Attribute-based authorization for structured Peer-to-Peer (P2P) networks

We present the deficiencies of traditional identity-based authorization models in structured Peer-to-Peer (P2P) networks where users' Public Key Certificates (PKCs) represent two roles, authentication and authorization, and the access to the network resources is controlled by Access Control Lis...

Descripción completa

Detalles Bibliográficos
Autores: Suarez Touzeda, Diego, Sierra Camara, Jose Maria, Zeadally, Sherali, Soriano Ibáñez, Miguel|||0000-0003-0457-8531
Tipo de recurso: artículo
Fecha de publicación:2015
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/81907
Acceso en línea:https://hdl.handle.net/2117/81907
https://dx.doi.org/10.1016/j.csi.2015.04.007
Access Level:acceso abierto
Palabra clave:Peer-to-peer architecture (Computer networks)
Computer security
Authorization
P2P security
Attribute certificates
Systems
Xarxes punt a punt (Xarxes d'ordinadors)
Seguretat informàtica
Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
id ES_c6f2f9eda43f07e1cd1e6439745ebdd9
oai_identifier_str oai:upcommons.upc.edu:2117/81907
network_acronym_str ES
network_name_str España
repository_id_str
spelling Attribute-based authorization for structured Peer-to-Peer (P2P) networksSuarez Touzeda, DiegoSierra Camara, Jose MariaZeadally, SheraliSoriano Ibáñez, Miguel|||0000-0003-0457-8531Peer-to-peer architecture (Computer networks)Computer securityAuthorizationP2P securityAttribute certificatesSystemsXarxes punt a punt (Xarxes d'ordinadors)Seguretat informàticaÀrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadorsÀrees temàtiques de la UPC::Informàtica::Seguretat informàticaWe present the deficiencies of traditional identity-based authorization models in structured Peer-to-Peer (P2P) networks where users' Public Key Certificates (PKCs) represent two roles, authentication and authorization, and the access to the network resources is controlled by Access Control Lists (ACLs). With these deficiencies in mind, we propose a complete new framework for authorization in structured P2P networks based on Attribute Certificates (ACs) and a fully distributed certificate revocation system. We argue that the proposed framework yields a more flexible and secure authorization scheme for structured P2P networks while improving the efficiency of the assignment of privileges.Peer ReviewedElsevier20152015-11-0120162016-01-22journal articlehttp://purl.org/coar/resource_type/c_6501AMhttp://purl.org/coar/version/c_ab4af688f83e57aainfo:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/2117/81907https://dx.doi.org/10.1016/j.csi.2015.04.007reponame:UPCommons. Portal del coneixement obert de la UPCinstname:Universitat Politècnica de Catalunya (UPC)Inglésengopen accesshttp://purl.org/coar/access_right/c_abf2http://creativecommons.org/licenses/by-nc-nd/3.0/es/info:eu-repo/semantics/openAccessoai:upcommons.upc.edu:2117/819072026-05-27T15:37:01Z
dc.title.none.fl_str_mv Attribute-based authorization for structured Peer-to-Peer (P2P) networks
title Attribute-based authorization for structured Peer-to-Peer (P2P) networks
spellingShingle Attribute-based authorization for structured Peer-to-Peer (P2P) networks
Suarez Touzeda, Diego
Peer-to-peer architecture (Computer networks)
Computer security
Authorization
P2P security
Attribute certificates
Systems
Xarxes punt a punt (Xarxes d'ordinadors)
Seguretat informàtica
Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
title_short Attribute-based authorization for structured Peer-to-Peer (P2P) networks
title_full Attribute-based authorization for structured Peer-to-Peer (P2P) networks
title_fullStr Attribute-based authorization for structured Peer-to-Peer (P2P) networks
title_full_unstemmed Attribute-based authorization for structured Peer-to-Peer (P2P) networks
title_sort Attribute-based authorization for structured Peer-to-Peer (P2P) networks
dc.creator.none.fl_str_mv Suarez Touzeda, Diego
Sierra Camara, Jose Maria
Zeadally, Sherali
Soriano Ibáñez, Miguel|||0000-0003-0457-8531
author Suarez Touzeda, Diego
author_facet Suarez Touzeda, Diego
Sierra Camara, Jose Maria
Zeadally, Sherali
Soriano Ibáñez, Miguel|||0000-0003-0457-8531
author_role author
author2 Sierra Camara, Jose Maria
Zeadally, Sherali
Soriano Ibáñez, Miguel|||0000-0003-0457-8531
author2_role author
author
author
dc.subject.none.fl_str_mv Peer-to-peer architecture (Computer networks)
Computer security
Authorization
P2P security
Attribute certificates
Systems
Xarxes punt a punt (Xarxes d'ordinadors)
Seguretat informàtica
Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
topic Peer-to-peer architecture (Computer networks)
Computer security
Authorization
P2P security
Attribute certificates
Systems
Xarxes punt a punt (Xarxes d'ordinadors)
Seguretat informàtica
Àrees temàtiques de la UPC::Enginyeria de la telecomunicació::Telemàtica i xarxes d'ordinadors
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
description We present the deficiencies of traditional identity-based authorization models in structured Peer-to-Peer (P2P) networks where users' Public Key Certificates (PKCs) represent two roles, authentication and authorization, and the access to the network resources is controlled by Access Control Lists (ACLs). With these deficiencies in mind, we propose a complete new framework for authorization in structured P2P networks based on Attribute Certificates (ACs) and a fully distributed certificate revocation system. We argue that the proposed framework yields a more flexible and secure authorization scheme for structured P2P networks while improving the efficiency of the assignment of privileges.
publishDate 2015
dc.date.none.fl_str_mv 2015
2015-11-01
2016
2016-01-22
dc.type.none.fl_str_mv journal article
http://purl.org/coar/resource_type/c_6501
AM
http://purl.org/coar/version/c_ab4af688f83e57aa
dc.type.openaire.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv https://hdl.handle.net/2117/81907
https://dx.doi.org/10.1016/j.csi.2015.04.007
url https://hdl.handle.net/2117/81907
https://dx.doi.org/10.1016/j.csi.2015.04.007
dc.language.none.fl_str_mv Inglés
eng
language_invalid_str_mv Inglés
language eng
dc.rights.none.fl_str_mv open access
http://purl.org/coar/access_right/c_abf2

http://creativecommons.org/licenses/by-nc-nd/3.0/es/
dc.rights.openaire.fl_str_mv info:eu-repo/semantics/openAccess
rights_invalid_str_mv open access
http://purl.org/coar/access_right/c_abf2

http://creativecommons.org/licenses/by-nc-nd/3.0/es/
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:UPCommons. Portal del coneixement obert de la UPC
instname:Universitat Politècnica de Catalunya (UPC)
instname_str Universitat Politècnica de Catalunya (UPC)
reponame_str UPCommons. Portal del coneixement obert de la UPC
collection UPCommons. Portal del coneixement obert de la UPC
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869419115830050816
score 15.300719