Research On Trust And Access Control Model In P2p Network

The distributed and dynamic nature of P2P network requres a distributed security mechanism instead of a traditional centralized one. So the research on security model in P2P network is very popular. Trust and access control are both essential parts of a security mechanism, and are widely used for describing the trustworthiness of a user in terms of past behavior and access permission. They can ensure the proper behavior of the user as well as the regular operation of the network by warning and limiting the malicious behavior of users.After thorough analysis of the existing trust and access control model, A trust and access control model with hierarchy and preference is proposed, based on the understanding of context awareness of trust and the multidemensional nature of user requirments. The model uses a multilayer list to store the multidemensional trust infomation, and a preference vector to indicate the specific requirment of a user, so that the trust value can be caculated dynamically based on the Qos of the service provider and the requirment of the service requestor. Reputation value is used in the model to indicate the objectivity of the user's evaluation, so as to encourage users to give objective evaluation. Specific role mapping mechanism is established in the model to map the vectorized trust value and the roles with different access permisions and enable more flexible and thorough access control.The proposed model divides the network into different domains. Each domain is consist of different nodes catagorized by their comprehensive capability. These nodes take different responsibilities in the storage and processing of trust infomation. The initialization and operation process and the resource searching, trust querying and updating algorithm are also thoroughly described in the model.The simulation result demonstrate that the proposed model is better than exising ones in terms of management overhead, and user satisfaction rate. And as shown in the application example, the model's access control mechanism is feasible, flexible and extensible.