基于P2P网络SNTrust信任模型的研究与实现
|
摘要
如今,P2P技术已经广泛应用于网络的各个方面,其信誉问题成为了研究的重点。传统的网络安全机制如数字签名和数字水印技术虽然能保证交易的保密性和完整性,但无法对交易双方的信用度进行评价,因此基于P2P的信任机制能有效的加强系统的可靠性。
本文在分析现有的信任模型优缺点的基础上,提出一种SNTrust的超节点的P2P网络信任模型。模型中采取的是组的概念,每个组的节点分为超级节点和普通节点,超级节点负责连接本组中所有普通节点,存放组内每个节点的全局信誉度,并在超级节点之间组成P2P网络。每个普通节点加入P2P网络都要通过相应的超级节点,在本地保存直接交易数据。
在信任度的计算方面,该模型改善了以往信任模型中计算信任度的方法,把信任度的范围扩展到(-1,1)。信任度的计算以组为单位,分为两个层次:组内的本地信任关系和以组为单位的全局信任关系。
组内部节点的信任关系用直接信任度、间接信任度和总体信任度来计算。其总体信任度由直接信任和间接信任组成,直接信任度由消费节点通过与提供服务的服务节点的历史成功/失败交互记录获取,并且对于失败交易加入了惩罚因子来进行调整;间接信任度的值通过推荐信任与总体信任的综合来获取,而推荐信任中不引入惩罚因子,直接参考相互交易的失败和成功的比例。以组为单位的全局信任关系:取参与交易的两个节点自身的全局信任度和两节点所在的组直接交易信任度的最小值来判断。
该实验通过对不同交易量下的交易成功率对比,充分说明了本信任模型能够有效的抑制恶意节点的行为,改善网络性能。同时,通过与其它信任模型进行性能分析,更进一步证明了该模型的可行性和有效性。
Today, P2P technology has been widely applied in all aspects of networks, the individual credibility has become a focus of trust model study. Traditional network security mechanisms, such as digital signatures and digital watermarking, can ensure the confidentiality and integrity of the transaction, but they cannot evaluate the trust of both transaction sides. Hence, the trust mechanism based on P2P can enhance system reliability.
Through the analysis on the advantages and disadvantages of the existing trust model, we propose a SNTrust P2P network trust model. Using the concept of group, Nodes of each group are separated into super-nodes and normal nodes. Super-nodes are responsible for connecting all the normal nodes in this group, storing the whole trust of each node in the group. P2P network is formed among super-nodes. Normal node must pass through the corresponding super-nodes to join the P2P network, and the direct transaction data are stored locally in order to provide effect protection for the P2P network transactions.
This model improves the previous methods of trust calculation in trust models and extends the scope of trust to (-1,1). In terms of cluster, trust calculation falls into two levels: local trust in the cluster and whole trust based on cluster.
The node trust in the cluster is calculated by direct trust, indirect trust (which constitute final trust) and whole trust. Direct trust is attained from the ratio of historical success / failure records on the interactions between consumption node and service node,the failed deal is adjusted with the penalty factor; Indirect trust is obtained through integrating recommendation trust and whole trust. Recommendation trust, not affected by penalty factor, refers directly to the rates of transaction failure and success.Whole trust based on cluster is judged by the least value of whole credit worthiness of the two nodes involved in the transaction and direct transaction credit worthiness of the cluster in which the two nodes are included.
The experiment, comparing the ratio of successful transaction in various volumes, demonstrates that this trust model is effective in restraining the behavior of malicious nodes and improving network performance. At the same time, the performance analysis on several other trust models further proves the feasibility and effectiveness of this model.
本文在分析现有的信任模型优缺点的基础上,提出一种SNTrust的超节点的P2P网络信任模型。模型中采取的是组的概念,每个组的节点分为超级节点和普通节点,超级节点负责连接本组中所有普通节点,存放组内每个节点的全局信誉度,并在超级节点之间组成P2P网络。每个普通节点加入P2P网络都要通过相应的超级节点,在本地保存直接交易数据。
在信任度的计算方面,该模型改善了以往信任模型中计算信任度的方法,把信任度的范围扩展到(-1,1)。信任度的计算以组为单位,分为两个层次:组内的本地信任关系和以组为单位的全局信任关系。
组内部节点的信任关系用直接信任度、间接信任度和总体信任度来计算。其总体信任度由直接信任和间接信任组成,直接信任度由消费节点通过与提供服务的服务节点的历史成功/失败交互记录获取,并且对于失败交易加入了惩罚因子来进行调整;间接信任度的值通过推荐信任与总体信任的综合来获取,而推荐信任中不引入惩罚因子,直接参考相互交易的失败和成功的比例。以组为单位的全局信任关系:取参与交易的两个节点自身的全局信任度和两节点所在的组直接交易信任度的最小值来判断。
该实验通过对不同交易量下的交易成功率对比,充分说明了本信任模型能够有效的抑制恶意节点的行为,改善网络性能。同时,通过与其它信任模型进行性能分析,更进一步证明了该模型的可行性和有效性。
Today, P2P technology has been widely applied in all aspects of networks, the individual credibility has become a focus of trust model study. Traditional network security mechanisms, such as digital signatures and digital watermarking, can ensure the confidentiality and integrity of the transaction, but they cannot evaluate the trust of both transaction sides. Hence, the trust mechanism based on P2P can enhance system reliability.
Through the analysis on the advantages and disadvantages of the existing trust model, we propose a SNTrust P2P network trust model. Using the concept of group, Nodes of each group are separated into super-nodes and normal nodes. Super-nodes are responsible for connecting all the normal nodes in this group, storing the whole trust of each node in the group. P2P network is formed among super-nodes. Normal node must pass through the corresponding super-nodes to join the P2P network, and the direct transaction data are stored locally in order to provide effect protection for the P2P network transactions.
This model improves the previous methods of trust calculation in trust models and extends the scope of trust to (-1,1). In terms of cluster, trust calculation falls into two levels: local trust in the cluster and whole trust based on cluster.
The node trust in the cluster is calculated by direct trust, indirect trust (which constitute final trust) and whole trust. Direct trust is attained from the ratio of historical success / failure records on the interactions between consumption node and service node,the failed deal is adjusted with the penalty factor; Indirect trust is obtained through integrating recommendation trust and whole trust. Recommendation trust, not affected by penalty factor, refers directly to the rates of transaction failure and success.Whole trust based on cluster is judged by the least value of whole credit worthiness of the two nodes involved in the transaction and direct transaction credit worthiness of the cluster in which the two nodes are included.
The experiment, comparing the ratio of successful transaction in various volumes, demonstrates that this trust model is effective in restraining the behavior of malicious nodes and improving network performance. At the same time, the performance analysis on several other trust models further proves the feasibility and effectiveness of this model.
引文
[1] Wang Y, Vassileva J. Trust and reputation model in peer-to-peer networks. Peer–to-Peer Computing, 2003. (P2P 2003). Proceedings. Third International Conference on, 1-3 Sept, 2003, 140-147
[2] Apostolos T, Barry M G. Peer-to-peer networks based on hierarchies of trust. Proceedings of the 4th IEEE International Conference on Peer-to-Peer Computing. NW, Washington. IEEE Computer Society, 2004, 150-151
[3] Sun Mierosystems. EnterPrise Java Beans Specification Version 2.0. Sun Mierosystems, 2000
[4]李芳.基于P2P网络的信任模型的研究: [郑州大学硕士学位论文], 2005, 11-13
[5] Napster. http://www.napster.com
[6] Gnutella. http://www.gnutella.com
[7] Stoica I, Morris R, Karger D, etal. A scalable peer-to-peer lookup protocol for Internet applications. IEEE/ACM Transactions on Networking , 2001, 11(1): 112-115
[8]侯太平,顾大权,汪晋.浅谈P2P技术.微计算机应用, 2002, 6: 20-24
[9] [美]Dreamtech软件研发组著.吴文辉,陈建荣,肖国尊等译.对等网络编程源代码解析.北京:电子工业出版社, 2002, 42-44
[10]张文,赵子铭主编. P2P网络技术原理和C++开发案例.北京:人民邮电出版社, 2008, (1): 4-21
[11]熊江,胡仲华. P2P技术与应用.重庆三峡学院学报, 2003, 19(3): 22-27
[12] Li NH, Mitchell JC, Winsborough WH. Design of a rolesbased trust management framework. In: Proceedings of the 2002 IEEE Symp. On Security and Privacy. Washington: IEEE Computer Society Press, 2002, 114-130
[13]毛薇,姚青,李涛. P2P系统发现技术的研究与实现.武汉理工大学学报, 2002, 6(33): 807-810
[14]田春岐,邹仕洪,田慧蓉等.一种基于信誉和风险评价的分布式P2P信任模型.电子与信息学报, 2007, 29(7): 1528-1529
[15]贾凡,谢蒂,杨义先.一种时域上的P2P信任模型.计算机工程与应用, 2007, 43(19): 114-115
[16]林怀清,李之棠. P2P信任模型关键技术的研究进展.小型微型计算机系统,2007, 28(9): 1549-1502
[17]王荣,李会凯. PKI-P2P技术在高校网络中的应用.漯河职业技术学院学报, 2008, 7(2): 43-44
[18]陈姝,方滨兴,周勇林. P2P技术的研究和应用.计算机工程与应用, 2002, 13(6): 7-9
[19] Blaze M, Feigenbaum J, Ioannidis J, etal. The Role of Trust Management in Distributed Systems Security. In: Secure Internet Programming: Issues for Mobile and Distributed Objects. Berlin: Springer-Verlag, 1999, 184-210
[20] Dejan S. Milojicic, Vana Kalogeraki, Rajan Lukose, etc. Peer-to-Peer Computing, HP Laboratories Palo Alto. HPL, 2002, 57: 47-49
[21] Yahalom R, Klein B, Beth T. Trust relationships in secure systems-a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993, 140-154
[22] Kazaa2003. The Kazaa Website[EB/OL]. http://www.kazaa.com
[23]张鹏,周碧英.浅析计算机P2P技术.福建电脑, 2008, 4: 46-47
[24] Mujtaba K, Partha D, Kyung DR. A role base trust model for Peer-to-Peer communities and dynamic coalitions. The 2 nd IEEE International, 2004, 141- 144
[25]贾钊,王蕊楠,陶波, P2P网络安全综述.网络安全技术与应用, 2008, 3: 17- 19
[26]罗金玲,刘罗仁.对等网络P2P系统安全问题的研究.网络安全技术与应用, 2007, 7: 20-21
[27] Arindam Mitra, Ranganath Udupa, Muthucumaru Mah-eswaran. A secure trust and incentive management framework for public-resource based computing utilities. In: IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2004). Cardiff, UK, 2004, 257-274
[28] Audun J. Subjective Evidential Reasoning. In: Proeeedings of the 9th Intemational Conference on Information Proeessing and Management of Uncertainty in knowledge-Based Systems (IPMU 2002). France, 2002, l-4
[29]孙利荣,蒋泽军,王丽芳. Ad hoc网络信任模型的研究.微电子学与计算机, 2004, 10-13
[30]谢瑗瑗,胡祥光,刘军等. P2P网络中信任模型研究综述.军事通信技术, 2009, 2: 38-42
[31]王成,庞希愚,秦志伟等.一种新的P2P安全信任管理模型.计算机安全, 2009, 9: 33-35
[32]周建峰,马玉祥,欧阳雄. PKI信任模型研究.电子科技, 2009, 4: 74-77
[33]陶世忠,史清华,王亚敏. P2P-PKI中节点信任模型研究.计算机系统应用, 2007, 1: 73-75
[34] Onsale website. http://www.onsale.com
[35] Resnick P, Zeckhauser R. Trust Among Strangers in Internet Transactions:Empirical Analysis of eBay’s Reputation System, NBER Workshop on Empirical Studies of Electronic Commerce, 2000
[36] EDonkey website. http://www.edonkey2000.com
[37] Albrecht K. Ruedi AR. CliPPee: A large-seale client/Peer system. Teehnical Report, TR-410, Swiss Federal Institute of Teehnology, 2003
[38] Sig2dat specification. 2002. http://www.geoeities.eom/vlaibb
[39] Kamver SD, Schlosser MT. EigenRep: Reputation management in P2P networks. In: Lawrence S, ed. Proc. Of the 12th internet World Wide Web Conf. Budapest: ACM press, 2003, 123-134
[40] Sepandar D, Kamvar, Mario T. Schlosser and Hector GarciaMolina. The EigenTrust Algorithm for Reputation Management in P2P Networks, 1999, 22- 36
[41] Merkle R. Protocols for public key cryptosystems. Proceedings of the IEEE Symposium Research in Security and Privacy, 1980, 122-134
[42]马雁云,陈春玲. P2P系统中几种重要的信任模型的分析.广东通信技术, 2007, 8: 24-27
[43]窦文,王怀民,贾焰等.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报, 2004, 14 (4): 471-483
[44] Li Xiong, Ling Liu. PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering, 2004, 35(7): 843-847
[45] Dou W, Wang HM, Jia Y, etal. Arecommendation-based peer-to-peer trust model. Journal of Software, 2004, 14(4): 471-483
[46]徐芳,一种基于域的P2P环境下的信任模型研究: [华中师范大学硕士学位论文], 2008
[47] Terry D, Goldberg, Nichols D, etal. Continuous queries over Append-only databases. Proceedings of ACM SIGMOD Conference. San Diego. USA, Jun, 1992, 321-330
[48]田慧蓉. P2P网络信任模型与激励机制的研究: [北京邮电大学博士学位论文], 2005
[49]刘浩,张连明,彭利民.基于分层代理的P2P网络信誉管理模型.计算机工程, 2009, 34(18): 143-144
[50]王杨,王朝斌,王汝传.一种基于对等组的新型P2P敏捷信任模型.计算机工程, 2007, 33(17): 117-119
[51]袁巍,李津生,洪佩琳.一种P2P网络分布式信任模型及仿真.系统仿真学报, 2005, 18(4): 938-942
[2] Apostolos T, Barry M G. Peer-to-peer networks based on hierarchies of trust. Proceedings of the 4th IEEE International Conference on Peer-to-Peer Computing. NW, Washington. IEEE Computer Society, 2004, 150-151
[3] Sun Mierosystems. EnterPrise Java Beans Specification Version 2.0. Sun Mierosystems, 2000
[4]李芳.基于P2P网络的信任模型的研究: [郑州大学硕士学位论文], 2005, 11-13
[5] Napster. http://www.napster.com
[6] Gnutella. http://www.gnutella.com
[7] Stoica I, Morris R, Karger D, etal. A scalable peer-to-peer lookup protocol for Internet applications. IEEE/ACM Transactions on Networking , 2001, 11(1): 112-115
[8]侯太平,顾大权,汪晋.浅谈P2P技术.微计算机应用, 2002, 6: 20-24
[9] [美]Dreamtech软件研发组著.吴文辉,陈建荣,肖国尊等译.对等网络编程源代码解析.北京:电子工业出版社, 2002, 42-44
[10]张文,赵子铭主编. P2P网络技术原理和C++开发案例.北京:人民邮电出版社, 2008, (1): 4-21
[11]熊江,胡仲华. P2P技术与应用.重庆三峡学院学报, 2003, 19(3): 22-27
[12] Li NH, Mitchell JC, Winsborough WH. Design of a rolesbased trust management framework. In: Proceedings of the 2002 IEEE Symp. On Security and Privacy. Washington: IEEE Computer Society Press, 2002, 114-130
[13]毛薇,姚青,李涛. P2P系统发现技术的研究与实现.武汉理工大学学报, 2002, 6(33): 807-810
[14]田春岐,邹仕洪,田慧蓉等.一种基于信誉和风险评价的分布式P2P信任模型.电子与信息学报, 2007, 29(7): 1528-1529
[15]贾凡,谢蒂,杨义先.一种时域上的P2P信任模型.计算机工程与应用, 2007, 43(19): 114-115
[16]林怀清,李之棠. P2P信任模型关键技术的研究进展.小型微型计算机系统,2007, 28(9): 1549-1502
[17]王荣,李会凯. PKI-P2P技术在高校网络中的应用.漯河职业技术学院学报, 2008, 7(2): 43-44
[18]陈姝,方滨兴,周勇林. P2P技术的研究和应用.计算机工程与应用, 2002, 13(6): 7-9
[19] Blaze M, Feigenbaum J, Ioannidis J, etal. The Role of Trust Management in Distributed Systems Security. In: Secure Internet Programming: Issues for Mobile and Distributed Objects. Berlin: Springer-Verlag, 1999, 184-210
[20] Dejan S. Milojicic, Vana Kalogeraki, Rajan Lukose, etc. Peer-to-Peer Computing, HP Laboratories Palo Alto. HPL, 2002, 57: 47-49
[21] Yahalom R, Klein B, Beth T. Trust relationships in secure systems-a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993, 140-154
[22] Kazaa2003. The Kazaa Website[EB/OL]. http://www.kazaa.com
[23]张鹏,周碧英.浅析计算机P2P技术.福建电脑, 2008, 4: 46-47
[24] Mujtaba K, Partha D, Kyung DR. A role base trust model for Peer-to-Peer communities and dynamic coalitions. The 2 nd IEEE International, 2004, 141- 144
[25]贾钊,王蕊楠,陶波, P2P网络安全综述.网络安全技术与应用, 2008, 3: 17- 19
[26]罗金玲,刘罗仁.对等网络P2P系统安全问题的研究.网络安全技术与应用, 2007, 7: 20-21
[27] Arindam Mitra, Ranganath Udupa, Muthucumaru Mah-eswaran. A secure trust and incentive management framework for public-resource based computing utilities. In: IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2004). Cardiff, UK, 2004, 257-274
[28] Audun J. Subjective Evidential Reasoning. In: Proeeedings of the 9th Intemational Conference on Information Proeessing and Management of Uncertainty in knowledge-Based Systems (IPMU 2002). France, 2002, l-4
[29]孙利荣,蒋泽军,王丽芳. Ad hoc网络信任模型的研究.微电子学与计算机, 2004, 10-13
[30]谢瑗瑗,胡祥光,刘军等. P2P网络中信任模型研究综述.军事通信技术, 2009, 2: 38-42
[31]王成,庞希愚,秦志伟等.一种新的P2P安全信任管理模型.计算机安全, 2009, 9: 33-35
[32]周建峰,马玉祥,欧阳雄. PKI信任模型研究.电子科技, 2009, 4: 74-77
[33]陶世忠,史清华,王亚敏. P2P-PKI中节点信任模型研究.计算机系统应用, 2007, 1: 73-75
[34] Onsale website. http://www.onsale.com
[35] Resnick P, Zeckhauser R. Trust Among Strangers in Internet Transactions:Empirical Analysis of eBay’s Reputation System, NBER Workshop on Empirical Studies of Electronic Commerce, 2000
[36] EDonkey website. http://www.edonkey2000.com
[37] Albrecht K. Ruedi AR. CliPPee: A large-seale client/Peer system. Teehnical Report, TR-410, Swiss Federal Institute of Teehnology, 2003
[38] Sig2dat specification. 2002. http://www.geoeities.eom/vlaibb
[39] Kamver SD, Schlosser MT. EigenRep: Reputation management in P2P networks. In: Lawrence S, ed. Proc. Of the 12th internet World Wide Web Conf. Budapest: ACM press, 2003, 123-134
[40] Sepandar D, Kamvar, Mario T. Schlosser and Hector GarciaMolina. The EigenTrust Algorithm for Reputation Management in P2P Networks, 1999, 22- 36
[41] Merkle R. Protocols for public key cryptosystems. Proceedings of the IEEE Symposium Research in Security and Privacy, 1980, 122-134
[42]马雁云,陈春玲. P2P系统中几种重要的信任模型的分析.广东通信技术, 2007, 8: 24-27
[43]窦文,王怀民,贾焰等.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报, 2004, 14 (4): 471-483
[44] Li Xiong, Ling Liu. PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering, 2004, 35(7): 843-847
[45] Dou W, Wang HM, Jia Y, etal. Arecommendation-based peer-to-peer trust model. Journal of Software, 2004, 14(4): 471-483
[46]徐芳,一种基于域的P2P环境下的信任模型研究: [华中师范大学硕士学位论文], 2008
[47] Terry D, Goldberg, Nichols D, etal. Continuous queries over Append-only databases. Proceedings of ACM SIGMOD Conference. San Diego. USA, Jun, 1992, 321-330
[48]田慧蓉. P2P网络信任模型与激励机制的研究: [北京邮电大学博士学位论文], 2005
[49]刘浩,张连明,彭利民.基于分层代理的P2P网络信誉管理模型.计算机工程, 2009, 34(18): 143-144
[50]王杨,王朝斌,王汝传.一种基于对等组的新型P2P敏捷信任模型.计算机工程, 2007, 33(17): 117-119
[51]袁巍,李津生,洪佩琳.一种P2P网络分布式信任模型及仿真.系统仿真学报, 2005, 18(4): 938-942