Location-based Access Control (LBAC) techniques allow taking users' physical location into account when determining their access privileges. In this paper, we present an approach to LBAC aimed at integrating location-based conditions along with a generic access control model, so that a requestor can be granted or denied access by checking her location as well as her credentials. Our LBAC model includes a novel way of taking into account the limitations of the technology used to ascertain the location of the requester. Namely, we describe how location verification can be encapsulated as a service, representing location technologies underlying it in terms of two semantically uniform service level agreement (SLA) parameters called confidence and timeout. Based on these parameters, we present the formal definition of a number of location-based predicates, their management, evaluation, and enforcement. The challenges that such an extension to traditional access control policies inevitably carries are discussed also with reference to detailed examples of LBAC policies.

P2P applications are rapidly gaining acceptance among users of Internet-based services, especially because of their capability of exchanging resources while preserving the anonymity of both requestors and providers. However, concerns have been raised about the possibility that malicious users can exploit the network to spread tampered-with resources (e.g., malicious programs and viruses). A considerable amount of research has then focused on the development of trust and reputation models in P2P networks. In this paper, we propose to use fuzzy techniques in the design of reputation systems based on collecting and aggregating peers ’ opinions. Fuzzy techniques are used in the evaluation and synthesis of all the opinions expressed by peers. The behavior of the proposed system is described by comparison with probabilistic approaches. 1

Grid computing has excited many with the promise of access to huge amounts of resources distributed across the globe. However, there are no largely adopted solutions for automatically assembling grids, and this limits the scale of today's grids. Some argue that this is due to the overwhelming complexity of the proposed economy-based solutions. Peer-to-peer grids have emerged as a less complex alternative. We are currently deploying OurGrid, one such peerto -peer grid. OurGrid is a CPU-sharing grid that targets Bag-of-Tasks applications (i.e. parallel applications whose tasks are independent). In order to ease system deployment, OurGrid is based on a very lightweight autonomous reputation scheme.

We propose a mechanism for providing the incentives for reporting truthful feedback in a peer-to-peer system for exchanging services. This mechanism is to complement reputation mechanisms that employ ratings ’ feedback on the various transactions in order to provide incentives to peers for offering better services to others. Under our approach, both transacting peers (rather than just the client) submit ratings on performance of their mutual transaction. If these are in disagreement, then both transacting peers are punished, since such an occasion is a sign that one of them is lying. The severity of each peer’s punishment is determined by his corresponding non-credibility metric; this is maintained by the mechanism and evolves according to the peer’s record. When under punishment, a peer is not allowed to transact with others. We present the results of a multitude of experiments of dynamically evolving peer-to-peer systems. The results show clearly that our mechanism detects and isolates effectively liar peers, while rendering lying costly. Also, our mechanism diminishes the efficiency losses induced to sincere peers by the presence of large subsets of the population of peers that provide their ratings either falsely or according to various unfair strategies. Finally, we explain how our approach can be implemented in practical cases of peer-to-peer systems. 1.

Alice, a peer in a peer-to-peer (P2P) network can evaluate the reputation of another peer, Bob, either based on her own experiences (with Bob) or based on the evaluation (of Bob) by others (say Carol and David). If Alice uses her own experiences only, she will get cheated atleast once for every malicious peer she identifies. If Alice uses third party experiences (Carol and David), she can reduce the number of times she gets cheated. Besides, Alice will have to verify the third party information receives from other peers. The verification (if at all possible) is likely to be both network and computation intensive. In the propose solution, the reputation holder (Bob) stores its reputation data and protects it from the other peers. The reputation data is stored in a cryptographic chain in order to protect the reputation data from the reputation holder itself. Bob cannot modify the chain because the head and tail of the chain are public information and all recommendations are digitally signed. We show that the proposed solution reduces the number of malicious transaction experienced by a peer (Alice), along with a reduction in network traffic.

In this paper we propose a reputation management framework for large-scale peer-to-peer (P2P) networks, wherein all nodes are assumed to behave selfishly. The proposed framework has several advantages. It enables a form of virtual currency, such that the reputation of nodes is a measure of their wealth. The framework is scalable and provides protection against attacks by malicious nodes. The above features are achieved by developing trusted communities of nodes whose members trust each other and cooperate to deal with the problem of nodes' selfishness and possible maliciousness.

In this paper, we present a feedback-based system for managing trust and detecting malicious behavior in autonomically behaving networks. The two crucial insights that motivate our work are the notion of quality of a trust rating and the recognition as separate entities of the trust placed in a node and of the trust placed in the recommendations made by a node. These variables allow nodes to decide how much confidence they can place in the rating. We implement our scheme on a structured P2P network, Pastry, though our insights can be extended to unstructured systems and generic autonomic communication systems as well.

Abstract — Peer reputations have been used as security tools to not only motivate peers against cheating but also protect good peers from the chronic cheaters. Although the reputation management techniques are not confined to P2P networks, they present novel challenges that were absent in central server based distributed systems. We enumerate these challenges and survey the solutions proposed by the community to counter them. These challenges include, but are not limited to, peer-identification in decentralized environments, reputation metrics, storage and exchange of reputation data. Finally we survey the applications which use P2P network paradigm and therefore can benefit from the reputation systems. I.

Currently, most computational grids (systems allowing transparent sharing of processing resources across organizational boundaries) are assembled using human negotiation. This procedure does not scale well, and is too inflexible to allow for large open grids. Peer-to-peer grids present an alternative way to build grid infrastructures with a large number of sites. However, to actually assemble a large grid, peers must have an incentive to collaborate by providing resources to the system. In this paper we propose an incentive mechanism called the Network of Favors, which is designed to make it in the best interest of each participating peer to make as much as possible of its spare processing resources available to the system. We show through analysis, simulations, and experiments with an implementation that the Network of Favors promotes collaboration in a simple and robust fashion. We also describe OurGrid, a peer-to-peer grid based on the Network of Favors that is in production since December 2004.

Summary. Trust and reputation systems have proven to be essential to enforcing cooperative behavior in peer-to-peer networks. We briefly describe the current approaches to building reputation systems: social networks formation, probabilistic estimation and game theoretic models. We then observe that all of the current models make a number of simplifying assumptions that may not necessarily hold in real networks, such as either irrational (probabilistic) or completely rational behavior, instant propagation of reputation information and homogeneity of interactions. We argue that dropping those assumptions and allowing more degrees of freedom is necessary in order to construct more realistic and rich reputation models. We support our argument by citing reputation research done in economics, evolutionary psychology, biology and sociology and and consider models that take into account adaptive behavior changes, co-evolution of behaviors, bounded rationality and variable interaction patterns. We then outline how those complexities can be dealt with and point out main directions for the future study of more realistic and less constrained reputation models that can potentially lead to construction of more secure, responsive and cooperative peer-to-peer systems. 1