CN101136916A - P2P transmission method based on roles and credit access control mechanism - Google Patents
P2P transmission method based on roles and credit access control mechanism Download PDFInfo
- Publication number
- CN101136916A CN101136916A CNA2007100692835A CN200710069283A CN101136916A CN 101136916 A CN101136916 A CN 101136916A CN A2007100692835 A CNA2007100692835 A CN A2007100692835A CN 200710069283 A CN200710069283 A CN 200710069283A CN 101136916 A CN101136916 A CN 101136916A
- Authority
- CN
- China
- Prior art keywords
- certificate
- mark
- client
- node
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The method includes following steps: client end sends user certificate information to server; server validates the certificate; server returns node list of the certificate obtainable downloadable resources back to the client end, and P2P transmission (Trans) connection is built between the client end and nodes in the list; in procedure of Trans connection, client end carries out automatic scoring; and after finishing Trans, the method prompts user to carry out manual scoring based on quality of downloaded resources; the score is corresponding to a set of certificate; the client end controls at least one more indexes from downloading speed, upper limit of connected number, and priorities of waiting queues based on the certificate utilized. Comparing with traditional P2P system, the invention combines two kinds of access mechanism of roles and credits with P2P Trans. Features are: secure, high efficiency, controllable resource Trans under environment of peer-to-peer network.
Description
Technical field
The present invention relates to P2P transmission method field.
Background technology
In recent years, equity is calculated (Peer-to-Peer is called for short P2P) became one of hot issue that computer circle pays close attention to rapidly, and Fortune Magazine is classified P2P as one of four science and technology that influence the Internet future.It has broken traditional client/server (C/S) pattern, and the status of each node in network all is reciprocity.Each node had both served as server, for other nodes provide service, also enjoyed the service that other nodes provide simultaneously.
Why P2P can be approved widely by the whole world, is because it has traditional C/not available advantage of S pattern:
(1) decentralization: resource in the P2P network and service are dispersed on all nodes, and the realization of transmission of Information and service is all directly carried out between node, can need not the intervention of intermediate link and server, have avoided possible bottleneck.
(2) extensibility: in the P2P network, along with user's adding, not only Fu Wu increase in demand, the resource of entire system and service ability are also synchronously expanding, and can more easily satisfy user's needs all the time.
(3) robustness: the P2P framework innately has anti-attack, high fault-tolerant advantage.Carry out because service is dispersed between each node, part node or network are destroyed the influence of other parts very little.
(4) high performance-price ratio: along with the development of hardware technology, the calculating of personal computer and performances such as the storage capacity and the network bandwidth grow at top speed according to the mole theorem, by utilizing a large amount of idling-resources in the network, can provide higher calculating and storage capacity with lower cost.
(5) secret protection: in the P2P network, carry out between each node need not through certain concentrated link owing to transmission of Information is dispersed in, the possibility that user's privacy information is eavesdropped and leaked is dwindled greatly.
(6) load balancing: under the P2P network environment since each node be server be again client, reduced requirement to traditional C/S structure server computational power, storage capacity, simultaneously because resource distribution at a plurality of nodes, has realized the load balancing of whole network better.
But in the middle of P2P environment now, a large amount of users is unwilling to provide uploading of resource.Selfish user under the prerequisite that guarantees the local resource download efficiency, can reduce uploading of own resource, to avoid that the performance of own machine is affected as far as possible.And some P2P participant uploads harmful content for one's own profit, even disseminates virus.Therefore need a kind of access control mechanisms when the excitation user provides resource to upload, prevent false and the propagation of fallacious message in the P2P environment.
Also there are many problems in traditional in addition P2P transmission method:
(1), network traffics: because can't be to the shared resource control that conducts interviews, all in theory shared resources can be by all user captures and download, the P2P flow has become the main body of Internet flow, take a large amount of network bandwidths, to a certain degree influenced the application of other Internet.
(2), intellectual property protection: although present most P2P shareware is not stored any backup that relates to the content of property right protection on its Backbone Server; and only be to have preserved each content storage index on the internet; but undoubtedly be; the prosperity of P2P shareware has been quickened the distribution of pirate medium, has improved the difficulty of intellectual property protection.
(3), computer virus spreads unchecked: along with the deep development of the applications of computer network, computer virus increases day by day to the threat of information security.Particularly under the P2P environment, share easily and routing mechanism fast, for some internet worm provides better invasion chance.
Summary of the invention
Technical problem to be solved by this invention provides a kind of P2P transmission method based on role and credit access control mechanism, to solve long-term puzzlement P2P transmission safety problem, network performance problems.For this reason, the present invention by the following technical solutions, it may further comprise the steps:
L), user end to server transmits user certificate information, comprises username information and organization name information in the certificate information,
2), server authentication certificate,
3), server returns the obtainable downloaded resources node listing of this certificate to client, client is set up the P2P transmission each other with the node in the tabulation and is connected,
4), in transmission course, the network traffics of the shared resource that client is uploaded and downloaded according to it are carried out automatic score, and the prompting user carries out manually evaluating score according to the quality of downloaded resources after the end of transmission, the mark of counting corresponds to one and overlaps certificate;
Client is real-time transmitted to server with the automatic score mark, and the manually evaluating score mark sends server to after transmission course finishes;
5), server is stored in its database with mark, and mark is passed to the client of using this certificate; Client is controlled speed of download, the linking number upper limit according to the pairing mark of certificate that uses, at least one above index in the waiting list priority.
Provide the several notions among the present invention below:
Tissue (Organization): tissue is a group user's set, is used for grant a certificate.The combination of it and user name is the major key of certificate, decision user's role.Tissue can be set up by application; A user can belong to a tissue, perhaps belongs to a plurality of tissues simultaneously.
Certificate (Certificate): certificate is one and comprises expressly and the two-part text of digital signature.Wherein expressly part mainly comprises user name, organization name, also can comprise attributes such as certificate issuance time, certificate expired time, certificate cryptographic algorithm information.Digital signature partly is to calculate summary expressly with Digital Signature Algorithm earlier, with cryptographic algorithm summary is encrypted again.
Private key (Private Key): the summary of certificate is partly encrypted with the PKI of rivest, shamir, adelman, in the certification authentication process, use corresponding private key it is decrypted.Private key is then encrypted with symmetric encipherment algorithm, the password of inputing when this symmetric cryptographic key is certificate request.
Control (Role-based Access Control) based on role access: be the notion of between user and authority, introducing the role.User and specific one or more role association; The role is related with one or more authorities.The role can generate or cancel according to the actual needs, and the user can be according to the one's own role of needs dynamically active of oneself when using system.
Based on prestige access control (Reputation-based Access Control): the access control mechanisms based on prestige is a kind of access control mechanisms based on strategy in essence.The overall evaluation that it is contributed in whole transmission course to the user.Service rating embodies by the prestige mark, and manually keeping the score and keeping the score automatically to influence the prestige mark.The prestige mark corresponds to a cover certificate, has determined the credit worthiness of this cover certificate.
Manually evaluating score (Artificial Score): original supplier gives a mark to resource, and it is the assessment to resource quality.The original credit worthiness of user has correcting action to this mark.
Automatic score (Automatic Score): the data volume that the user is uploaded accounts for the quantitative evaluation of the ratio of total transmitted data amount, is the marking to the quantity that resource is provided.The original credit worthiness of user has correcting action to this mark.
The present invention is attached to role and two kinds of access control mechanisms of prestige in the P2P transmission, in order to solve user identity in the conventional P 2P system, authority is uncontrollable, the copyright management confusion, the network bandwidth such as takies in a large number at problem, and is specific as follows:
(1) the present invention uses the entity of certificate as user role, the role that the user name that comprises in the certificate and the pairing of organization name can the unique identification users, thereby decision user's authority.
(2) the present invention uses automatic marking and artificial marking two cover methods to weigh the contribution of user to whole transmission system, thus decision user's credit worthiness.Wherein marking system automatically is the assessment of the user being uploaded the quantity of resource, and manually marking system uploads the quantitative evaluation of the quality of resource to the user.
(3) in conjunction with role and two kinds of access control mechanisms of prestige, the present invention improves traditional P2P model.At first can certificate decision local node obtain the tabulation of peer node.Secondly prestige mark can influence speed, the linking number upper limit of user's download resource, the priority in waiting for resource queue, and obtain bonus point and the weight coefficient when giving a mark for others next time.
The invention provides one under peer to peer environment, carry out safety, efficiently, the system and method for resource transmission controllably.Wherein certificate determines user's role; can control the scope of resource transmission, this not only greatly reduces P2P transmission to the taking of Internet resources, and can resource conservation copyright and privacy of user; only allow to do the user's download that kind of person authorizes, prevent that resource from being obtained arbitrarily.The present invention adopts prestige score strategy in addition, the service of using credit worthiness to decide the user in the P2P environment, to be enjoyed based on the access control mechanisms of prestige, credit worthiness is by acquisition that the quality and quantity of the resource of user transmission is given a mark, the credit worthiness representative of consumer is to the contribution of whole P2P environment, the user who enjoys a good reputation can access service preferably, thereby encourages the user by contributing the credit worthiness that improves oneself more; The publisher that false and hostile content are provided is punished that the user that credit worthiness is low obtains relatively poor service, even can not obtain service, solved false to a certain extent and fallacious message and virus spreading unchecked in the P2P transmission system.
Show with the comparative experiments of traditional P2P transmitting software BitTorrent, BitComet and Emule etc., the system that realizes according to the inventive method is when providing based on role and prestige access control, do not increase extra burden, opposite owing to can adopt technology such as Java NIO in realization, the P2P software of comparing other on efficiency of transmission and indexs such as system resource takies still has certain advantage.
Description of drawings
Fig. 1 is a P2P transmission method architectural schematic provided by the invention.
Fig. 2 is the use and the access control flow chart of certificate of the present invention.
Fig. 3 is the control flow chart of point system among the present invention.
Fig. 4 is a control flow chart of using the score limit speed of download among the present invention.
Fig. 5 is a control flow chart of downloading linking number among the present invention with score limit.
Fig. 6 is the structure chart that influences waiting list priority among the present invention with mark.
Fig. 7 is the schematic diagram that transmission structure of the present invention is realized.
Embodiment
Architecture:
With reference to accompanying drawing 1.This method utilizes the P2P technology to realize the shared transmission of file resource in conjunction with based on the role with based on prestige two cover access control mechanisms.Its architecture wherein mainly contains server end, client and three parts of Web end as shown in Figure 1.
Server end mainly is responsible for the real-time management to system resource.By connecting with client, real-time resource information with client upload, prestige mark etc. are reflected to database.Simultaneously the certificate information of client upload is verified, whether to determine the transmission node client of tabulating.To the prestige mark of client upload, server end carries out correcting process according to uploader credit worthiness originally, to reach the purpose that most accurately reflects user's prestige in addition.
Client mainly realizes the transmission of shared file, is responsible for the management of local shared file in addition, the making of seed and score function.Client must import a cover certificate before the beginning transformation task, it determines whether the user has the right to download this resource.Client can be done kind to the resource file of this locality, and seed is uploaded by the Web end.Client another one major function is to realize certificate marking, be divided into according to this locality upload with the score of data downloaded amount timing automatic and download finish after to the original manually evaluating score of being kind of person.The automatic score mark deposits database in by the client end of regularly uploading onto the server; The manually evaluating score mark then after download is finished by client upload to server end, deposit database in.
Main application and the management of being responsible for user certificate of Web end, user's establishment and management, the application of tissue and management, and seed file function such as upload and download.The user can carry out certificate request at Web end, and by the keeper that ask adding is organized sign and issue by, use for user's download.The Web end can also be created tissue, the leading subscriber certificate.The seed of client making can be uploaded by the Web end, for user's download in addition.And the relevant information of all these functions all can hold real-time update to database by Web.
Method realizes:
One, realizes based on the role access controlling mechanism, with reference to Fig. 2.
The present invention introduces in the P2P transmission course based on the role access controlling mechanism, uses the entity of certificate as user role, realizes the reciprocity transmission method based on the role.
The certificate request process as shown in Figure 2.The user submits certificate request by browser to the Web end, must select to add a certain tissue in application process, application is by this organization and administration person's audit, and Web holds according to approval information, Generate Certificate, the user can land the Web end by browser and download this certificate of use.With reference to Fig. 2, the user's download certificate is after client, and when carrying out resource downloading, client must import earlier certificate, resolves this certificate by client, and certificate informations such as the user name that parsing is obtained, organization name send to server end.Server end is verified according to certificate information.Which tissue is each resource all set when doing kind allows to download this resource, and these scope of organization information stores are in the database of server end.Server end is when verifying, if tissue belongs to this resource and allows the scope of organization downloaded under this certificate, then server end returns this resource node client of tabulating, and the user can be connected with the node in the tabulation, carries out the P2P transmission of this resource; If certificate does not belong to the scope of organization that this resource allows download, then server end returns empty tabulation, and the user can't carry out this resource downloading.
The resource node tabulation is an IP and a port queue that corresponds to a certain resource, and it is illustrated in the node listing of downloading and uploading this resource in the transmission environment.The corresponding state of each node represents whether this node has this resource data in the tabulation.When a node began to carry out a certain resource transmission, IP, port and resource state information were transferred to server end, added the node listing of this resource correspondence.When an initiate node carried out resource downloading, its IP and port also can be added into the node listing of this resource correspondence; And, do not contain this resource data certainly because this node is a new node, so can only download, can't provide and upload.
In the present embodiment, the present invention uses the sign of X509 form certificate as user role, and its content comprises expressly and digital signature two parts.Expressly part mainly comprises attributes such as user name, organization name, certificate issuance time, certificate expired time, certificate cryptographic algorithm public key information.Digital signature partly is the summary of calculating earlier plaintext with the SHAl Digital Signature Algorithm, encrypts with the PKI of RSA Algorithm to obtain again.At last all certificate contents are used the Base64 coding.In certificate information, identifying user role's main information is the combination of user name and organization name.Except certificate, also need a private key that the digital signature of public key encryption in the certificate is decrypted.Private key produces when Web end application certificate, and the password that it is inputed during earlier with the application certificate carries out the DES-EDE3-CBC algorithm for encryption, carries out Base64 then and encodes.Certificate and private key can and be downloaded by visit Web end application and obtain.The X509 certificate format is not unique spendable certificate format, and the present invention can use the certificate format of other types, can use self-defining certificate format yet, only needs the fail safe, the uniqueness that guarantee that certificate uses.
The present invention can use certificate and private key to carry out the user role checking.With the Base64 decoding algorithm private key is decoded earlier, the password of inputing when being used in Web end certificate request then is decrypted private key, obtains the plaintext of private key.To certificate, also be to decode with Base64 earlier, partly be decrypted with the digital signature of the private key of deciphering previously then certificate, obtain summary expressly, then the plaintext to certificate partly obtains summary with the SHAl algorithm computation, and two parts of summaries are compared, if it is identical, the expression checking is passed through, and the user has the right of this cover certificate of legal use, that is to say the authority with this certificate respective user role; Otherwise illustrate that then the user haves no right to use this certificate.
In addition, every cover certificate all has its term of validity.This time is set during by certificate request, and writes in the certificate content when certificate generates.When using certificate, if the current time exceeds the term of validity of certificate, certificate ceases to be in force automatically, and the user returns failure information when certificate is verified.Every cover certificate all must belong to a tissue, and the user who belongs to the certificate of same tissue can be transmitted under default situations mutually.The certificate user name adds the major key that organization name is the unique identification user certificate, therefore also unique role who represents the user.
Two, realize based on credit access control mechanism, with reference to Fig. 3-6.
Access control mechanisms based on prestige is a kind of access control mechanisms based on strategy in essence.It is that quantitatively evaluating is carried out in the contribution of user in transmission environment, and the quality and quantity that is primarily aimed at transfer resource is assessed.The prestige scoring mainly is divided into automatic score and manually evaluating score two parts, and its main flow process as shown in Figure 3.
Wherein automatic score system is mainly assessed the quantity of transfer resource.It is present in client, regularly collects that the user uploads, the data download amount, obtains the automatic score score after handling, and uploads onto the server, and is added to that this uploads the mark of user's correspondence in the database.The score formula that automatic score system uses is as follows.
H in the formula
RExpression user credit worthiness is converted into correction factor by hash algorithm, reflects the influence of original credit worthiness to transfer resource quantity contribution score.Q
Upload, Q
DownloadThe user that expression is regularly collected uploads, the data download amount, and the definition of the present invention is in the present embodiment uploaded the 100M data as a score unit.Formula reflection automatic score mark is directly proportional except uploading data volume with the user, also with upload the ratio that data volume accounts for total transmitted data amount and be directly proportional.
The manually evaluating score system mainly estimates the quality of transfer resource, thus only this resource the most original cooked kind of person's marking, because the data of whole transmission environment are to be provided by it at first.The manually evaluating score system realizes that mainly after a resource was finished in download, client ejected dialog box, allows the user according to own judgement to this resource quality, gives original kind of the person's marking of doing.If the user abandons marking at this moment, also can't do kind of person's marking to this resource again after it.This strategy prevents that mainly the user from being kind of a person to a resource and repeating marking.The mark of present embodiment is divided into Three Estate, " good ", " generally ", " poor "; Be designated as 1 fen respectively, 0 minute and-1 minute.Grade and mark can be revised easily according to real needs.This mark after resource downloading is finished and after user marking finishes, is transferred to server end by client.Server end is revised according to marking original user credit worthiness, and it is consistent with the hash algorithm that automatic score system uses to revise used hash algorithm.The manually evaluating score mark that obtains at last is added to the mark item that this resource in the database is done kind of person's correspondence.
Automatic score mark and manually evaluating score mark at same set of certificate are accumulated in together, obtain one with certificate prestige mark one to one.This mark is obtained from database by server, and is transferred to client, is kept in the internal memory.Client is used the restriction of this mark decision user speed when downloaded resources, the restriction of linking number, features such as the priority of waiting list.
The flow chart of prestige mark decision user's download speed limit as shown in Figure 4.Client uses a cover hash algorithm that described mark is converted into the speed limit of user's download, compares with the speed of download of instant collection; The upper limit if instantaneous velocity outpaces, then transmission suspends a period of time, makes the interior average speed of total time section drop to speed restriction, transmits then next time; If present speed is less than speed restriction, then transmission course continues.
The flow chart of the prestige mark decision node download linking number upper limit as shown in Figure 5.Client uses the cover hash algorithm different with speed restriction that described mark is converted into the linking number upper limit that node is downloaded.The current linking number of client linkage counter record compares with the linking number upper limit that calculates; If current linking number has been equal to or greater than the linking number upper limit of permission, then when sending the transmission connection request, refuses this node this request when other nodes; Current else if linking number then allows other nodes and this node to set up transmission and is connected less than the upper limit.
The prestige mark can also determine the priority of requesting node in waiting list.This process structure diagram as shown in Figure 6.When a local node when other remote nodes send download requests, may be owing on remote node, have a plurality of nodes to ask at that time, so local node is introduced into waiting list.The remote node client obtains the selection mark of local node by the algorithm in conjunction with prestige mark and stand-by period.The employed formula of present embodiment is as follows.
P wherein
SelectMark, P are selected in representative
PrestigeRepresent the prestige mark of requesting node, T
Wait forRepresent the stand-by period of this requesting node in waiting list, the time is unit with the second.Whole formulate selects mark except outside the Pass the prestige mark with node has, also the stand-by period with node relevant, whenever wait for 10 seconds more, the selection mark adds 1.It is long-time to avoid some nodes to wait for owing to the prestige mark is lower like this.
The connection selector of remote node client is according to the order of selecting the queuing of mark decision requesting node; Node with higher selection mark come formation than the front position, have the position after the low node of selecting mark then comes.Node selected in remote node and the formation connects, the transmission data.
Three, transmission realizes, with reference to accompanying drawing 7.
Though each is variant on transmission algorithm for traditional P2P software, but on overall structure, mainly be divided into centralization topology (Centralized Topology), full distributed destructuring topology (Decentrali zedUnstructured Topology), all distributed structure topology (Decentralized StructuredTopology), half distribution topology (Partially Decentralized Topology) etc.Wherein the centralization topological structure is safeguarded and is simply found the efficient height; The structure of use center directory system is found that algorithm is flexible and efficient, and can be realized complex query; But owing to there is central server, cause the single-point bottleneck easily simultaneously, and the problem of copyright aspect.
The realization of present embodiment is based on the centric topology structure, and utilizes access control mechanisms that traditional structure is improved, and realizes a kind of new P2P transmission structure, as shown in Figure 7.
Peer A and Peer B are two nodes in the P2P transmission environment among the figure, suppose that A asks downloaded resources to B.At first the A node is downloaded this resource seed file to local by browser access Web end, and client is gone into seed file in the beginning transmission preamble then.Before beginning transmission, also must import user certificate.Certificate is resolved in client, obtains wherein user name and organization name, and client sends to server end with these certificate informations and the resource information that will transmit then; Whether organization name belongs to the scope of organization that this resource allows download in the certificate information that server end checking A node is uploaded.If the verification passes, return the node listing that has this resource and give A; Otherwise, return the sky node listing.The A node obtains this shared resource file status information that they have according to node listing to wherein each node, is saved in the local internal memory.The shared file state information is made up of a string binary digit, and each corresponds to the existence at this node of a shared resource data block, and 0 expression does not exist, and 1 expression exists.By more local shared file state and the long-range shared file state of collecting, the decision of utilization node selection algorithm sends download request to which node.
Node selection algorithm is according to local resource file status table and remote resource file status table, uses formula
Select wherein 10 nodes of difference maximum, as requesting node.Because the node of these difference maximums must contain the resource data block that maximum this locality do not have.V in the formula
1Represent each of local state table, v
rRepresent each of remote status table, they represent the existence of corresponding data piece respectively.Whole formulate step-by-step is carried out the logical inverse operation to each of local state table, and with the remote status table in the corresponding position of same data block carry out the logical AND operation, step-by-step travels through and the result of calculation of each is added up, and the result who obtains represents the data block quantity that is present in remote node and is not present in local node.
Suppose that B is the node that node selection algorithm is chosen, A downloads a wherein blocks of data to the B request.The B node is uploaded waiting list with the request of A node according to above-mentioned being inserted into according to prestige mark decision priority algorithm.After treating that this asks selected device to be chosen, the B node initiatively connects with the A node, transmission A node institute request msg blocks of data.The A node is saved in local shared file corresponding data piece after receiving data, and upgrades local shared file state.
This method had both kept its advantage on maintenance and discovery search algorithm to the improvement of conventional P 2P centric topology structure, by using access control mechanisms such as certificate and prestige mark, had solved its problem aspect network congestion and resource copyright again; Use distributed server at server end, overcome the bottleneck problem of using single server to cause, provide a safety, efficient, stable transmission environment to the user.
Claims (5)
1. based on the P2P transmission method of role and credit access control mechanism, it is characterized in that it may further comprise the steps:
1), user end to server transmits user certificate information, comprises username information and organization name information in the certificate information;
2), server authentication certificate;
3), server returns the obtainable downloaded resources node listing of this certificate to client, client is set up the P2P transmission each other with the node in the tabulation and is connected;
4), in transmission course, the network traffics of the shared resource that client is uploaded and downloaded according to it are carried out automatic score, and the prompting user carries out manually evaluating score according to the quality of downloaded resources after the end of transmission, the mark of counting corresponds to one and overlaps certificate;
Client is real-time transmitted to server with the automatic score mark, and the manually evaluating score mark sends server to after transmission course finishes;
5), server is stored in its database with mark, and mark is passed to the client of using this certificate; Client is controlled at least one above index in the speed of download upper limit, the linking number upper limit and the waiting list priority according to the pairing mark of certificate that uses.
2. the P2P transmission method based on role and credit access control mechanism as claimed in claim 1 is characterized in that client uses hash algorithm that described mark is converted into the speed limit of client downloads, compares with the speed of download of instant collection; If present speed surpasses speed restriction, then transmission suspends a period of time, and interior average speed of this time period is dropped to below the speed limit; If present speed is less than speed restriction, then transmission course continues.
3. the P2P transmission method based on role and credit access control mechanism as claimed in claim 1, it is characterized in that client uses hash algorithm that described mark is converted into the linking number upper limit of client downloads, with the current linking number of client linkage counter record relatively; If current linking number has been equal to or greater than the linking number upper limit of permission, then when sending the transmission connection request, refuse other nodes this request; Current else if linking number then allows other nodes and this node to set up transmission and is connected less than the upper limit.
4. the P2P transmission method based on role and credit access control mechanism as claimed in claim 1, it is characterized in that when local node when remote node sends download request, remote node can be put into this requesting node in the middle of its waiting list; The remote node client obtains the selection mark of requesting node by the algorithm in conjunction with prestige mark and stand-by period; The connection selector of remote node client is according to the queuing order of selecting mark decision requesting node; Requesting node with higher selection mark comes the more preceding position of formation, has the position of hanging down after the requesting node of selecting mark then comes; Requesting node selected in remote node and the formation connects, the transmission data.
5. the P2P transmission method based on role and credit access control mechanism as claimed in claim 1 is characterized in that Web end application, generation and the download of described certificate in the P2P transmission system;
The user uses browser to submit certificate request to the Web end, and its application information comprises user name, organization name, validity period of certificate, certificate audit mode information, and wherein user name adds the identifying information of the organization name composition certificate of request adding;
The Web end Generates Certificate according to approval information;
The user lands Web end downloadable authentication by browser.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100692835A CN101136916A (en) | 2007-06-11 | 2007-06-11 | P2P transmission method based on roles and credit access control mechanism |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100692835A CN101136916A (en) | 2007-06-11 | 2007-06-11 | P2P transmission method based on roles and credit access control mechanism |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101136916A true CN101136916A (en) | 2008-03-05 |
Family
ID=39160745
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007100692835A Pending CN101136916A (en) | 2007-06-11 | 2007-06-11 | P2P transmission method based on roles and credit access control mechanism |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101136916A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101257387B (en) * | 2008-03-13 | 2010-07-21 | 华耀环宇科技(北京)有限公司 | X509 digital certificate quick analyzing and verifying method |
| CN101335618B (en) * | 2008-07-09 | 2010-09-15 | 南京邮电大学 | Method for evaluating and authorizing peer-to-peer network node by certificate |
| CN101873345A (en) * | 2010-05-27 | 2010-10-27 | 中国科学院计算技术研究所 | Integrated block switching P2P shared-file system and method for motivating seed-providing for other nodes thereof |
| CN101888341A (en) * | 2010-07-20 | 2010-11-17 | 上海交通大学 | Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains |
| CN101888415A (en) * | 2010-06-30 | 2010-11-17 | 创想空间软件技术(北京)有限公司 | Peer-to-peer network user credit system |
| CN102067565A (en) * | 2008-06-17 | 2011-05-18 | 汤姆森许可贸易公司 | System, sharing node, server, and method for content distribution |
| CN101383751B (en) * | 2008-07-24 | 2011-06-22 | 四川长虹电器股份有限公司 | Network downloading method |
| CN101645917B (en) * | 2009-07-17 | 2012-04-04 | 中国人民解放军国防科学技术大学 | P2P network credit management method |
| CN102420690A (en) * | 2010-09-28 | 2012-04-18 | 上海可鲁系统软件有限公司 | Fusion and authentication method and system of identity and authority in industrial control system |
| CN102420708A (en) * | 2011-12-16 | 2012-04-18 | 广东高新兴通信股份有限公司 | Load balancing processing system of service data and method thereof |
| CN102741839A (en) * | 2010-01-28 | 2012-10-17 | 微软公司 | URL filtering based on user browser history |
| CN101710902B (en) * | 2009-12-10 | 2014-03-05 | 北京邮电大学 | Unstructured P2P network, data searching method thereof and index updating method thereof |
| CN104168563A (en) * | 2014-08-15 | 2014-11-26 | 西安电子科技大学 | K-anonymity incentive mechanism based on local reputation storage |
| CN105187405A (en) * | 2015-08-14 | 2015-12-23 | 中国人民解放军理工大学 | Reputation-based cloud computing identity management method |
| CN106657153A (en) * | 2017-02-07 | 2017-05-10 | 深圳市金立通信设备有限公司 | Network data downloading method and terminal |
| CN108055308A (en) * | 2017-12-06 | 2018-05-18 | 北京航天计量测试技术研究所 | It is a kind of to be used for certificate method for uploading of the off-line calibration without handshake mechanism |
| CN108551438A (en) * | 2012-11-01 | 2018-09-18 | 微软技术许可有限责任公司 | X.509, Single Sign-On between different server, which uses, to be verified |
| CN111062055A (en) * | 2019-12-13 | 2020-04-24 | 江苏智谋科技有限公司 | Electronic file sensitive data leakage prevention system and method based on information security |
-
2007
- 2007-06-11 CN CNA2007100692835A patent/CN101136916A/en active Pending
Cited By (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101257387B (en) * | 2008-03-13 | 2010-07-21 | 华耀环宇科技(北京)有限公司 | X509 digital certificate quick analyzing and verifying method |
| CN102067565B (en) * | 2008-06-17 | 2014-02-19 | 汤姆森许可贸易公司 | System, sharing node, server, and method for content distribution |
| CN102067565A (en) * | 2008-06-17 | 2011-05-18 | 汤姆森许可贸易公司 | System, sharing node, server, and method for content distribution |
| CN101335618B (en) * | 2008-07-09 | 2010-09-15 | 南京邮电大学 | Method for evaluating and authorizing peer-to-peer network node by certificate |
| CN101383751B (en) * | 2008-07-24 | 2011-06-22 | 四川长虹电器股份有限公司 | Network downloading method |
| CN101645917B (en) * | 2009-07-17 | 2012-04-04 | 中国人民解放军国防科学技术大学 | P2P network credit management method |
| CN101710902B (en) * | 2009-12-10 | 2014-03-05 | 北京邮电大学 | Unstructured P2P network, data searching method thereof and index updating method thereof |
| CN102741839A (en) * | 2010-01-28 | 2012-10-17 | 微软公司 | URL filtering based on user browser history |
| CN102741839B (en) * | 2010-01-28 | 2016-03-16 | 微软技术许可有限责任公司 | Based on the url filtering of user browser history |
| CN101873345A (en) * | 2010-05-27 | 2010-10-27 | 中国科学院计算技术研究所 | Integrated block switching P2P shared-file system and method for motivating seed-providing for other nodes thereof |
| CN101888415B (en) * | 2010-06-30 | 2015-11-25 | 创想空间软件技术(北京)有限公司 | peer-to-peer network user credit system |
| CN101888415A (en) * | 2010-06-30 | 2010-11-17 | 创想空间软件技术(北京)有限公司 | Peer-to-peer network user credit system |
| CN101888341B (en) * | 2010-07-20 | 2013-02-27 | 上海交通大学 | Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains |
| CN101888341A (en) * | 2010-07-20 | 2010-11-17 | 上海交通大学 | Calculable creditworthiness-based access control method under distributed environment of multiple trusting domains |
| CN102420690B (en) * | 2010-09-28 | 2014-05-21 | 上海可鲁系统软件有限公司 | Fusion and authentication method and system of identity and authority in industrial control system |
| CN102420690A (en) * | 2010-09-28 | 2012-04-18 | 上海可鲁系统软件有限公司 | Fusion and authentication method and system of identity and authority in industrial control system |
| CN102420708A (en) * | 2011-12-16 | 2012-04-18 | 广东高新兴通信股份有限公司 | Load balancing processing system of service data and method thereof |
| CN108551438B (en) * | 2012-11-01 | 2021-06-22 | 微软技术许可有限责任公司 | Using X.509 authentication for single sign-on between different servers |
| CN108551438A (en) * | 2012-11-01 | 2018-09-18 | 微软技术许可有限责任公司 | X.509, Single Sign-On between different server, which uses, to be verified |
| CN104168563B (en) * | 2014-08-15 | 2017-06-27 | 西安电子科技大学 | A kind of K anonymity motivational techniques based on the storage of local prestige |
| CN104168563A (en) * | 2014-08-15 | 2014-11-26 | 西安电子科技大学 | K-anonymity incentive mechanism based on local reputation storage |
| CN105187405A (en) * | 2015-08-14 | 2015-12-23 | 中国人民解放军理工大学 | Reputation-based cloud computing identity management method |
| CN105187405B (en) * | 2015-08-14 | 2018-08-10 | 中国人民解放军理工大学 | Cloud computing identity management method based on prestige |
| CN106657153A (en) * | 2017-02-07 | 2017-05-10 | 深圳市金立通信设备有限公司 | Network data downloading method and terminal |
| CN108055308A (en) * | 2017-12-06 | 2018-05-18 | 北京航天计量测试技术研究所 | It is a kind of to be used for certificate method for uploading of the off-line calibration without handshake mechanism |
| CN108055308B (en) * | 2017-12-06 | 2021-01-05 | 北京航天计量测试技术研究所 | Certificate uploading method for offline calibration handshake-free mechanism |
| CN111062055A (en) * | 2019-12-13 | 2020-04-24 | 江苏智谋科技有限公司 | Electronic file sensitive data leakage prevention system and method based on information security |
| CN111062055B (en) * | 2019-12-13 | 2021-12-24 | 江苏智谋科技有限公司 | Electronic file sensitive data leakage prevention system and method based on information security |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101136916A (en) | P2P transmission method based on roles and credit access control mechanism | |
| Zaghloul et al. | Bitcoin and blockchain: Security and privacy | |
| Bentov et al. | Cryptocurrencies without proof of work | |
| Vishnumurthy et al. | Karma: A secure economic framework for peer-to-peer resource sharing | |
| Shi et al. | Blockchain‐based trusted data sharing among trusted stakeholders in IoT | |
| Jansen et al. | Recruiting new Tor relays with BRAIDS | |
| Kopp et al. | Design of a privacy-preserving decentralized file storage with financial incentives | |
| CN109768987A (en) | A kind of storage of data file security privacy and sharing method based on block chain | |
| Belenkiy et al. | Making p2p accountable without losing privacy | |
| Hamdaoui et al. | IoTShare: A blockchain-enabled IoT resource sharing on-demand protocol for smart city situation-awareness applications | |
| Jansen et al. | LIRA: Lightweight Incentivized Routing for Anonymity. | |
| Ciccarelli et al. | Collusion in peer-to-peer systems | |
| AU2009213839A1 (en) | Distribution of digital content | |
| Kopp et al. | Koppercoin–a distributed file storage with financial incentives | |
| CN113407977B (en) | Cross-chain extension method and system based on aggregated signature | |
| CN112291354B (en) | Privacy protection method for participants of crowd sensing MCS based on block chain | |
| CN115801260B (en) | Block chain-assisted collaborative attack and defense game method in untrusted network environment | |
| CN112231721B (en) | Context-aware trusted security sharing method and system for WoT resources | |
| CN116595094A (en) | Federal learning incentive method, device, equipment and storage medium based on block chain | |
| WO2019168104A1 (en) | Validity management system, validity management method, and program | |
| CN113360951B (en) | Electronic evidence preservation method based on partitioned block chain | |
| Gracy et al. | A systematic review of blockchain-based system: Transaction throughput latency and challenges | |
| He et al. | Blockchain-based p2p content delivery with monetary incentivization and fairness guarantee | |
| Poelstra | A treatise on altcoins | |
| CN102065127A (en) | Cross-layer trust certificate group management mechanism-based trusted P2P file sharing service node selection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080305 |