International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 6, November December 2013 ISSN 2278-6856

Discussion of Trust Model in Peer to Peer Systems (P2P): A Review of Security in P2P
Shraddha Shirke1 and Ravi Chaure2
1,2

University of Pune, P. k. technical campus, Chakan, Pune, India

Abstract: Now days, the communications and computing

environments are more chaotic and complex as compared to traditional distributed systems or hierarchical systems or centralized systems on the World Wide Web. Therefore emerging peer to peer (P2P networks overlays are becoming more and more interested to use. This kind of networks provides the better substrate for big data sharing, multicast applications as well as content distribution. However such system needs to have trust management for security purpose. In P2P system, the mechanism of trust management is used for detection of malicious behaviors as well as to secure the cooperative and honest interactions. In this paper we are presenting the survey over trust management in P2P systems. Initially we are discussing about the computational model which shows the relationships based on reputation and trust. We are discussing the trust model which is used for the peer to peer structured large scale systems. This defines the trust model completely and discussing their schemes used for it.

Keywords: Peer to Peer System, Trust model, Distributed systems, centralized system, and networks overlay malicious attack, reputation based, trust based.

entity is entitled to access and is based on techniques including encryption, data hiding, digital signatures, authentication protocols, & the access control methods, and (b) behavior trust [2] which deals with a wider notion of an entitys trustworthiness. A malicious web server could accept to host Web document replicas but deliver modified versions to the user or refuse requests directed to these replicas. A digitally signed certificate does not convey if the issuer is an industrial spy and a digitally signed code does not convey if the code is written by competent programmers [1]. In this review paper we are discussing the survey of Peer to Peer systems, their trust management taxonomy. In section two we are discussing the different categories of trust management P2P. In section three we are discussing the relationships based reputation and trust. Finally in section four we are presenting review of reputation-based trust management for P2P [3].

2. LITERATURE REVIEW
Credential and policy based on trust management, trust management based on reputation, and social networkbased trust management: establishing trust relationships between peers, and to evaluate the approach adopted is based on trust management in P2P system 3 Categories can be classified as shown in Figure 1 [4].

1. INTRODUCTION
The concept of network computing (NC) is nothing but set of interconnected domains interacting in a peer-to peer fashion. One goal of such systems is to encourage domain-to-domain interactions and increase the confidence of the domains to share their resources (a) without losing control over their own resources, and (b) ensure confidentiality for other domains. Sharing resources across institutional boundaries creates several issues related to quality of service (QoS) and trust. Handling these issues is complicated in NC systems due to distributed ownership, site autonomy, resource provider heterogeneity, and diverse resource clients. An entity that is part of a large scale NC system will have the privilege of using pools of resources that would not be available to it otherwise [1]. Unfortunately, the idea of having a virtual network structure because the "sharing" of resources, or services associated with the perception of risk does not appeal to some institutions [15]. Because of the sensitivity and vitality of data or information, such institutions in its "closed box" prefer to use the resources. The individual institutions but also an inefficient way to use resources is not just expensive [1]. Organizations are primarily concerned with trust related to NC environment. There are different types of trust an organization might be concerned about: (a) identity trust which focuses on verifying the authenticity of an entity and determining the authorizations that the Volume 2, Issue 6 November December 2013

Fig.1 Trust management taxonomy 2.1 Policy-based Trust Management Systems: In credential and policy-based trust management systems, peers use credential verification to establish a trust relationship with other peers [5], [6. Since the primary goal of such systems is to enable access control, their concept of trust management is limited to verifying credentials and restricting access to resource according to application-defined policies [7]. A policy maker network application is including privacy and authenticity to a variety of safety features to facilitate developing a trust management system. To specify your policies with local control provides each peer: peer to peer request providing the credibility of policies [5]. The policy-based access control mechanisms do not involve trust is satisfied that can determine if policymaker using a peer-to-peer for his service can provide access to another because they own all Page 184

International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 6, November December 2013 ISSN 2278-6856
decentralized applications do not provide a complete generic trust management solution, to establish trust in the peer resource owner needs. 2.2 Reputation-based Trust Management Systems: Trust management mutual trust allows installing any system. Prestige agents pre-negotiated is derived from direct or indirect knowledge on, and it puts another agent an agent trust levels is used to reach a solution. This is based on trust management trust management reputation in a specific form. On the other hand reputation based on trust management systems a resource request peer resources and provide resources to evaluate the confidence in the reliability of peer may provide a mechanism by which. Cornelli et al. [8] proposed an approach to share information about peers reputation based on the distributed polling algorithm. A node looking for information broadcasts a query and receives back Query Hits. It then chooses some results and asks its peers to vote on the reputation of the nodes that sent it Query Hits. Once votes are received a node contacts voters directly asking to confirm a validity of vote. The data is retrieved from the peer with highest reputation. Abdul-Rahman et al. proposed a decentralized approach to trust management and a recommendation protocol to compute trust related information. Each unit has its own trust database connection. They (trust factor) are different categories of belief (one aspect) recommendations and the direct use values of trust belief scale of values . To obtain a recommendation, recommendation request for a unit sends his trusted recommenders. Different paths (from the requester to the target unit) collected and the results are averaged. Recommenders recommender trust value of each path is calculated based on the recommended values and beliefs. NICE [9] is a platform for implementing cooperative applications over the Internet. This is a purely decentralized fashion and the benefits of each peer stores data and control functions. Remote access to resources in exchange for barter best applications based on local resources. Resource advertising and location, secure bartering and trading resources, and deliver confidence rating: Good offers three main services. Faith -based and faith -based trading limit pricing: Good cooperative groups to protect the integrity of the system uses two trusts. Nice view of the main contributions of groups of malicious peers as is the ability to separate the good fellows. 2.3 Social Network-based Trust Management Systems: Social network-based trust management systems utilize social relationships between peers when computing trust and reputation values. In particular, these systems form conclusions about peers through analyzing a social network that represents the relationships within a community. Marsh can be used in the field of computer science is a formal treatment of faith to try to give back [10]. Several limitations exist in their simple trust model: also makes strong social foundation model rather than complex and cannot be easily applied, due to the Volume 2, Issue 6 November December 2013 collective agents are a network of model cannot be created on the agent's own experiences. Another example of trust management systems include Regret [10] that identifies groups with use of social network, and Node Ranking [11] that identifies experts using the social network.

3.2 REVIEW MODEL

OF

COMPUTATIONAL

During the section we will discuss the relationships based reputation and trust, as well as introduce a computational model based on sociological and biological understanding of trust management. 3.1 Understanding Trust & Reputation: After reviewing several important studies on trust management, reputation and trust have been found to provide useful intuition or services for many systems [12]. It is also proved that reputation-based system (e.g. the feedback rating system used in eBay) does encourage transactions [13]. However, all of these studies model neither how reputation is built nor how trust is derived from reputation. When facing social dilemmas, trustworthy individuals tend to trust others with a reputation for being trustworthy and shun those deemed less so. It is always the case in real world where everyone in a society might not learn the same norms in all situations. Model introduced in this section are expected to norms of reciprocity, which is built on an environment. The intuition behind this model is a qualitative behavioral model of collective action is proposed, the American political society, the president's speech Ostroms 1998 [14] is motivated. Air India's reputation for being cooperative agents AJ evaluating Consider the following scenario. AJ defined as the set of all agents embedded social network asks for this evaluation. In this way, an agent Ais reputation is being evaluated relative to a particular embedded social network. In addition to simplicity, we embedded social networks such is taken to be constant (i.e., no new agents are expected to join or leave) and the action to be restricted to the space {cooperate, deafest} defect Cooperation values. Figure 2 shows the reinforcing relationships among the three highly related concepts: reciprocity, trust & reputation. The direction of arrow indicates the direction of influence among the variables.

Fig.2 Simple relationship model An embedded social network together to increase agent AJ increase AJ prestige should increase the confidence of other agents, and increase the confidence of the AI AJ also AJ to take action to increase the likelihood that ai will reciprocate positively, because of an increase in Its reputation for others AJ should be extended also to exchange operations. Page 185

International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 6, November December 2013 ISSN 2278-6856
3.2 Computation Model: Reciprocity (such as side or revenge) mutual exchange of deeds is defined as two types of reciprocity is considered in this model. Indirect Reciprocity refers to the exchange between the two concerned agents, direct reciprocity refers to the exchange between the two concerned agents intercede between agents by arbitration [16]. The model of an agent about its intentions and norms creates through past actions that define reputation as perception. Mathematically, jib (c) a context of concern for the AJ c embedded in social networks represent the reputation of AI. It adds value when AI AJ embedded in different social networks difference is subjective to every other agent. Such jib (c) is the possibility that the actions of a measure AJ reciprocates. In this model, an agent about a history of their encounters is based on future behavior defined as a subjective expectation. Thus to evaluate the reliability of the AI, DJI (c) reflects the history of the AJ encounters reference c within AI. In addition, we believe that a concerned two agents in Dyadic encounters was calculated on the basis of a subjective volume should take note. That's why we (c) can trust model using e = [jib (c) | DJI (c)]. AI agent AJ must expect more action exchange, agent AI trust level. With this scenario we describe in detail the computational model: Consider two agents A and B, and C within a specific context they care about each other, the value of the action. In this scenario, we always perform tasks to exchange cooperative actions "cooperation" and that the agent has an estimated value of b is the trend. We're assuming this position, used for marking: ab: bs reputation in the eyes of a Xab (i): The ith operate between a and b X ab ( i ) = { 1 if bs action is cooperative 0 otherwise n. Assuming that each encounters cooperation probability is independent of other encounters between a and b, the likelihood of p cooperations and (n-p) defections can be modeled as L (Dab | ) =p (1-) n-p . Combining the prior and the likelihood, the posterior estimate for ) becomes: p ( |D) = Beta (c1+p, c2+n-p). As we mentioned previously, trust toward b from a is the conditional expectation of reputation so it can be computed by

4. REVIEW OF REPUTATION-BASED TRUST MANAGEMENT

In this section we are taking the review two management models which are based on reputation such as DMRep and EigenRep. Both this systems are decentralized approach for P2P systems. 4.1 DMRep: This is method which solves the problem of reputation-based trust management at both the data management and the semantic level. This approach assumes that the probability of cheating within a society is comparably low, and thus it becomes more difficult to hide malicious behavior. Similarly to the computational model in the previous section, this approach can be interpreted as a simple method of data mining using statistical data analysis of former tractions. It is based on analyzing earlier transaction of peers and deriving from that the reputation of peer. The data wanted for performing analysis is provided by a decentralized storage. 4.2 EigenRep: This is another method for peer to peer transactions between just the two partners can rely on. For example, it is an authentic J -peer file downloads successfully if I can have positive views on peer to peer j. On the other hand, if you have a negative thought, it is inauthentic file downloads, or fails to download. - This way , Eigen Harp a local reputation value I ( i , j ) IJ = unset ( i , j ) where peer j sat , was downloaded from peer ratings of individual transactions sij defines as the amount of . Here, (i, j) satisfying number of transactions I have had with peer to peer J represents the seat. Unset (i, j) represents the number of Unsatisfactory transactions. In this way, a peer to peer evaluates other than their own experience. This experience is not a peer; the peer should evaluate one another? It is unknown who may be familiar with peers from other peers should be evaluated. This way, your experience with other partners share. EigenRep system overhead message, at least in terms of traffic management with a reputation values and provides an effective method to use. Local reputation values are based on a reputation system [17]. The number of transactions may result in large changes in the local reputation values, which may vary considerably in different cohorts. Consequently, the peer before sharing them would be better for reputation to normal values.

Dab: History. The set of n previous encounters between a and b Dab = {Xab (1), Xab (2), Xab (n)} Let p be the cooperative actions by agent b towards a in the n previous encounters, bs reputation ab could be modeled by a simple proportion function of p cooperative actions over n encounters. A proportion random variable can be modeled as a Beta distribution: P () = Beta (c1, c2) where represents an estimator for . If agents a and b is complete strangers, when they meet, their estimate for each others reputation is assumed to be uniformly distributed across the reputations domain: 1, 0 < < 1 p( ) = { 0 otherwise In this section, the beta deviation will be uniform when c1=c2=1. Now we have a simple estimator for ab which is the proportion of cooperation in n finite encounters: (ab) =p/ Volume 2, Issue 6 November December 2013

Page 186

International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)

Web Site: www.ijettcs.org Email: editor@ijettcs.org, editorijettcs@gmail.com Volume 2, Issue 6, November December 2013 ISSN 2278-6856
4.3 EigenRep Drawbacks: 1. malicious peers can still cheat in the community. A colleague AI and BI reports directly to his mother as his AI and BI can report other malicious peers. So still they can collaborate to cheat. EigenRep find a solution to this problem. 2. The flexibility of calculating global reputation value. Peers frequently join and leave the P2P system, and they can also be off line for a long time. EigenRep does not provide a solution to handle this. 3. Update the value of global reputation. After a certain time, some local reputation values of peers during this time can change a lot due to transactions. In this case the global reputation values to recalculate required. Recounting what needs to be done or how to determine? 4. Anonymous: but a peer can calculate many other partners since, get this message discriminates reputation? This is the message which we do not know for peer reputation. To solve this, is to know the identity of his daughters mother peer. As a result, loses anonymity. [7] T. Grandison, M. Sloman (2000). "A Survey of Trust in Internet Applications", IEEE Communications Surveys 3(4). [8] K. Aberer, Z. Despotovic (2001) Managing Trust in a Peer-2-Peer Information System, In Proc. of the IX International Conference on Information and Knowledge Management, Atlanta, Georgia. [9] S. Lee, R. Sherwood (2003). Cooperative peer groups in NICE, IEEE Infocom, San Francisco, USA. [10] J. Sabater, C. Sierra, (2002). Reputation and social network analysis in multi-agent systems, First International Joint Conference on Autonomous Agents and Multi-Agent Systems, Bologna, Italy. [11] J. Pujol, R. Sanguesa (2002). Extracting reputation in multi agent systems by means of social network topology, First International Joint Conference on Autonomous Agents and Multi-Agent Systems, Bologna, Italy. [12] J. Rouchier, M. OConnor, F. Bousquet (2001) The Creation of a Reputation in an Artificial Society Organized by a Gift System, Journal of Artificial Societies and Social Simulations, 4(2). [13] P. Resnick, R. Zeckhauser (2000b) Trust among Strangers in Internet Transactions: Empirical Analysis of eBays Reputation System, Working paper for the NBER Workshop on Empirical Studies of Electronic commerce. [14] E. Ostrom (1998) A behavioral Approach to the Rational-Choice Theory of Collective Action, American Political Science Review, 92(1), pp. 1-22. [15] A. Rowstron and P. Druschel, Pastry: Scalable, Distributed Object Location and Routing for Largescale Peer-to-peer Systems, Proc. Middleware, 2001. [16] S. Ratnasamy et al., A Scalable Content Addressable Network, Proc. ACM SIGCOMM, 2001, pp. 16172. [17] I. Stoica, R. Morris et al., Chord: A Scalable Peerto-Peer Lookup Protocol for Internet Applications, IEEE/ACM Trans. Net., vol. 11, no. 1, 2003, pp. 17 32. AUTHOR
Shraddha Shirke received the B.E. degree in Computer Engineering from University of Pune in Cummins College of Engineering for women. During 2009-2012 and pursuing M.E. degrees in Computer Engineering from University of Pune in P. K. Technical Campus.

5. CONCLUSION
During this paper we have focused on discussion and review of trust management models in P2P systems. We have discussed the two mechanisms such as DMRep and EigenRep with their basic functionalities. For the P2P systems, it is always necessary to detect the attacks like malicious users as well as insecure resources prior to start download in P2P. In the survey we have discussed the different types of trust management models such as reputation based, policy based and social network based trust management models. This is the review study of our research in future we are presenting the improved mechanism of securing the P2P system.

References
[1] A. Abdul-Rahman and S. Hailes, Supporting trust in virtual communities, Hawaii Intl Conference on System Sciences, Jan. 2000. [2] F. Azzedin and M. Maheswaran, Integrating trust into Grid resource management systems, 2002 International Conference on Parallel Processing (ICPP 02), Aug. 2002, pp. 4754. [3] R. Chen and W. Yeager, Poblano: A distributed trust model for peer-to-peer networks. htpp:security.jxta.org, 2001. [4] G. Suryanarayana, R. N. Taylor (2004) A Survey of Trust Management and Resource Discovery Technologies in Peer-to-Peer Applications, ISR Technical Report # UCI-ISR-04-6. [5] M. Blaze, J.Feigenbaum (1996). Decentralized Trust Management, IEEE Symposium on Security and Privacy. [6] L. Kagal, S. Cost (2001). A framework for distributed trust Management, Second Workshop on Norms and Institutions in MAS, Autonomous Agents. Volume 2, Issue 6 November December 2013

Ravi Chaure assistant professor P. K. Technical Campus, Chakan, Pune.

Page 187