|
The increasing use of Peer-to-Peer (P2P) Networks has brought its security issues under the scrutiny of the public eyes and under the close observation of the malicious users. Since the P2P communication model differs from that of conventional server and client system, P2P Networks meet more threats than traditional networks. However, there is the lack of a comprehensive process to designing P2P Networks protection solutions. In this paper, we discuss the Threat Modeling Process for analyzing security issues in P2P Networks, which aims at organizing system threats and vulnerabilities into general classes to be addressed with known protection techniques. Although there has been prior work on threat modeling primarily for software applications, to our knowledge this is the first attempt at threat modeling for P2P Networks. We summarize protection challenges unique to P2P Networks and propose a process to creating a threat model for P2P Networks, which based on the following security principles: Confidentiality, Integrity, Availability, Authentication, Anonymity, and Trust (CIAAAT). We hope this initial work will give some inspirations to P2P Network designers and start a discussion on how to better design and implement protection solutions for P2P Networks. |
|
Keywords:Threat Model; Peer-to-Peer Networks; Security; Trust |
|