| In these years, more and more attention is paid to P2P network, unfortunately, thesecurity issues are one of the most important factors that put off the development ofP2P network. The security issues include authentication, access control, audition,encryption, safe communication, non-repudiation and so on. This paper deals mainlywith the access control model that caters to the P2P network. Following are the mainachievements:It is discussed in detail that the history of P2P network and its characters in infrastructure and its applications.ACL model and RBAC model, which are usually used now in P2P, are described and analyzed. Since the users in P2P are dynamic and don't have immobile IP addresses, ACL model is not fit for P2P. Also, RBAC needs a center, so it isn't fit for P2P as well.A new model and its implementation, named HBAC-in-P2P model, is proposed in this paper. This scheme bases on certificate and introduces the reputation to decide the hierarchy of a user or resource. Also a set of keys with hierarchies are designed to manage certificates. This scheme integrates the mandatory access control with discretionary access control, which makes this model flexible and fine-grained. Furthermore, the period of validity of the certificate has been effectively managed and the user that applies to join could get the certificate in time.
|
PDF Full Text Request