Ensuring content integrity for untrusted peer-to-peer content distribution networks

Ensuring content integrity for untrusted peer-to-peer content distribution networks (2007)

Cached

Download Links

[www.usenix.org]

Other Repositories/Bibliography

DBLP

by Nikolaos Michalakis , Robert Soulé , Robert Grimm

Venue:	In Proc. 4th USENIX/ACM NSDI
Citations:	8 - 1 self

BibTeX

@INPROCEEDINGS{Michalakis07ensuringcontent,
    author = {Nikolaos Michalakis and Robert Soulé and Robert Grimm},
    title = {Ensuring content integrity for untrusted peer-to-peer content distribution networks},
    booktitle = {In Proc. 4th USENIX/ACM NSDI},
    year = {2007}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Many existing peer-to-peer content distribution networks (CDNs) such as Na Kika, CoralCDN, and CoDeeN are deployed on PlanetLab, a relatively trusted environment. But scaling them beyond this trusted boundary requires protecting against content corruption by untrusted replicas. This paper presents Repeat and Compare, a system for ensuring content integrity in untrusted peer-to-peer CDNs even when replicas dynamically generate content. Repeat and Compare detects misbehaving replicas through attestation records and sampled repeated execution. Attestation records, which are included in responses, cryptographically bind replicas to their code, inputs, and dynamically generated output. Clients then forward a fraction of these records to randomly selected replicas acting as verifiers. Verifiers, in turn, reliably identify misbehaving replicas by locally repeating response generation and comparing their results with the attestation records. We have implemented our system on top of Na Kika. We quantify its detection guarantees through probabilistic analysis and show through simulations that a small sample of forwarded records is sufficient to effectively and promptly cleanse a CDN, even if large fractions of replicas or verifiers are misbehaving. 1

Citations

3028	H.: Chord: A scalable Peer-To-Peer lookup service for internet applications - Stoica, Morris, et al.
1503	Pastry: Scalable, Distributed Object Location and Routing for Large-Scale Peer-to-Peer Systems - Rowstron, Druschel - 2001
807	Unreliable Failure Detectors for Reliable Distributed - Chandra, Toueg - 1996
778	Wide-area cooperative storage with cfs - DABEK, KAASHOEK, et al.
741	End-to-end arguments in system design - Saltzer, Reed, et al. - 1984
552	H.: The Eigentrust algorithm for reputation management in P2P networks - Kamvar, Schlosser, et al. - 2003
374	Tapestry: a resilient global-scale overlay for service deployment - Zhao, Huang, et al. - 2004
257	Terra: A virtual machine-based platform for trusted computing - Garfinkel, Pfaff, et al.
249	httperf: A tool for measuring web server performance - Mosberger, Tin - 1998
248	Practical Byzantine Fault Tolerance and Proactive Recovery - Castro, Liskov
242	Democratizing content publication with Coral - Freedman, Freudenthal, et al. - 2004
213	I.: The Impact of DHT Routing Geometry on Resilience and Proximity - Gummadi, Gummadi, et al. - 2003
206	Vigilante: end-to-end containment of internet worms - Costa, Crowcroft, et al. - 2005
155	Squirrel: A decentralized peerto-peer Web cache - Iyer, Rowstron, et al. - 2002
140	Secure information aggregation in sensor networks - Przydatek, Song, et al. - 2003
136	Renesse, R.: Coca: A secure distributed online certification authority - Zhou, Schneider, et al. - 2002
111	Secure untrusted data repository (SUNDR - Li, Krohn, et al. - 2004
103	Meridian: A Lightweight Network Location Service without Virtual Coordinates - Wong, Slivkins, et al. - 2005
91	Renesse, “Kelips: Building an efficient and stable P2P DHT through increased memory and background overhead - Gupta, Birman, et al. - 2003
80	Efficient replica maintenance for distributed storage systems - CHUN, DABEK, et al. - 2006
77	fault tolerance for cooperative services - BAR - 2005
77	The Effectiveness of Request Redirection on CDN Robustness - Wang, Pai, et al. - 2002
69	OASIS: Anycast for any service - Freedman, Lakshminarayanan, et al. - 2006
65	Rx: treating bugs as allergies—a safe method to survive software failures - Qin, Tucek, et al. - 2005
54	Bind: A fine-grained attestation service for secure distributed systems - Shi, Perrig, et al. - 2005
48	P.: Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems - Seshadri, Luk, et al. - 2005
45	Kaashoek. Bandwidthefficient management of DHT routing tables - Li, Stribling, et al.
42	Preserving Peer Replicas by Ratelimited Sampled Voting - Maniatis, Rosenthal, et al. - 2003
29	Z.: Characterization of a large web site population with implications for content delivery - Bent, Rabinovich, et al. - 2004
21	Narses: A scalable flow-based network simulator - Baker, Giuli - 2002
16	Tuxedo: A peer-to-peer caching system - Shi, Shah, et al. - 2003
13	The case for Byzantine fault detection - Haeberlen, Kuznetsov, et al. - 2006
11	Nexus: A new operating system for trustworthy computing (extended abstract - Shieh, Williams, et al. - 2005
11	The Role of Accountability in Dependable Distributed Systems - Yumeferendi, Chase - 2005
9	Optimal resource utilization in content distribution networks - Song, Ramasubramanian, et al. - 2005
9	Experience with a distributed object reputation system for peer-to-peer filesharing - Walsh, Sirer - 2006
9	Trust but verify: accountability for network services - Yumerefendi, Chase - 2004
8	On the cost-ineffectiveness of redundancy in commercial P2P computing - Yurkewych, Levine, et al. - 2005
6	Na Kika: Secure service execution and composition in an open edge-side computing network. NSDI - Grimm - 2006
5	An XML-Based Data Integrity Service Model for Web Intermediaries - Chi, Wu - 2005
4	Data Integrity for Mildly Active Content - Orman - 2001
3	Merkle Tree Authentication of HTTP Responses - Bayardo, Sorensen - 2005
2	Towards multilaterally secure digital rights distribution infrastructures - Adelsbach, Rohe, et al. - 2005
2	Cooperative archictectures and algorithms for discovery and transcoding of multi-version content - Canali, Cardellini, et al. - 2003
2	Common Language Infrastructure (CLI), 4th Edition - International
2	DotSlash: Providing dynamic scalability to web applications with on-demand distributed query result caching - Zhao, Schulzrinne - 2005
1	Meridian: Data Description, 2005. http: //www.cs.cornell.edu/People/egs/meridian/ data.php. Accessed - Sirer - 2007
1	The botnet trackers, February 16 2006. http: //www.washingtonpost.com/wp-dyn/content/ article/2006/02/16/AR2006021601388.html. Accessed - Post - 2007