to prevent sensitive information leakage, and resistance to a variety of attacks in the process of ATN.4. A P2P trust negotiation framework is proposed, which adds Strategy Selection Algorithm into traditional Strategic Assessment Module using the relationship between the access control policies. The Strategy Selection Algorithm can effectively reduce the number of interaction and exchange of information in the process of ATN. A new Minimal-cost-based Strategy Selection Algorithm is provided, which is aimed to make cost or weight of accessing service or running time of communication and computing as minimal as possible. Comparing with Max-Min and PRUNES strategy selection algorithms, the running effiency of this algorithm is highest, and success rate of negotiation is highest because this algorithm can effectively solve cyclic dependency problem.5. An extended DARCL policy language is proposed, which extends operating function of disclosure rules and adds access control policy for sensitive information. A new modeling method of multiparty trust negotiation based on Coloured Petri-net is presented. The method adapts to multi-party trust negotiation scenarios in P2P network environment, and overcomes the deficiency of restricted description ability and too large scale network in the basic Petri net. There may have some malicious peers in P2P network environment forge credentials and process trust negotiation with good peers in order to obtain services or resources of good peers. In response to this situation, Kailar logic is proposed for the use of non-repudiation protocol information analysis of multi-party trust negotiation to make ATN protocol more robust.