Abstract:
|
Several alternative schemes have been presented
in the literature to try to solve the users’ admission
problem in P2P systems when it is not possible to
include a logically centralized authority (either online
or offline) in the system. However,most of them are not
suitable for on-the-fly P2P systems and the most typical
ones (IP based, shared secret and threshold cryptography)
have several security and performance drawbacks.
From the deficiencies of the existing schemes, in this paper
we present a new decentralized certification scheme
for on-the-fly P2P systems which is based on the recently
published Internet Attribute Certificate Profile
for Authorization. Our proposal greatly improves the
security and flexibility of IP based and shared secret
D. Suárez Touceda (B)
Evalues - IT Security Evaluation, Parque Leganés
Tecnológico, Avda. Gregorio Peces Barba 1,
28918 Leganés (Madrid), Spain
e-mail: diego.suarez@uc3m.es
J. M. Sierra Cámara
Computer Science Department, Universidad Carlos III
de Madrid, Avda. de la Universidad 30,
28911 Leganés (Madrid), Spain
e-mail: sierra@inf.uc3m.es
M. Soriano
Department of Telematics Engineering,
Universitat Politècnica de Catalunya (UPC),
08034 Barcelona, Spain
e-mail: soriano@entel.upc.edu
M. Soriano
Centre Tecnolgic de Telecomunicacions de Catalunya
(CTTC), 08860 Castelldefels (Barcelona), Spain
schemes with no infrastructure cost and with a minimal
performance charge. Also, it achieves a similar level
of security than threshold cryptography while highly
reducing its computational and communicational cost.
All these facts position our certification proposal as a
users’ admission alternative for on-the-fly P2P systems
in non very hostile environments where performance
and security are key factors. |