CN1300721C - Method for realizing peer-to-peer network system architecture - Google Patents

Method for realizing peer-to-peer network system architecture Download PDF

Info

Publication number
CN1300721C
CN1300721C CNB021134928A CN02113492A CN1300721C CN 1300721 C CN1300721 C CN 1300721C CN B021134928 A CNB021134928 A CN B021134928A CN 02113492 A CN02113492 A CN 02113492A CN 1300721 C CN1300721 C CN 1300721C
Authority
CN
China
Prior art keywords
entity
peer
online
network
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB021134928A
Other languages
Chinese (zh)
Other versions
CN1447256A (en
Inventor
鄢萍
刘飞
贺德强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHONGQING HAITEKE SYSTEM INTEGRATION Co Ltd
Chongqing University
Original Assignee
CHONGQING HAITEKE SYSTEM INTEGRATION Co Ltd
Chongqing University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHONGQING HAITEKE SYSTEM INTEGRATION Co Ltd, Chongqing University filed Critical CHONGQING HAITEKE SYSTEM INTEGRATION Co Ltd
Priority to CNB021134928A priority Critical patent/CN1300721C/en
Publication of CN1447256A publication Critical patent/CN1447256A/en
Application granted granted Critical
Publication of CN1300721C publication Critical patent/CN1300721C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a method for realizing a peer-to-peer network architecture. The peer-to-peer network of the architecture is arranged on the basis of a TCP/IP protocol, and a logic network without a hierarchical structure comprises abstract peer-to-peer entities; the ranks of the entities are completely equal, and each entity not only serves as a server for providing service for other entities, but also serves as a client for using the service provided by other entities; the concrete realization form of each entity is a specific software instance running on a computer or special information terminal equipment. The method can realize a peer-to-peer network structure of a light load without a central exchange or a central server in both a normal network form and a network with a fire wall or an NAT router, and any entity of the type is authenticated to immediately know whether other relevant entities are online, notify the online entities and notify the other relevant entities of the online information of the entity after being connected to the Internet.

Description

A kind of peer-to-peer network architecture implementation method
One, technical field
The present invention relates to network and communication technique field, be specifically related to a kind of implementation method of peer-to-peer network architecture.
Two, background technology
(P2P is a kind of being used between the different pc users peer-to-peer) to so-called peer-to-peer network, and without the technology of direct swap data of server or service, it allows Internet user directly to use the other side's resource or directly exchanges.Each on-line customer can be directly connected on other user's computer, and the exchange of the line data of going forward side by side is not browsed on the server again and downloaded and do not need to be connected to.Because eliminated intermediate link, the peer-to-peer network technology makes the communication on the network become quicker, more direct.
The software that can realize the peer-to-peer network technology at present has Napstere and ICQ abroad, domestic have OICQ, an Ezpeer etc., wherein the concrete function mode of Ezpeer is: at first, all usefulness that Ezpeer software has been installed can be landed the server of Ezpeer per family, and server can be grasped the archives material that each computer is stored; When a certain user is connected into Internet, can see all other networking user and shared information thereof that this software is housed, behind the keyword that the input desire is searched, the Ezpeer server can be sought other computer informations that stores this class file, be presented at then in this user's the search result, the user is with can directly passing required data down from other users' computer.The transmission of whole data is only carried out between user's computer, and need not pass through the server of Ezpeer, but the connection between the user is not directly, needs the server that is positioned at the center and coordinates.
Existing related invention is existing, but with the present invention fundamental difference is arranged.As patent of invention " system and method for the secret peer-to-peer communications between the program that is used to download (notification number: 1163433) " is to be used for from same secure domain but operate in the system and method for setting up the peer-to-peer communications contact between the computer program on first and second computing machines, the process of setting up of its reciprocity communication is: first computer program moves on first computing machine, send an information simultaneously to second computing machine, the peer-to-peer communications contact is set up in request.When on second computing machine, receiving this information, second computing machine determines whether that second computer program that satisfies the predetermined condition of setting up the peer-to-peer communications contact operates on second computing machine, if second computing machine sends an answer information of accepting this request to first computing machine.After first computing machine was received this answer information, the peer-to-peer communications contact between first and second computer programs of being asked promptly was established.Above-mentioned peer-to-peer network software and the method P2P server when specific implementation or by telecommunications company is realized in the mode of ASP or is set up the P2P server by enterprise oneself in the IDC of telecommunications company and realize, so they are not complete equity, just alleviated load of server, can not break away from server fully, and can not firewall-penetrating and NAT router, also existence trust and safety problem simultaneously.
Three, summary of the invention
The present invention is directed to above-mentioned the deficiencies in the prior art part, proposed a kind of peer-to-peer network architecture implementation method, the technical solution adopted for the present invention to solve the technical problems is:
Peer-to-peer network in this architecture is based upon on the ICP/IP protocol, by the logical network of forming non-hierarchical structure between the abstract peer-entities, the complete equality in status between the entity, each entity is both as the server that service is provided to other entity, as the client of the service that other entity provides of use, the specific implementation form of entity is the specific software example or the special-purpose information terminal apparatus of operation on computers again.
The step of setting up peer-to-peer network between the entity is as follows: (1) newly is connected to the entity A in the network, by udp port one of them entity B in the online entity list of this entity, sends the online announcement information of this entity A of expression.(2) receive the entity B of this information, return one to the entity A of sending information and reply, acknowledge receipt of this information, send a packet to it simultaneously, its content is all online entity titles of knowing of entity B; (3) entity A adds the list of being received the online entity list of this entity; (4) entity B adds entity A the online entity list of this entity; (5) entity A is chosen the online entity of the next one from online entity list, and repeats above-mentioned four steps, until finishing above-mentioned communication process with all online entities.
Communication steps is as follows between the network entity: when (1) need communicate by letter with entity B when entity A, entity A was sent a communication request to entity B; (2) entity B of receiving this information is returned one to the entity A of sending information and is replied, and acknowledges receipt of this information; (3) entity A and entity B consult to be determined by a side wherein as server, the other end is as client, and its selection principle is: if entity A and entity B be all in same transparent network environment, the centre does not isolate fire wall, then entity B is as server, and entity A is as client; If there is and has only one of them entity to be in after the fire wall, then be not in fire wall entity afterwards as server, be in fire wall entity afterwards as client; If both sides all are in after the fire wall and belong to different fire walls, then ask one not to be in fire wall entity C afterwards as the service broker, entity B is as server, and its service is by entity C agency, and entity A is as client; (4) communicate with server and client computer mode between entity B and entity A.(5) behind the Content of Communication end of transmission, initiated to remove services request by entity A, entity B is replied, and communication process finishes.
Implementation method among the present invention is in normal network form and have the peer network architecture that all can realize the light load of no center switch or central server in the network of fire wall or NAT router, and can make the entity connection online back of any the type can know immediately by authentication whether other related entities is online, and the online entity of notice, inform the information that this entity is online.Thereby can make and carry out information interchange and resource sharing between various networking enterprises and the user safely.
The present invention by authentication, authorize and encrypt three key elements and combine and create the peer-to-peer network architecture of a safety.Authentication relates in a network (as the Internet) peer and authenticates they oneself to other peer; Mandate relates to the process that an entity that authenticated is implemented some behavior or visited the permission of some resource of authorizing.In one was used P2P, a peer may be authenticated to be only to visit the part resource of another peer; Encryption relate to intelligible information be converted into a kind of concerning undelegated individual and system the process of indigestible form, deciphering is the inverse process of this process.Encryption can be protected information flowing between peer in an insecure network (as the Internet); and this combines by the safety certification with each peer; can guarantee that swap data can not eavesdropped in communication; if information be digitally signed or added MAC (message authentication code) therein, both sides can also determine that this information was not modified so.
Four, description of drawings
The invention will be further described below in conjunction with drawings and Examples.
Fig. 1 is a synoptic diagram of setting up peer-to-peer network among the present invention between network entity.
Fig. 2 is based on the end-to-end communication flow figure of proprietary protocol among the present invention.
Fig. 3 is a communication process process flow diagram between the network entity that is among the present invention in the different fire-proof.
Five, embodiment
The step of setting up peer-to-peer network between the entity (peer) is as shown in Figure 1: the entity A that (1) newly is connected in the network is sent the online announcement information of this entity A of expression by udp port one of them entity B in online entity list; (2) entity B of receiving this information is returned one to the entity A of sending information and is replied, and acknowledges receipt of this information and requires entity A certification entity B, sends a packet to it simultaneously, and its content is all online entity titles of knowing of entity B.Entity A and entity B are all used the information of a shared key change secret in the verification process; (3) after entity A authenticates entity B, the list of being received is added the online entity list of entity A and requires entity B certification entity A; (4) after entity B authenticates entity A, entity A is added the online entity list of this entity, and come authorized entity A to visit some resource by the mode of distributing to the entity A privilege; (5) before further communication takes place, the passage that these two peer can consult to encrypt between them connects.Then, entity A is chosen next one line entity again from online entity list, and repeats above-mentioned four steps, is connected until finishing above-mentioned peer-to-peer network with all online entities.
The mechanism based on digital signature is adopted in the checking of content between peer-entities, and its process is: (1) as shown in Figure 1, entity A has been set up being connected of a safety with entity B; (2) after they have set up passage, entity A requires a content to entity B, if entity B has been created this content, it will be its digital signature before transmitting this content, if entity B just is distributed on the content that create in other places, this content was signed so; (3) after entity A is received content, it is attached to digital signature on the content with checking.
(Firewall Special Protocol FSP) can make entity behind the fire wall move without restriction and variously use end to end the proprietary protocol on the TCP/IP of being based upon that is proposed among the present invention.Its core technology is the encapsulation again of TCP/IP packet, introduce end-to-end communication process below: as shown in Figure 2 based on this agreement, at first, the application program that is positioned on the outer entity A of fire wall sends a network requests to the entity B that is positioned at fire wall, through after the network layer, packet is by the FSP software processes of this locality, through encoding and being encapsulated into a HTTP packet, send to the HTTP/TCP/IP passage then, arrive entity B by fire wall via 80 ports.In entity B, packet is delivered above FSP software by the HTTP/TCP/IP passage earlier, through the network protocol stack of this entity of decoding back insertion, arrives the application program of entity B at last, just as not passing through fire wall.In FSP, each TCP/IP bag all occurs with the GET request of HTTP or the form of response GET request message, thereby can not cause compatibility issue by fire wall the time.IP bag becomes HTTP message body through the MIME coding, and the TCP header packet information is encoded in the HTTP header after analyzed.Wherein packet is defined as the bundle of any size of being made up of envelope and text.Envelope is a standard format, it comprises: header, source endpoint information (URI form), destination terminal point information (URI form), eap-message digest (being used for the security purpose), the length of message text is arbitrarily, comprises an optional credential (being used for the security purpose) and content.
Specific embodiments of the invention are the application in the product collaborative exploitation of networking, as shown in Figure 3, the LAN (Local Area Network) of oneself is all set up in enterprise 1 and enterprise 2, and link to each other with the wide area network in the external world by fire wall, the computer A and the computing machine B that realize FSP protocol application software are installed belong to LAN (Local Area Network) 1 and LAN (Local Area Network) 2 respectively.Computer A and the computing machine B method in according to the present invention is set up the architecture of peer-to-peer network: because of both sides all are in after the fire wall and belong to different fire walls, then computer A request one is not in fire wall Net-connected computer C afterwards as the service broker, computing machine B is as server, its service is by computing machine C agency, and computer A is as client.Carry out peer-to-peer communications with server and client computer mode between computing machine B and the computer A.After the communication process of computer A and computing machine B is set up, two parties only needs in the product collaborative design process in the various design documentations preservations of oneself or this machine of the being dragged and dropped into Shared Folders, the other side just can conduct interviews to these files, and two parties can also be carried out real-time online communation simultaneously.Can set up the peer-to-peer network relation by above method between all departments in enterprise 1 and the enterprise 2, the business partner, and directly not share and transmission data, file, information, code or multimedia messages etc. by server.

Claims (1)

1, a kind of peer-to-peer network architecture implementation method, the peer-to-peer network that this method realizes is based upon on the ICP/IP protocol, by the logical network of forming non-hierarchical structure between the abstract peer-entities, the complete equality in the status between the entity; Each entity is both as the server that service is provided to other entity, again as the client of the service that other entity provides of use; The specific implementation form of entity is the specific software example or the special-purpose information terminal apparatus of operation on computers; It is characterized in that:
The step of setting up peer-to-peer network between I, the entity is as follows:
(1) newly is connected to entity A in the network,, sends the online announcement information of this entity A of expression by udp port one of them entity B in the online entity list of this entity;
(2) receive the entity B of this information, return one to the entity A of sending information and reply, acknowledge receipt of this information, send a packet to it simultaneously, its content is all online entity titles of having known of entity B;
(3) entity A adds the list of being received the online entity list of this entity;
(4) entity B adds entity A the online entity list of this entity;
(5) entity A is chosen the online entity of the next one from online entity list, and repeats above-mentioned four steps, until finishing above-mentioned communication process with all online entities;
Communication steps is as follows between II, the network entity:
(1) when entity A need be communicated by letter with entity B, entity A was sent a communication request to entity B;
(2) entity B of receiving this information is returned one to the entity A of sending information and is replied, and acknowledges receipt of this information;
(3) entity A and entity B consult to be determined by a side wherein as server, the other end is as client, and its selection principle is: if entity A and entity B be all in same transparent network environment, the centre does not isolate fire wall, then entity B is as server, and entity A is as client; If there is and has only one of them entity to be in after the fire wall, then be not in fire wall entity afterwards as server, be in fire wall entity afterwards as client; If both sides all are in after the fire wall and belong to different fire walls, then ask one not to be in fire wall entity C afterwards as the service broker, entity B is as server, and its service is by entity C agency, and entity A is as client;
(4) communicate with server and client computer mode between entity B and entity A;
(5) behind the Content of Communication end of transmission, initiated to remove services request by entity A, entity B is replied, and communication process finishes.
CNB021134928A 2002-03-21 2002-03-21 Method for realizing peer-to-peer network system architecture Expired - Fee Related CN1300721C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021134928A CN1300721C (en) 2002-03-21 2002-03-21 Method for realizing peer-to-peer network system architecture

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021134928A CN1300721C (en) 2002-03-21 2002-03-21 Method for realizing peer-to-peer network system architecture

Publications (2)

Publication Number Publication Date
CN1447256A CN1447256A (en) 2003-10-08
CN1300721C true CN1300721C (en) 2007-02-14

Family

ID=28048578

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021134928A Expired - Fee Related CN1300721C (en) 2002-03-21 2002-03-21 Method for realizing peer-to-peer network system architecture

Country Status (1)

Country Link
CN (1) CN1300721C (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7496955B2 (en) * 2003-11-24 2009-02-24 Cisco Technology, Inc. Dual mode firewall
US20060004837A1 (en) * 2004-06-30 2006-01-05 Genovker Victoria V Advanced switching peer-to-peer protocol
DE102004047370A1 (en) * 2004-09-29 2006-03-30 Siemens Ag Method for operating an ad hoc communication network and corresponding device
CN100401683C (en) * 2005-07-11 2008-07-09 华为技术有限公司 Method for peer-to-peer resources in network for receiving reports between entities in sub system controlled
CA2633966C (en) * 2005-12-15 2014-04-15 Lehman Brothers Inc. System and method for secure remote desktop access
CN101083581B (en) * 2006-05-30 2010-05-26 明基电通(上海)有限公司 Method and apparatus for controlling multicasting in self-organizing peer-to-peer network
US8533327B2 (en) * 2007-04-04 2013-09-10 Zte Corporation System and method of providing services via a peer-to-peer-based next generation network
CN101123610B (en) * 2007-09-13 2011-04-27 北京交通大学 A mixed distributed overlapped network device and its service registration method
CN101340457B (en) * 2008-08-29 2011-12-14 北京邮电大学 Peer-to-peer network starting method and system independent of central server
CN101534309B (en) 2009-04-14 2013-03-13 华为技术有限公司 A node registration method, a routing update method, a communication system and the relevant equipment
CN101834895B (en) * 2010-04-20 2013-03-06 南京邮电大学 Trust data management method in peer-to-peer network
CN105693508A (en) * 2016-03-01 2016-06-22 苏州艾缇克药物化学有限公司 Method for synthesizing 4-(4-phenylbutoxy) benzoic acid

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6144992A (en) * 1997-05-09 2000-11-07 Altiris, Inc. Method and system for client/server and peer-to-peer disk imaging
WO2001046843A2 (en) * 1999-12-21 2001-06-28 Tivo, Inc. Intelligent peer-to-peer system and method for collaborative suggestions and propagation of media

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6144992A (en) * 1997-05-09 2000-11-07 Altiris, Inc. Method and system for client/server and peer-to-peer disk imaging
WO2001046843A2 (en) * 1999-12-21 2001-06-28 Tivo, Inc. Intelligent peer-to-peer system and method for collaborative suggestions and propagation of media

Also Published As

Publication number Publication date
CN1447256A (en) 2003-10-08

Similar Documents

Publication Publication Date Title
Wang et al. Security issues and requirements for internet-scale publish-subscribe systems
Acquisti et al. Digital privacy: theory, technologies, and practices
US7328247B2 (en) Self-contained instant messaging appliance
Traversat et al. Project JXTA virtual network
US7610332B2 (en) Overlay networks
CN1300721C (en) Method for realizing peer-to-peer network system architecture
JP2011008803A (en) Electronic commerce community network and intra/inter community secure routing implementation
Farrell et al. AAA authorization requirements
CN100596068C (en) Safety multicast method based on protocol of conversation initialization
Abdulaziz et al. A decentralized application for secure messaging in a trustless environment
Liao Design of the secure smart home system based on the blockchain and cloud service
WO2006084331A1 (en) Communication system
CN109067905B (en) Method for realizing decentralized network application
US20010044905A1 (en) System and method for secure data communications
CN111541710B (en) Authentication and authorization method for data content in network and computer readable storage medium
WO2006118535A2 (en) Method and device for transferring digital information
Luís Osório et al. Reliable and secure communications infrastructure for virtual enterprises
WO2004001630A1 (en) Network system and program
JP3472098B2 (en) Mobile computer device, relay device, and data transfer method
Kavakli et al. Addressing privacy: matching user requirements with implementation techniques
Nagy Secure and usable services in opportunistic networks
Barry et al. Instant messaging: Standards, protocols, applications, and research directions
Sniffen Trust Economies in the Free Haven Project
Liu et al. Formal Verification and Security Analysis of AMQP
Pinto et al. HTTP-DTNSec: An HTTP-Based Security Extension for Delay/Disruption Tolerant Networking

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20070214

Termination date: 20130321