Questo sito utilizza cookie di terze parti per inviarti pubblicità in linea con le tue preferenze. Se vuoi saperne di più clicca QUI 
Chiudendo questo banner, scorrendo questa pagina, cliccando su un link o proseguendo la navigazione in altra maniera, acconsenti all'uso dei cookie. OK

Security in peer-to-peer multimedia communications

Peer-to-peer (P2P) architectures became very popular in the last years as a consequence of the great variety of services they can provide. When they were born, they were mainly deployed as a simple, decentralized and scalable way to exchange files, but they have now become very popular also for a lot of different services, exploiting the possibility of sharing bandwidth, computing power, storage capacity and other resources between peers.
Among the possible uses such an architecture can be deployed for, an emerging field of study is the application of P2P technologies to VoIP communication scenarios in order to overcome some of the current issues centralized SIP-based platforms suffer of.
Unfortunately, security issues in P2P networks are still an open field of investigation both because of the recent development of such a platform and for the inherent risks of a distributed environment itself.
This thesis is meant to investigate the security issues and the possible solutions in order to setup a secure P2P communication. The research was conducted into two directions:
• Security issues at routing level;
• Security issues at application level.
They represent the two steps of a possible communication scenario: first of all, one must find in a secure way the location of the callee (maybe stored in a peer-to-peer network), this is a problem of secure lookup; then one must ensure that theperson he is going to talk with is really who he wanted and that the communicationitself is secret and cannot be tampered, these are problems of authentication and confidentiality.
As regards the first point, we studied several possible attacks to structured and unstructured peer-to-peer networks particularly focalizing onto the disruptive Sybil attack from which many other attacks can be derived. After an analysis of the possible countermeasures presented over the years, we focalized onto the Kademlia algorithm, one of the most used in the world, studying through simulations the degradation of performances in presence of malicious nodes. We also studied trust and reputation countermeasures and tried to apply them to a Kademlia-based network operating in an environment where there is a growing number of malicious nodes.
For the second point, first of all we studied current key agreement protocols focusing on the number of messages and trying to find out possible drawbacks even in widely accepted protocols and algorithms. In a second time we proposed a new key agreement protocol based upon MIKEY and ZRTP integrating them into the standard SIP invite procedure. An analysis of the proposed protocol is also provided.
On this basis we got further, adding also certificate-based authentication to our model and a way to manage in a P2P way certificates and signatures. Finally we also provided an architecture where certificates are stored in a P2P network itself with the use of a DHT.

Mostra/Nascondi contenuto.
Chapter 1 Peer-to-peer Networks Working as peers is better than always serving a client – Riccardo Pecori A P2P communication structure is made of multiple autonomous devices that interact as equals acting both as client and server, so there is no a centralized server or at least its usage is limited. A P2P network is a quite complex system that represents a synthesis of several technological components, and one of them is the overlay network, that is a subgroup of the network composed by hosts running the same P2P client software. This virtual network overlaps the underlying network (e.g.: the Internet) with its own logical con- nections between nodes, maybe physically very far in the real world (see Figure 1.1). The logical links map onto maybe several physical links of a transport network. P2P networks can be not structured or structured. In the first case arbitrary logical links exist among peers that can be all involved in sharing operations; in the latter case each node in the P2P network has its own identifier and connections according to a specific, firm algorithm that renders storage and retrieval operations simpler and faster. In the history at least four [4] generations of P2P networks have been developed:

Tesi di Dottorato

Dipartimento: Dipartimento di Ingegneria dell'Informazione

Autore: Riccardo Pecori Contatta »

Composta da 90 pagine.

 

Questa tesi ha raggiunto 64 click dal 18/06/2012.

Disponibile in PDF, la consultazione è esclusivamente in formato digitale.