Log Auditing for Trust Assessment in Peer-to-Peer Collaboration

International audienceIn order to overcome the disadvantages of a central authority, a tendency is to move towards a peer-to-peer collaboration where control over data is given to users who can decide with whom they want to share their private data. In this peer-to-peer collaboration it is very difficult to ensure that after data is shared with other peers, these peers will not misbehave and violate data privacy. In this paper, we propose a mechanism that addresses the issue of data privacy violation by auditing the collaboration logs. In our approach, trust values between users are adjusted according to their previous activities on the shared data. Users share their private data by specifying some obligations the receivers are expected to follow. We log modifications done by users as well as the obligations and use a log-auditing mechanism to detect users who misbehaved. We adjust their associated trust values by using any existing decentralized trust model

A Contract-extended Push-Pull-Clone Model

International audienceIn the push-pull-clone collaborative editing model widely used in distributed version control systems users replicate shared data, modify it and redistribute modified versions of this data without the need of a central authority. However, in this model no usage restriction mechanism is proposed to control what users can do with the data after it has been released to them. In this paper we extended the push-pull-clone model with contracts that express usage restrictions and that are checked a posteriori by users when they receive the modified data. We propose a merging algorithm that deals not only with modifications on data but also with contracts. A log-auditing protocol is used to detect users who do not respect contracts and to adjust user trust levels. Our proposed contract-based model has been implemented and evaluated by using PeerSim simulator

A CONTRACT-EXTENDED PUSH-PULL-CLONE MODEL FOR MULTI-SYNCHRONOUS COLLABORATION

International audienceIn multi-synchronous collaboration users replicate shared data, modify it and redistribute modified versions of this data without the need of a central authority. However, in this model, no usage restriction mechanism was proposed to control what users can do with the data after it has been released to them. In this paper, we extend the multisynchronous collaboration model with contracts that express usage restrictions and that are checked a posteriori by users when they receive the modified data. We propose a merging algorithm that deals not only with changes on data but also with contracts. A log auditing protocol is used to detect users who do not respect contracts and to adjust user trust levels. Our contract-based model was implemented and evaluated by using PeerSim simulator