Research And Application Of Trust-Negotiation Based Access Control Model For P2P Network

As a focused research field of computational network, peer-to-peer (p2p) network can solve the problem of Server capability bottleneck which traditional Client/Server mode can't solve. Its distributed network structure and uncentralized management mode bring a lot of convenience to the application field of resource sharing and Cooperative Work system. But due to these network structure and management character, a lot of malicious entity and fraudulent action have consisted in p2p network. How to safely make access control decision in p2p network is becoming a urgent problem.Currently, access authorization methods are mostly based upon trust-degree which can be get by evaluating entity behavior and Reputation in P2P network. Because of these methods have the character of subjectivity and randomicity, it unsuitably apply these methods to the high security requirement environment.This paper focus on the problem of how to make access control decision in the high security required application in P2P network based on the research of access control theory. Firstly, Trust-Negotiation Based Access Control Model (P2PAC-TN) is presented by drawing inspiration from theories of the trust management and combining the high security application environment requirements, and access control relationship is formally described. The framework of P2PAC-TN is designed, and based on the inspiration of two-party secure function evaluation a high security level trust negotiation method with its protocol (SFEBTN) is presented. This trust negotiation method highly strengthen the security level of P2PAC-TN. And then, according to the extension of sensitivity resource classification in trust negotiation process,a Trust Negotiation Strategy Based on Wide-first Search (WFS-TNS) is presented. This strategy can provide sensitivity resource with a all-sided protection,and the problem of policy cycle dependency can be solved by WFS-TNS. Through analysis WFS-TNS is a secure,efficient and complete trust negotiation strategy. Finally, we apply P2PAC-TN to the application of file sharing system in high security required environment. According to the model of P2PAC-TN, the controlled file sharing system is designed and implemented. The feasibility and application effect of P2PAC-TN are verified by the test of file sharing system.In summary, a new way is introduced to safely solve access control decision problems in p2p network through this thesis, the proposed trust negotiation method and strategy have a better performance in the aspect of sensitivity resource protection, and it is practically valuable.