[Gzz-commits] gzz/Documentation/misc/hemppah-progradu mastert...

[Hermanni Hyytiälä]

CVSROOT:        /cvsroot/gzz
Module name:    gzz
Changes by:     Hermanni Hyytiälä <address@hidden>      03/06/02 08:14:08

Modified files:
        Documentation/misc/hemppah-progradu: masterthesis.tex 

Log message:
        steven's comments

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/Documentation/misc/hemppah-progradu/masterthesis.tex.diff?tr1=1.206&tr2=1.207&r1=text&r2=text

Patches:
Index: gzz/Documentation/misc/hemppah-progradu/masterthesis.tex
diff -u gzz/Documentation/misc/hemppah-progradu/masterthesis.tex:1.206 
gzz/Documentation/misc/hemppah-progradu/masterthesis.tex:1.207
--- gzz/Documentation/misc/hemppah-progradu/masterthesis.tex:1.206      Mon Jun 
 2 02:50:41 2003
+++ gzz/Documentation/misc/hemppah-progradu/masterthesis.tex    Mon Jun  2 
08:14:08 2003
@@ -460,7 +460,7 @@
 distance from $p_j$ to $p_i$). Pastry's \cite{rowston01pastry} distance 
function supports 
 symmetry, but does not support unidirection. According to 
\cite{balakrishanarticle03lookupp2p}, because 
 of XOR-metric, Kademlia's distance function is both unidirectional and 
symmetric. Moreover, Kademlia's \cite{maymounkov02kademlia} 
-XOR-based metric doesn't need stabilization (like in Chord 
\cite{stoica01chord}) and backup links 
+XOR-based metric does not need stabilization (like in Chord 
\cite{stoica01chord}) and backup links 
 (like in Pastry \cite{rowston01pastry}). 
 However, in all of the above schemes, each hop in the overlay shortens the 
distance between 
 current peer working with the data lookup and the key that was looked up in 
the identifier space.
@@ -484,7 +484,7 @@
 
 Balakrishnan et al. \cite{balakrishanarticle03lookupp2p} have listed four 
requirements
 for tightly structured overlays\footnote{Authors use the term 'DHT' in their 
text, but in this context
-it doesn't matter as they list \emph{general} properties of tightly structured 
overlays.} that have to be addressed in order 
+it does not matter as they list \emph{general} properties of tightly 
structured overlays.} that have to be addressed in order 
 to perform efficient data lookups in tightly structured overlays. 
 First, mapping of keys to peers must be done in a load-balanced
 way. Second, the overlay must be able to forward a data lookup for a 
@@ -498,7 +498,7 @@
 two requirements about the nature of reference resolution. First, there should 
be a general-purpose
 and application-indepedent substrate for reference resolution. Second, the 
references themselves
 should be unstructured and semantic-free. In this text, we define unstructured 
reference
-as a reference that doesn't expose the target in any way and semantic-free 
reference as a reference 
+as a reference that does not expose the target in any way and semantic-free 
reference as a reference 
 that there are no directives in the reference itself which would expose how 
the reference should be processed. 
 
 
@@ -882,63 +882,63 @@
 
 The Spam generating attack \cite{naor03simpledht} is another known attack 
model against a Peer-to-Peer system. In the Spam
 attack, a hostile or faulty peer may produce false data information, or 
refuses to (or is not able to) reply to requests. 
-Naor et al. \cite{naor03simpledht} have proposed a partial solution against 
Spam attack in a \emph{faulty} peer environment (not hostile).
+Naor et al. \cite{naor03simpledht} have proposed a partial solution against 
this Spam attack in a \emph{faulty} peer environment (not hostile).
 
 Overloading of targeted peers is a form of Distributed Denial of Service 
attack (DDoS) (see, e.g., \cite{372148}). For instance, 
 a hostile entity can attempt to burden specific peers with garbage network 
packets. As a consequence, peers may act incorrectly or 
 stop working. Daswani et al. \cite{daswani02queryflooddos} suggest efficient 
load balancing 
-policies for Peer-to-Peer system in order to prevent massive system failures. 
They suggest a traffic model 
+policies for Peer-to-Peer systems in order to prevent massive system failures. 
They suggest a traffic model 
 that can be used to understand the effects of DDoS attacks. Sit et al. 
\cite{sit02securitycons} 
-suggest that identifier assignment algorithm for peers would assign identifier 
with respect to network topology 
-and that replicas of data should be located physically to different locations.
+suggest that an identifier assignment algorithm would assign an identifier 
with respect to network topology 
+and that replicas of data should be relocated physically to different 
locations.
 
 
 \subsection{Trust management, data authenticity and integrity}
 
-According to \cite{aberer01trust}, mutual trust ''...allows agents to 
cooperate in a game-theoretic situation that corresponds 
+According to \cite{aberer01trust}, mutual trust, ''...allows agents to 
cooperate in a game-theoretic situation that corresponds 
 to the repeated prisoners dilemma and leads in the long term to an increased 
aggregated utility for the participating agents''. 
 The authors of \cite{aberer01trust} define \emph{trust management} as a 
mechanism that allows one to establish mutual trust. Furthermore, 
\emph{reputation} is a measure
-that is derived from knowledge on interactions in the past 
\cite{aberer01trust}. In this subsection, we discuss mechanisms to maintain
+that is derived from knowledge on interactions in the past 
\cite{aberer01trust}. In this subsection, we briefly discuss mechanisms to 
maintain
 trust in Peer-to-Peer systems.
 
-Trust in Peer-to-Peer systems is based on \emph{reputation}. Little research 
has been done on the reputation models in Peer-to-Peer 
-systems, such as \cite{aberer01trust}, \cite{cornelli02reputableservents}. In 
\cite{aberer01trust}, authors present a scalable
-trust management model, which can be used in Peer-to-Peer enviroment. Authors 
in \cite{cornelli02reputableservents}
-suggest techniques to keep track and share information about the reputation of 
a peer with others peers. 
+Currently, most trust mechanisms are based on \emph{reputation}. Some research 
has been done on the reputation models in Peer-to-Peer 
+systems, such as \cite{aberer01trust, cornelli02reputableservents}. In 
\cite{aberer01trust}, the authors present a scalable
+trust management model, which can be used in a Peer-to-Peer enviroment. The 
authors in \cite{cornelli02reputableservents}
+suggest techniques to keep track of and share reputation information regarding 
a peer with others peers. 
 
-Quite recently, widely used Public Key Infrastructure (PKI) has been deployed 
in distributed
+Quite recently, the widely used Public Key Infrastructure (PKI) has been 
deployed in distributed
 systems \cite{rivest96sdsi}, \cite{spkiworkinggroup}. PKI is a reliable 
technology for securing
-data in computing systems, such as the Internet. However, in Peer-to-Peer 
-networks, the problem of key-based security mechanism may be the revocation of 
keys and the 
+data in computing systems such as the Internet. However, in Peer-to-Peer 
+networks, the problem of key-based security mechanisms may be the revocation 
of keys and the 
 distribution of new keys in a hostile environment \cite{KohMau99}.
 
-ConChord \cite{ajmani02conchord} is the first Peer-to-Peer system which has a 
support for PKI based
+ConChord \cite{ajmani02conchord} is the first Peer-to-Peer system which 
supports the PKI based
 security infrastructure. Still, however, ConChord \cite{ajmani02conchord} is 
in early phase of development and lacks
-important features of PKI to be fully usable yet. Furthermore, the hierarchy 
of Simple Distributed Security Infrastructure 
-(SDSI) \cite{rivest96sdsi} and Simple Public Key Infrastructure (SPKI) 
\cite{spkiworkinggroup} may be a problem for 
+important features of PKI to be fully usable. Furthermore, the hierarchy of 
the Simple Distributed Security Infrastructure 
+(SDSI) \cite{rivest96sdsi} and the Simple Public Key Infrastructure (SPKI) 
\cite{spkiworkinggroup} may be a problem for 
 Peer-to-Peer systems, in which hierarchy is intentionally missing.
 
-For data integrity, on the other hand, there are working techniques. 
Cryptographic content hashes
-\cite{fips-sha-1}, their variations \cite{merkle87hashtree} and implementation 
techniques \cite{mohr02thex}
+On the other hand for data integrity, there are working techniques. 
Cryptographic content hashes
+\cite{fips-sha-1}, including their variations \cite{merkle87hashtree} and 
implementation techniques \cite{mohr02thex}
 are efficient and reliable methods for identifying the integrity of data in 
Peer-to-Peer systems.
 
 \subsection{Anonymity}
 
-According to \cite{dingledine00free}, there exist several kinds of anonymity: 
author-anonymity, 
+According to \cite{dingledine00free}, there exists several kinds of anonymity: 
author-anonymity, 
 publisher-anonymity, reader-anonymity, peer-anonymity and query-ano-nymity. 
Author-anonymity is a form
-of anonymity in which no one can link author (who created the document) to a 
document. 
-Publisher-anonymity means that no one is able to determine the publisher (who 
published the document into
-the system) of a document. Reader-anonymity means that a document cannot be 
linked to its readers.
-With peer-anonymity, no one is able to determine the peer, where the document 
was originally published.
-Document-anonymity means that a peer doesn't know which data it is currently 
hosting. Finally, query-anonymity is a form
-of document-anonymity; when other peers perform data lookups, a peer doesn't 
know which data it serves
-to the data lookup originators. As the authors of \cite{dingledine00free} 
cite, some forms of anonymity 
-may imply each other and possible issues raised by this property is one area 
of future work.
-
-Obviously, existence of several types of anonymity often conflicts with other 
key properties of
-Peer-to-Peer systems. Let us consider anonymity and efficient data lookup. In 
efficient data lookup, we must know
-the peers responsible for given data. Of course, when we know the peers 
responsible
-for the data, the anonymity of peer is lost. Fortunately, there are partial 
solutions to these kinds of
+of anonymity in which no one can link the document to its author. 
+Publisher-anonymity means that no one is able to determine the document to its 
publisher.
+Reader-anonymity means that a document cannot be linked to its readers.
+With peer-anonymity, no one is able to determine the peer, that originally was 
published the document.
+Document-anonymity means that a peer does not know which data it is currently 
hosting. Finally, query-anonymity is a form
+of document-anonymity: when other peers perform data lookups, a peer does not 
know which local data is searched by
+the data lookup originators. As the authors of \cite{dingledine00free} cite, 
some forms of anonymity 
+may imply each other. Possible issues raised by this property is one area of 
future work.
+
+Obviously, the existence of several types of anonymity often conflicts with 
other key properties of
+Peer-to-Peer systems. For example, let us consider anonymity and efficient 
data lookup. In an efficient data lookup, we must know the 
+the peers responsible for any given data. Of course, when we know the peers 
responsible
+for the data, the anonymity of a peer is lost. Fortunately, there are partial 
solutions to these kinds of
 situations, such as pseudonymity which is a partial form of anonymity 
\cite{daswani03openproblems}. 
 For instance, pseudonymity can be used for addressing peer-anonymity by 
providing anonymous-like identifiers to 
 peers (e.g., peer identifiers of a tightly structured system).
@@ -1190,7 +1190,7 @@
 
 In the random walk approach \cite{lv02searchreplication}, a peer forwards 
query to a 
 randomly selected neighbor. The basic random walk approach
-has a poor response time but it doesn't generate as much network traffic as 
+has a poor response time but it does not generate as much network traffic as 
 the original BFS. As suggested in \cite{lv02searchreplication}, the
 random walk approach can be made more effective by introducing
 multiple simultaneously working ''walkers''. 
@@ -1234,7 +1234,7 @@
 joseph02p2players}, which use metadata to implement search methods. The 
feasibility of implementing additional 
 search layer on top of the network layer is questionable, especially if the 
search layer and the network
 layer have different assumptions about the participating peers (e.g., the 
network layer supports heterogeneity
-of peers, but the search layer doesn't). Andrzejak et al. propose range 
queries \cite{andrzejak02rangequeries}
+of peers, but the search layer does not). Andrzejak et al. propose range 
queries \cite{andrzejak02rangequeries}
 to be used with tightly structured overlays. In this technique, it is feasible 
to perform data lookups
 using ranges of keys thereby covering larger amount of possible data items. 
Currently their prototype
 is designed for the CAN system \cite{ratnasamy01can}.
@@ -1784,7 +1784,7 @@
 In chapter 2, we discussed the main differences between the loosely and the 
tightly structured 
 approach. As stated, the most significant difference is that the tightly 
structured 
 approach has at least poly-logarithmical properties in all internal 
operations, while the loosely 
-structured approach doesn't always have even linear properties. Furthermore, 
the
+structured approach does not always have even linear properties. Furthermore, 
the
 data lookup model of the tightly structured overlay scales much better than in 
loosely 
 structured overlays; the tightly structured overlay supports global data 
lookups
 in the overlay, whereas the data lookup model of the loosely structured 
approach
@@ -1803,7 +1803,7 @@
 tolerance in presence of system flux, non-optimal distance functions in 
identifier space, 
 proximity routing, hostile entities and flexible search 
\cite{balakrishanarticle03lookupp2p}.
 Additionally, there is only little real world experiments with tightly 
structured systems
-(e.g., \cite{overneturl, edonkey2kurl}). Therefore, we can't say for sure, how 
well these 
+(e.g., \cite{overneturl, edonkey2kurl}). Therefore, we cannot say for sure, 
how well these 
 systems would perform in real Peer-to-Peer environment. However, we believe 
that these issues will be 
 solved in the near future, since there is a strong and wide research community 
towards tightly structured 
 overlays \cite{projectirisurl}.
@@ -1928,7 +1928,7 @@
 and after a network disconnection, user wants to verify \emph{off line} the 
 authenticity of data. Finally, if a data lookup is performed by a user, but 
there is no reply
 from the Fenfire system, how are we able to know if this was a Spam attack 
\cite{naor03simpledht}, 
-or the data really doesn't exist in the system ?  
+or the data really does not exist in the system ?  
 These problems, however, are not only limited to the Fenfire system as it 
 concerns all Peer-to-Peer computer systems.