Object-based Information Flow Control in Peer-to-peer Publish/Subscribe Systems

Distributed systems are getting so scalable like IoT (Internet of Things) and P2P (Peer-to-Peer) systems that millions of devices are connected and support various types of applications. Here, distributed systems are required to be secure in addition to increasing the performance, reliability, and availability and reducing the energy consumption. In distributed systems, information in objects flows to other objects by transactions reading and writing data in the objects. Here, some information of an object may illegally flow to a subject which is not allowed to get the information of the object. Especially, a leakage of sensitive information is to be prevented from occurring. In order to keep information systems secure, illegal information flow among objects has to be prevented. Types of synchronization protocols are so far discussed based on read and write access rights in the RBAC (Role-Based Access Control) model to prevent illegal information flow.In this thesis, we newly propose a P2PPSO (P2P type of topic-based PS (Publish/Subscribe) with Object concept) model and discuss the models and protocols for information flow control. A P2PPSO model is composed of peer processes (peers) which communicate with one another by publishing and subscribing event messages. Each peer can both publish and receive event messages with no centralized coordinator compared with traditional centralized PS models. Each event message published by a source peer carries information to a target peer. The contents carried by an event message are considered to be composed of objects. An object is a unit of data resource. Objects are characterized by topics, and each event message is also characterized by topics named publication topics.In order to make a P2PPSO system secure, we first newly propose a TBAC (Topic-Based Access Control) model. Here, an access right is a pair ⟨t, op⟩ of a topic t and a publish or subscribe operation op. A peer is allowed to publish an event message with publication topics and subscribe interesting topics only if the publication and subscription access rights are granted to the peer, respectively. Suppose an event message e_j published by a peer p_j carries an object on some topics into a target peer p_i. Here, information in the peer p_j illegally flows to the peer p_i if the target peer p_i is not allowed to subscribe the topics. An illegal object is an object whose topics a target peer is not allowed to subscribe. Even if an event message is received by a target peer by checking topics, objects carried by the event message may be illegal at the target peer. Hence, first, we propose a TOBS (Topics-of-Objects-Based Synchronization) protocol to prevent target peers from being delivered illegal objects in the P2PPSO system. Here, even if an event message is received by a target peer, illegal objects in the event message are not delivered to the target peer.In the TOBS protocol, every event message is assumed to be causally delivered to every common target peer in the underlying network. Suppose an event message e_2 is delivered to a target peer p_i before another event message e_1 while the event message e_1 causally precedes the event message e_2 (e_1 →_c e_2). Here, the event message e_2 is premature at the peer p_i. Hence, secondly, we propose a TOBSCO (TOBS with Causally Ordering delivery) protocol where the function to causally deliver every pair of event messages is added to the TOBS protocol. Here, we assume the underlying network supports reliable communication among every pair of peers, i.e. no event message loss, no duplicate message, and the sending order delivery of messages. Every pair of event messages received by using topics are causally delivered to every common target peer by using the vector of sequence numbers.In the TOBS and TOBSCO protocols, objects delivered to target peers are held as replicas of the objects by the target peers. If a peer updates data of an object, the peer distributes event messages, i.e. update event messages, to update every replica of the object obtained by other peers. If a peer updates an object without changing topics, the object is referred to as altered. Here, an update event message for the altered object is meaningless since peers check only topics to exchange event messages. Hence, thirdly, we propose an ETOBSCO (Efficient TOBSCO) protocol where update event messages of objects are published only if topics of the objects are updated to reduce the network overhead.In the evaluation, first, we show how many numbers of event messages and objects are prevented from being delivered to target peers in the TOBS protocol. Next, we show every pair of event messages are causally delivered but it takes longer to deliver event messages in the TOBSCO protocol than the TOBS protocol. Finally, we show the fewer number of event messages are delivered while it takes longer to update replicas of altered objects in the ETOBSCO protocol than the TOBSCO protocol.博士(工学)法政大学 (Hosei University

SEARCH, REPLICATION AND GROUPING FOR UNSTRUCTURED P2P NETWORKS

In my dissertation, I present a suite of protocols that assist in efficient content location and distribution in unstructured Peer-to-Peer overlays. The basis of these schemes is their ability to learn from past interactions, increasing their performance with time. Peer-to-Peer (P2P) networks are gaining increasing attention from both the scientific and the large Internet user community. Popular applications utilizing this new technology offer many attractive features to a growing number of users. P2P systems have two basic functions: Content search and dissemination. Search (or lookup) protocols define how participants locate remotely maintained resources. In data dissemination, users transmit or receive content from single or multiple sites in the network. P2P applications traditionally operate under purely decentralized and highly dynamic environments. Unstructured systems represent a particularly interesting class of P2P networks. Peers form an overlay in an ad-hoc manner, without any guarantees relative to lookup performance or content availability. Resources are locally maintained, while participants have limited knowledge, usually confined to their immediate neighborhood in the overlay. My work aims at providing effective and bandwidth-efficient searching and data sharing. A suite of algorithms which provide peers in unstructured P2P overlays with the state necessary in order to efficiently locate, disseminate and replicate objects is presented. The Adaptive Probabilistic Search (APS) scheme utilizes directed walkers to forward queries on a hop-by-hop basis. Peers store success probabilities for each of their neighbors in order to efficiently route towards object holders. AGNO performs implicit grouping of peers according to the demand incentive and utilizes state maintained by APS in order to route messages from content holders towards interested peers, without requiring any subscription process. Finally, the Adaptive Probabilistic REplication (APRE) scheme expands on the state that AGNO builds in order to replicate content inside query intensive areas according to demand

DOH: A Content Delivery Peer-to-Peer Network

Many SMEs and non-pro¯t organizations su®er when their Web servers become unavailable due to °ash crowd e®ects when their web site becomes popular. One of the solutions to the °ash-crowd problem is to place the web site on a scalable CDN (Content Delivery Network) that replicates the content and distributes the load in order to improve its response time. In this paper, we present our approach to building a scalable Web Hosting environment as a CDN on top of a structured peer-to-peer system of collaborative web-servers integrated to share the load and to improve the overall system performance, scalability, availability and robustness. Unlike clusterbased solutions, it can run on heterogeneous hardware, over geographically dispersed areas. To validate and evaluate our approach, we have developed a system prototype called DOH (DKS Organized Hosting) that is a CDN implemented on top of the DKS (Distributed K-nary Search) structured P2P system with DHT (Distributed Hash table) functionality [9]. The prototype is implemented in Java, using the DKS middleware, the Jetty web-server, and a modi¯ed JavaFTP server. The proposed design of CDN has been evaluated by simulation and by evaluation experiments on the prototype

Enabling Social Applications via Decentralized Social Data Management

An unprecedented information wealth produced by online social networks, further augmented by location/collocation data, is currently fragmented across different proprietary services. Combined, it can accurately represent the social world and enable novel socially-aware applications. We present Prometheus, a socially-aware peer-to-peer service that collects social information from multiple sources into a multigraph managed in a decentralized fashion on user-contributed nodes, and exposes it through an interface implementing non-trivial social inferences while complying with user-defined access policies. Simulations and experiments on PlanetLab with emulated application workloads show the system exhibits good end-to-end response time, low communication overhead and resilience to malicious attacks.Comment: 27 pages, single ACM column, 9 figures, accepted in Special Issue of Foundations of Social Computing, ACM Transactions on Internet Technolog