ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services

Transcription

1 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services DaeHee Seo 1), Gaeil An 2), JongHyun Kim 3), Jang-Mi Beak 4), Dong-sub Cho 5) Abstract This paper aims to analyze vulnerability of overlay networks for the existing P2P service and suggest a secure and efficient ESCORT network Encryption functions are used to provide encryption, explicit mutual authentication and session keys are provided to ensure secure communication, and a middle object is suggested to maintain efficiency Moreover, Time stamps are used for each communication process to provide effective network security service Thus, the proposed ESCORT network provides not only security for P2P users but also other advantages such as user privacy protection, secure communication and effective security management through centralized control Keywords : Ubiquitous Network, Overlay Network, P2P, Secure Communication, Network Management 1 Introduction Recent evolution of communication environment is a result of research on networks to provide various types of digital contents In particular, overlay networks have been mainly used in a distributed computing environment, providing effective service control and satisfying user requirements at application service level on physical delivery networks [3] [5] Previous researches on overlay networks focused on maximizing network usage, along with connectivity of virtual networks consisting of links of each node However, security related problems haven't been solved yet Received(October 04, 2011), Review request(october 05, 2011), Review Result(1st: October 18, 2011, 2nd: October 31, 2011) Accepted(December 31, 2011) 1 Electronics and Telecommunications Research Institute, Daejeon, Korea dhseo@etrirekr 2 Electronics and Telecommunications Research Institute, Daejeon, Korea fogone@etrirekr 3 Electronics and Telecommunications Research Institute, Daejeon, Korea jhk@etrirekr 4 (Corresponding Author) SoonChunHyang Univ, Department of Computer Software Engineering, ChoongNam, Korea bjm1453@schackr 5 Ewha Womans Univ, Department of Computer Science and Engineering, Seoul, Korea dscho@ewhaackr 673

2 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services That is why security of overlay network is suggested as one of the key challenges along with network efficiency [6] [15] Therefore, this paper is intended to suggest a new type of network to ensure security of overlay networks by analyzing the existing overlay networks Section 2 analyzes existing schemes based on security requirements; Section 3 proposed secure and efficient ESCORT (Encryption, Secure Communication, ORganization using Time-stamp); Section 4 analyzes the suggested scheme based on security requirements suggested; and finally Section 5 suggests summary and appropriate direction of future works 2 ANALYSIS OF EXISTING SCHEMES 21 The Distributed Schemes A scheme of distributed overlay network is based on cooperation among nodes without centralized servers and includes Chord scheme suggested by MIT and UCBerkeley in 2001 [9], Pastry scheme suggested by Germany in 2001 [1] and CAN(Content Addressable Network) scheme suggested by ACIRA(AT&T Center for Internet Research) [11] and Berkeley in 2001 [14] However, distributed overlay networks have the following vulnerabilities due to inconsistent security since data is managed by cooperation among nodes Whitewashing: It is difficult to verify actual data users in distributed overlay networks, which unauthorized users may attack network security and privacy of each element may not be protected Thus, static model must be used to solve this problem Sybil attack: Attackers can acquire legal node ID in distributed overlay network through Sybil attack, which causes security vulnerability during communication Protection of user privacy: Distributed overlay networks have security vulnerability of message fabrication/modulation or delivery of fake information In particular, when transmitted messages are based on users' information, user privacy is not protected MITM attack: Distributed overlay networks provide user authentication based on hash tables of other elements, but have vulnerability of establishing session keys for encrypted communication and confidentiality of authorized elements' all messages Storage and Retrieval attack: Distributed overlay networks cannot provide additional secure service against abnormal behaviors because they don't have explicit authentication process and reliable organizations Detection of participants' intended abnormal behaviors: Detecting basic abnormal behaviors must consider policies related to anti-virus and network security products, but the existing schemes do not support relevant policies 674

3 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 22 Mudhakar Scheme Mudhakar scheme suggested by Georgia Institute of Technology's Mudhakar Srivatsa(hereinafter referred to as Mudhakar scheme) is intended to maintain security of the overall network through mutual authentication and key creation by generating tokens of each event [12] However, the proposed scheme has the following vulnerabilities: Whitewashing: Mudhakar scheme suggests user's authentication and encrypted communication through ID-Key mapping, but attackers may use enclosed IDs As a result, this scheme is vulnerable to ID-Key mapping attacks and cannot maintain security Management efficiency: Growing KDC(Key Distribution Center) traffic increases management overhead and cost required to manage keys, ultimately causing inefficiency of the overall network Detection of participants' intended abnormal behaviors: The proposed scheme does not support policy for network security and it is hard to detect participants' intended abnormal behaviors Therefore, relevant policy must be supported to compensate this problem 23 Existing pub-sub scheme There are pub-sub schemes such as Mcastro scheme [8] [10] proposed, key based scheme [7] proposed in 2007 and GP jesi scheme[4] proposed in 2007 These are the schemes which were performed by collaborating between the nodes an integrity server However, existing pub-sub method has vulnerabilities as the following Publishers: Basic pub-sub overlay models are based on reliable publishers All publishers are reliably connected as authorized/authenticated elements However, each publisher may be composed of high performance publishers and low performance publishers That is why basic pub-sub models require different management depending on each publisher and separate authorization/authentication system Moreover, basic pub-sub models are vulnerable to attackers disguised as reliable elements scribers: In basic pub-sub models, subscribers are based on unauthorized subscribers participating in overlay networks Unauthorized subscribers are approved as authorized subscribers through secure authentication process If, however, unauthorized nodes attack unauthenticated subscribers participating in overlay networks, security cannot be maintained, requiring additional management 3 ESCORT NETWORK SCHEME The suggested scheme refers to pub-sub system based on the contents similar to the Siena [15] When an event occurs at the pub-sub system, a publisher will provide contents After an event is defined by current 675

4 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services group's name, form and specific value, the event will occur If a single event or various events occur at pub-sub overlay network structure, subscribers can perform their interesting event Common pub-sub system is consisted of as the following scribe: if an event occurs, a subscriber defines the event by using subscribe function Advertise: a publisher announces a form of event by using advertising Publish: a publisher announces publish function Unsubscribe: if there is unsubscribe request, the subscription is verified and cancelled Unadvertise: unadvertise is verified and the related contents are cancelled 31 System parameters The suggested scheme refers to pub-sub system based on the contents similar to the Siena [15] When an event occurs at the pub-sub system, a publisher will provide contents The architecture in the proposed scheme is based on pub-sub model Each of the components is defined as the following (Figure 1) Trust Contents Service (TCS) Application layer ESCORT Publisher ESCORT scriber ESCORT Middle Object ESCORT Policy ESCORT Router ESCORT Application object layer Overlay Network Security Layer Security layer Publisher Middle- Publisher scriber Middle- scriber Router Basic object layer Basic Pub- Network Basic network layer [Fig 1] ESCORT Architecture 1) Basic configuration hierarchy This paper presents the basic ESCORT entities referring to the existing pub-sub model The properties of the critical basic entities of ESCORT architecture are as the following Publishers: Publishers in ESCORT model are trusted entities They classify and perform an event with their performance Each publisher is securely connected They perform the role of authentication and managing middle publishers Middle-publisher: Middle entity is not proposed in the basic pub-sub overlay model Middle-publisher is suggested to secure publisher s safety and effective network management Middle-publishers authorize the 676

5 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 event requested by end user (ESCORT user) and notify it to the highest-publishers However, middle-publishers should perform mutual authorization with publishers through secure process because they are not trusted entities Publishers announce the security of middle-publishers as a form of public event so publishers should announce that they are temporary trusted entities in order to perform the role of middle-publisher during certain period of time scribers: scribers in the suggested model perform the intermediary role for secure authorization with subscribers unauthorized from middle-subscribers and middle-publisher The event transmitted to unauthorized subscribers is retransferred to authorized subscribers Middle-subscribers: Middle subscribers temporarily manage unauthorized subscribers prior to the authorization of the upper publishers They manage the subscribers wanting to participate in overlay network before secure authorization process of the upper publishers They provide the least security services in order to secure the safety against unauthorized nodes Router: Routing node searches optimal routing path for secure effective communication with the final entity Variable routing node is provided to maximize the efficiency and availability of network 2) ESCORT network security -class In the proposed architecture, the security-layer is suggested to secure the safety between each protocol layer, which provides the security services as the following ACI: The layer provides the security service related to ACI in order to secure the safety of communications and transmitted contents in the proposed overlay network For authorization service, mutual authorization mechanism is defined and encryption and hash algorithm are regulated to provide the confidentiality and integrity Key update: If session key is set for secure mutual communication after the authorization of each entity participating in overlay network, update method and cycle of session key is defined Authorization / access control: The right to authorize and access control of corresponding contents is set up and defined after the authorization of entities participating in overlay network Availability: If unauthorized entities are participating in overlay network, middle-subscribers and middle-publishers manage them as temporary entities There are two availability service methods One is that middle entities set a timetable and then its real-time backup information is transmitted to subscribers and publishers The other is that timetable is searched to ensure the availability when network availability is infringed Network management: The security layer of overlay network defines the policy for the entities configuring overall overlay network and the management method 677

6 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services 3) ESCORT configuration layer ESCORT Overlay Network configures the pub-sub network, referring to the basic component layer ESCORT configuration layer is consisted based on component entities Additional components are as the following (Figure 2) Mid - Mid - Pub Mid - Routi ng Node Pub Pub Routi ng Node Mid - Mid - Pub Mid - [Fig 2] ESCORT Network Class ESCORT Policy: The security policy of all entities is defined for network management and security service in ESCORT overlay network Each entity can refer to the security policy entity: entity as an end user is provided with service offered from overlay network entity is the final entity provided services authorized by publishers and subscribers through optimal routing path 32 Consist of protocol ESCORT protocol is for secure effective network communication based on ESCORT overlay network ESCORT protocol is consisted of the following five kinds Communications between publisher and publisher: When an end user in overlay network requests communications, a publisher finally authorizes and manages it through communication between a publisher and publisher If new entity participates in the network, the new participant is authorized through communications between middle entities Communications between publisher and middle-entity : In case that new entities participate as publisher in ESCORT network, middle-entities find out them and temporarily authorize and manage by temporarily grouping them until a publisher determines whether the newly participating entity is legitimate or not Communications between middle-publisher and middle-subscriber: When new unauthorized entity participates, middle-subscriber let the new entity participate by temporarily grouping If communications 678

7 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 with other subscribers is requested, middle-publisher performs intermediate role Therefore, secure communications can be performed Middle-publisher performs intermediate role for secure communications with publisher according to security policy of new entity Communications between end user and subscriber: Mutual authentication between subscribers providing contents and the end user participating in ESCORT network and session key establishment are set up When new subscriber participates in ESCORT network, this is the step that the new subscriber is authorized Routing protocol: This is the process that contents are searched by using 2MAC (Media Access Control & Message Authentication Code) in ESCORT network 33 Assumptions In order to organize the proposed ESCORT network, the following assumptions are based As reliable static elements, publishers perform secure mutual authentication process in advance and share a session key with other publishers Publishers, middle-publishers, middle-subscribers of ESCORT elements are reliable static elements Each publisher has a public bulletin board accessible to all elements This bulletin is used to publish basic event type, access type and attributes of ESCORT network Each publisher participating in ESCORT network shares session keys and and initial information with middle-publishers and middle-subscribers of the same group through secure communication All elements participating in ESCORT network have a pair of public key and private key 34 System parameters * : ESCORT configuration element parameter ( :Publisher, :scriber, Middle-publisher:, Middle-subscriber:, Extended publisher:, scriber:, New subscriber:, end user: ) : Basic event type published by publishers and defined as ( : attribute of event, : element's ID, : element's type, : publisher's public response value, : authentication level, : time stamp) : Unique call list of middle-publishers and middle-subscribers managed by each publisher : Unique call number of subscribers ( : Time stamp 679

8 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services,,,, : Random number, : IDentity of element participating in ESCORT : Secure hash function (SHA-1 or MD5) : Public key encryption algorithm : Symmetric key encryption algorithm : Secure public key's signature algorithm : Public coefficient : user's authorized list : list of end users unauthorized by publishers : Authorized end user list managed by : user's private information () : Public and private key pairs of objects 35 Architecture of the ESCORT 1) Detailed Protocol a) Communication between publishers 1 and use a public bulletin board accessible to all elements of ESCORT network to generate and publish event type, access type and attributes For event type published by, the procedure is as follows 2 and use the pre-shared session key to send encrypted information about lower level middle elements(middle-publisher, middle subscriber) 3 decrypts received from and sends information about lower level middle elements registered on to 4 and save information about shared middle elements and initialize ESCORT network based on this information b) Communication between publishers and middle-objects (1) Establishment of session key and mutual authentication with lower level element of and performs authentication to ensure secure communication with lower level middle elements of and configures them as extended elements of 680

9 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 1 calculates the following based on information about middle elements of received from communication with in the above a), and then sends, to,, 2 receives and from, decrypts with a private key and extracts random number and Then, creates and verifies If the verification result is correct, generates random and time stamp, calculates the following and sends, to,,,, 3 Receiving and, decrypts with a private key and verifies transmitted data through the following verification If the above process is correct, and calculate a mutual session key and finish mutual authentication and session key establishment also performs the above process in the same way as all of and creates a session key Mid- Mid - Mid-Pub Pub1 Pub2 Public borard Mid-Pub Mid- Mid - [Fig 3] Pub-sub Communication in ESCORT Network (2) Establishment of session key and mutual authentication with lower level element of and 1 calculates based on to perform mutual authentication with and establish a session key and generates random number Then, calculates,, and sends them to,,,, 681

10 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services 2 decrypts received from with session key shared in the above (1), extract, and verifies If the verification result is correct, sends,, to, 3 decrypts and received from with a private key and verifies and If the verification result is correct, generates random number and time stamp, calculates the following and sends,, to,,,, 4 verifies,, received from in the following procedure If the verification result is correct, uses session key shared with in the above (1) to calculate and and sends them to 5 Receiving, decrypts with and extracts and Then, decrypts with a private key to acquire and After finishing the above process, and calculate and generates as follows performs the same process as to acquire mutual authentication with lower level middle-objects of and establish a session key (3) Mutual authentication and establishment of session key when a new participates in ESCORT network 1 The new publisher sends a message requesting communication to join network to ESCORT network 2 Receiving the request message from, generates event,, and sends and to so that can be registered as an extended publisher in ESCORT network and be mutually authenticated,, 3 Receiving and from, checks a signature using 's public key and decrypts with a private key to acquire and Then, performs verification 682

11 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 If the verification result is correct, generates based on event published on a pubic bulletin board of ESCORT network and sends and to, 4 receives, sent from, decrypts as private key and verify based on which is generated and 1 5 Receiving and from, decrypts with a private key Then, based on generated from and 1, verifies If the verification result is correct, authenticates as an extended publisher and generates session key for secure communication Then, saves temporarily and performs detailed protocol of the a) Communication between publishers process using a session key to join ESCORT network c) Communications between middle-publisher and middle-subscriber (1) Communication between and 1 generates random number, calculates and and sends,, to,, 2 receives,, publishes on a public bulletin board, decrypts, checks 's signature and verifies If the verification result is correct, generates, calculates and sends, to,, 3 receives, from, decrypts with a private key, checks 's signature with 's public key, extracts and and verifies If the verification result is correct, generates random number,, to establish a session key with, calculates the following and sends,, to 683

12 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services,, 4 receives,,, publishes, an event responding to on a public bulletin board, decrypts, checks 's signature and verifies and If the verification result is correct, generates, calculates and sends, to,, 5 receives, from, checks, an message responding to on the public bulletin board, decrypts with a private key and performs the verification If the verification result is correct, sends a message to complete the communication to and then sends this message to Then, and finish mutual authentication process and generates session key (2) Communication between and 1 generates event generating message and time stamp Then, encrypts with session key set in the (1) and sends, to, 2 receives, decrypts with a session key shared with to acquire and save an end user's managed by Then, extracts with 's public key from and verifies with and If the verification result is correct, publishes on a public bulletin board and generates time stamp and random number Then, calculates, and sends them to, 3 receives, decrypts with a private key and verifies If the verification result is correct, generates event message, calculates, sends, to 684

13 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월, 4 receives,, decrypts with a private key, checks 's signature with 's public key, extracts and verifies If the verification result is correct, publishes on a public bulletin board, generates time stamp, calculates and sends, to, 5 receives,, decrypts with shared with and verifies If the verification result is correct, sends a message notifying event completion to Then, sends this message to to finish communication between and Then, and generates d) The registration and public phase of user and subscriber (1) Mutual authentication and establishment of session key between end users and subscribers 1 user requests for 's public key to establish a session key and perform mutual authentication with subscriber of Then, signs 's public key with a private key and sends it to 2 acquires 's public key, calculates, and sends,, to,, 3 receives,,, decrypts with a private key to acquire, and verifies If the verification result is correct, publishes on a public bulletin board After publishing the event, calculates based on pre-designated with, sends to, calculates, and sends, to the,, 685

14 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services, 4 receives, and verifies If the verification result is correct, calculates, decrypts and extracts, calculates and receives contents requested by through (2) Authentication and publish of new subscribers 1 wishing to join the network newly requests for 's public key Then, signs 's public key with 's private key and sends it to 2 checks the signature with 's public key, acquires 's public key, generates, and a and sends encrypted value, and event message to,, 3 receives,, from, decrypts with its private key, acquires and, decrypts using and verifies If the verification result is correct, checks the signature of 's with 's public key Then, checks currently available contents and service lists and publishes them on the pubic bulletin board generates 's unique call number and Then, based on this information, calculates, and sends them along with to,, 4 receives,,, decrypts with a private key and verifies If the verification result is correct, generates and, calculates the following and sends,,, to,,, 5 receives,,, calculates and verifies If the verification result is correct, generates time stamp, calculates and sends, to, 686

15 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 6 calculates based on, received from, and then verifies 's integrity If the verification result is correct, and calculates to establish a mutual session key 4 The analysis of ESCORT scheme 41 Analysis of security The proposed scheme has the following security compared to the existing scheme ACI(Authentication, Confidentiality, Integrity): The proposed scheme provides mutual authentication service for each element to maintain security of general ACI Moreover, the proposed scheme aims to ensure secure communication through encryption of public keys and establishment of session keys The proposed scheme is also intended to use hash functions to ensure integrity of transmitted data and maintain security of general ACI Encrypted communication and access control - Encrypted communication: The proposed scheme is based not on distributed type but on centralized type in order to detect participants' intended abnormal behaviors ESCORT network designates middle elements to ensure security based on reliable establishes session key through middle element instead of direct communication with when new elements join the network; performs mutual authentication and maintains security sessions As a result, reliable central elements are not directly affected - Access control: When a participant's intended abnormal behavior is detected, this fact is delivered to middle elements in accordance with 's policy Based on this fact, information on the participant is checked from a pubic bulletin board and and security policy such as excluding from elements or removing session keys is established Application of this policy can perform access control in relation to detecting intended abnormal behaviors Protection of elements' privacy: In terms of Whitewashing-related attacks, this paper uses protection of elements' privacy to ensure security In particular, when public ID is used to respond to attacks related to elements' ID, discrete logarithm such as is used to maintain security When communication with each element is performed to guarantee security against Sybil attacks, is calculated after mutual authentication to perform session key-based communication Security of the proposed service: The proposed scheme performs secure mutual authentication services for communication between elements, and establishes relevant session keys Therefore, only authenticated 687

16 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services elements can decrypt packets and check whether exchanged messages are modified to provide security for the provided service Availability: When attackers disguise as authorized subscribers or publishers to provide contents or transmit events, the proposed ESCORT network can detect those attackers and maintain network security against DoS attacks Centralized management: The proposed scheme consists of reliable central elements to ensure security of keys and users in distributed environment and middle elements to manage end users, providing reliable centralized management 42 Analysis of effectiveness This paper aims to analyze the proposed scheme's node exploration depending on message transmission suggested in TP2P(TP2P: Topology-based Peer-to-Peer) environment [2] and compare the proposed scheme with one of the centralized scheme, Mudhakar to analyze efficiency of and Then, the paper suggests the proposed scheme's limitation considering its characteristics In order to analyze node exploration depending on message transmission, the followings are defined The size of a circular identifier:, Number of : Average number of end users that exist in a subnet:, Table Size: Probability that a node for message transmission exists in its subnet: The probability that an exploration node in the proposed scheme exists closer to a target node than a node designated in a public routing table is The probability of finding out a node for message transmission in its is The probability of finding out a node for message transmission in other is Therefore, may be different depending on size of hash function table used in ESCORT network as follows: In addition, Mudhakar [12] [13] scheme suggests the probability of transmitting from to (ie, Pr ) as follows: Pr ( is a part of network node, is depth, and is increase in communication cost) Thus, when the same is based for the proposed ESCORT network, the probability of reaching is shown in Figure 5 688

17 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 [Fig 4] Probability of ESCORT network navigation In case that Mudhakar scheme ( ) is analyzes based on same, probability of reaching sub has better results than ESCORT scheme ( ) Therefore, though the security of the proposed ESCORT network improvers than Mudhakar approach in the same environment, whereas, the cost-effectiveness become lower On the other hand, there is a result can be derived from possibility of reached the sub object improve It also cause lowing efficiency of the network, if it applies a large network because suggested scheme consists of centralized form Specifically, there is vulnerability that efficiency of network become low because the amount of security-related operations and mutual communication for mutual authentication is much more To complement inefficiencies, there is possibility to apply in overlay network where security is the best priority for special small security services required security rather than large P2P In addition, Mudhakar scheme [12] presents probability, Pr, of reaching from to When Mudhakar scheme( ) is analyzed based on the same, the probability of reaching sub is improved compared to the proposed scheme( ) In summary, the proposed ESCORT network provides better security and less cost-effectiveness than Mudhakar scheme based on the same environment, but the probability of reaching a lower level is more enhanced in the proposed ESCORT network Besides, the proposed scheme is a centralized management type, deteriorating network efficiency when it is applied to large scale network In particular, large amount of computation related to security and communication for mutual authentication deteriorates network efficiency In order to compensate this inefficiency, the proposed scheme can be applied to overlay networks requiring security for specific small-scale P2P rather than large-scale P2P 689

18 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services [Fig 5] Probability of reaching sub 5 Conclusions Currently, researches on secure overlay networks to provide P2P service which accounts for most of Internet traffic are actively conducted This paper tried to conduct centralized type of overlay networks to ensure secure P2P service Rapid growth in telecommunication increases demand of individual telecommunication In particular, researches on ubiquitous computing are highly attracted as next-generation IT technology Therefore, according to this paper, researches on the existing overlay networks are vulnerable to various network attacks and node insecurity Moreover, there are problems with node cooperation and explicit mutual authentication service because reliable organizations do not exist in distributed environment Thus, researches how to compensate the problems have been conducted The proposed ESCORT network suggests appropriate architectures and detailed protocols to provide consistent network management and security through reliable organizations However, for the proposed scheme, each element is authenticated through communication with reliable central elements, which increases traffic of central elements and deteriorates the overall network efficiency That is, the proposed scheme causes not only increasing overhead and cost related to central elements but also deteriorated efficiency of the overall network Therefore, it is intended to conduct researches on routing protocols as well as on additional protocols and clear security policies to ensure security against participants' participation/leave ACKNOWLEDGMENT This paper has been supported by the Software R&D program of KCA [2011/ , Development of global collaborative integrated security control system 690

19 보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 6호 2011년 12월 References [1] A Rowstron and P Druschel, Pastry:Scalable, decentralized object location and routing for large-scale peer-to-peer systems, Proc of the Middle-ware 2001, 2001, pp [2] BK Cha, DY Han, YS Son and KS Kim, TP2P: Topology-based Peer-to-Peer System Efficient Resources Lookup, KIISE Journals, vol 34, no 2, 2008, pp [3] D Doval, D O'Mahony, Overlay Networks: A Scalable Alternative for P2P, IEEE Internet Computing, vol 7, no 4, 2003, pp79-82 [4] GP Jesi, D Gavidia, C Gamage, and M van Steen, A Secure Peer Sampling Service as a Hub attack Countermeasure, UBLCS [5] HC Kwon, JH Hah, JS Jang, DHT(Distributed Hash Table) P2P based overlay network security threat analysis, The journal of KISC, vol 15, no 6, 2006, pp60-67 [6] HC Kwon, YH Moon, JB Gu, SK Kho, JH Hah and JS Jang, Standardization and Technology Trend of Peer-to-Peer Communication, ETRI Report, vol 22, no 1, 2007, pp11-23 [7] I Baumgart and S Mies, S/Kademlia: A practicable approach towards secure key-based routing, ICPADS '07, 2007, pp 1-8 [8] I Stoica, R Morris, D Karger, M Frans Kaashoek and H Balakrishnan, Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications, ACM SIGCOMM 2001, 2001, pp [9] K Singh and H Schulzrinne, Data Format and Interface to an External Peer-to-Peer Network for SIP Location Service, IETF, 2006 [10] M Caporuscio, A Carzaniga, and A Wolf, "Design and Evaluation of a Support Service for Mobile, Wireless Publish/scribe Applications, IEEE Transactions on Software Engineering, 2003, vol 29, no 12, pp [11] M Castro, P Drushel, A Ganesh, A Rowstron and D Wallach, Secure routing for structured peer-to-peer overlay networks, OSDI, 2002, pp [12] Mudhakar Srivatsa, Security Architecture and Protocols for Overlay Network Services, Georgia Institute of Technology, a thesis for a doctorate, 2007 [13] SCapkun, J-PHubaux and L Buttyan, Mobility Helps Peer-to-Peer Security, IEEE Transactions on Mobile Computing, vol 5, no 1, 2006, pp [14] S Buchegger and A Datta, A case for P2P infrastructure for social networks: Opportunities and challenges, Proc of 6th International Conference on Wireless On-demand Network Systems and Services (WONS), 2009, pp45-52 [15] IRTF P2P Research Group Website, ( 691

20 ESCORT:Secure P2P Protocol for Global Cooperation in Overlay Network Services Author DaeHee Seo Present Senior Member of Engineering Staff in Electronics and Telecommunications Research Institute, Korea Research professor in Ewha womans University, Korea 2007 Senior researcher in Korea Information Security Agency, Korea SoonChunHyang University, Korea (MS-PhD in Computer Software Engineering) Research interests : Mobile Network security, N-Screen, Overlay Network security, Key Management, Security Products Evaluation Gaeil An 2001 Present Senior Member of Engineering Staff in Electronics and Telecommunications Research Institute, Korea visiting researcher in Syracuse University, US Chung-Nam National University in Korea (MS-PhD in Computer Engineering) Research interests : Network Security, Mobile Device Security, Security Information Management, and Network Simulation JongHyun Kim Present Electronics and Telecommunications Research Institute, Korea 2005 University of Oklahoma, USA (PhD Computer Science) 2000 University of Oklahoma, USA (MS Computer Science) Research interests : Information Security, Cybersecurity, Network Management and IP Traceback Jang-Mi Beak Present Visiting professor in SoonChunHyang University, Korea Part-time lecture in SoonChunHyang University, Korea Post-Doc in Howard University, US SoonChunHyang University, Korea (MS-PhD in Computer Software Engineering) Research interests : Multimedia Network System, Mobile System Development and Design, Ubiquitous Healthcare System Development, and Embedded System Dong- Cho 1979 ~ 1986 Seoul National University in Korea (MS-PhD) 1985 ~ Present Prof of Ewha Womans University, Korea 1996 ~ 1997 Univ of California, Irvine Dept of ECE Visiting Scholar Research interests: modeling of mobile computing devices, embedded systems, systems automation of secured mobile environment 692