Securing your p2p network

The routing primitives implemented by current structured p2p overlays provide a besteffortservice to deliver a message to a replica root associated with a given key. Asdiscussed above, a malicious overlay node has ample opportunities to corrupt overlaylevelcommunication. Therefore, these primitives are not sufficient to construct secureapplications. For example, when inserting an object, an application cannot ensure thatthe replicas are placed on legitimate, diverse replica roots as opposed to faulty nodesthat impersonate replica roots. Even if applications use cryptographic methods to authenticateobjects, malicious nodes may still corrupt, delete, deny access to or supplystale copies of all replicas of an object.To address this problem, we must create a secure routing primitive. The secure routingprimitive ensures that when a non-faulty node sends a message to a key k, themessage reaches all non-faulty members in the set of replica roots Rk with very highprobability. Rk is defined as the set of nodes that contains, for each member of the setof replica keys associated with k, a live root node that is responsible for that replica key.In Pastry, for instance, Rk is simply a set of live nodes with nodeIds numerically closestto the key. Secure routing ensures that  the message is eventually delivered, despitenodes that may corrupt, drop or misroute the message; and  the message is deliveredto all legitimate replica roots for the key, despite nodes that may attempt to impersonatea replica root.Secure routing can be combined with existing security techniques to safely maintainstate in a structured p2p overlay. For instance, self-certifying data can be stored on thereplica roots, or a Byzantine-fault-tolerant replication algorithm be used tomaintain the replicated state. Secure routing guarantees that the replicas are initiallyplaced on legitimate replica roots, and that a lookup message reaches a replica if oneexists. Similarly, secure routing can be used to build other secure services, such asmaintaining file metadata and user quotas in a distributed storage utility. The details ofsuch services are beyond the scope of this paper.Implementing the secure routing primitive requires the solution of three problems:securely assigning nodeIds to nodes, securely maintaining the routing tables, and securelyforwarding messages. Secure nodeId assignment ensures that an attacker cannotchoose the value of nodeIds assigned to the nodes that the attacker controls. Withoutit, the attacker could arrange to control all replicas of a given object, or to mediate alltraffic to and from a victim node.Secure routing table maintenance ensures that the fraction of faulty nodes that appearin the routing tables of correct nodes does not exceed, on average, the fraction offaulty nodes in the entire overlay.Without it, an attacker could prevent correct messagedelivery, given only a relatively small number of faulty nodes. Finally, secure messageforwarding ensures that at least one copy of a message sent to a key reaches each correct

Related posts:

1. Analyzing the potential effectiveness of these algorithms for intrusion detection
2. FBI infrastructure: Less secure than your corporate network
3. Network security concern
4. Securing your brand new computer
5. Digital signatures
6. How to fix noisy computer

Related posts brought to you by Yet Another Related Posts Plugin.