Architecting trust-enabled peer-to-peer file-sharing applications
Decentralized peer-to-peer (P2P) resource sharing applications lack a centralized authority that can facilitate peer and resource look-ups and coordinate resource sharing between peers. Instead, peers directly interact and exchange resources with other peers. These systems are often open and do not regulate the entry of peers into the system. Thus, there can be malicious peers in the system who threaten others by offering Trojan horses and viruses disguised as seemingly innocent resources. Several trust-based solutions exist to address such threats; unfortunately there is a lack of design guidance on how these solutions can be integrated into a resource sharing application. In this paper, we describe how two teams of undergraduate students separately integrated XREP, a third-party reputation-based protocol for file-sharing applications, with PACE, our software architecture-based approach for decentralized trust management. This was done in order to construct trust-enabled P2P file-sharing application prototypes. Our observations have revealed that using an architecture-based approach in incorporating trust into P2P resource-sharing applications is not only feasible, but also significantly beneficial. Our efforts also demonstrate both the ease of adoption and ease of use of the PACE-based approach in constructing such trust-enabled decentralized applications.
By Girish Suryanarayana, Mamadou H. Diallo, Justin R. Erenkrantz, Richard N. Taylor, August 2006