Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
  • H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L67/00—Network arrangements or protocols for supporting network services or applications
  • H04L67/01—Protocols
  • H04L67/10—Protocols in which an application is distributed across nodes in the network
  • H04L67/104—Peer-to-peer [P2P] networks
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L67/00—Network arrangements or protocols for supporting network services or applications
  • H04L67/01—Protocols
  • H04L67/10—Protocols in which an application is distributed across nodes in the network
  • H04L67/104—Peer-to-peer [P2P] networks
  • H04L67/1061—Peer-to-peer [P2P] networks using node-based peer discovery mechanisms
  • H04L67/1068—Discovery involving direct consultation or announcement among potential requesting and potential source peers
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
  • H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

• Decentralized networks are known in the prior art in which a majority of connected network elements offer functions and services to other network elements and, on the other hand, can use functions and services offered by other network elements without the need for a central controlling entity.
• a considered network element takes on a case by case role as a server or server over another network element. a role as a client.
• a network element connected to the decentralized network is often referred to as a "peer" in contrast to a conventional client-server classification.
• peer-to-peer networks or, in short, as P2P networks.
• decentralized network does not generally exclude the existence of centralized instances. Also on mixed forms of networks, where certain tasks on a central instance or. Server are relocated, is called decentralized network or. P2P network, as far as in these networks, no server is maintained over which any communication relationship between two network elements is to lead.
• DHTs distributed Hash Tables
• resource encompasses data of all kinds, such as information, files, services, etc.
• a hash function is used to form the distributed hash tables. The application of this hash function to a resource or to a key term provides a unique hash value resp. Index value for indexing the resource.
• resources are stored locally on derj enigen network elements whose "P2P address", so for example, formed from the IP address (Internet Protocol) and port number of the network element hash value best with the index value of the resource (eg B. Hash value of a search term etc.).
• P2P address so for example, formed from the IP address (Internet Protocol) and port number of the network element hash value best with the index value of the resource (eg B. Hash value of a search term etc.).
• the network elements of this decentralized network authenticate themselves and the data exchange initiated by you with digital signatures and certificates. These certificates are issued in advance by a trusted central certification authority (CA) and kept as a resource in the decentralized network.
• CA trusted central certification authority
• Servers are required to provide created and stored certificates during operation.
• the presence of a valid certificate further serves as a proof of authorization, which is awarded by the certification authority to authorized network elements.
• An authorized network element is, for example, a computer system used by a paying customer.
• a procedure for the revocation of allowances was proposed in the application filed with the European Patent Office on 12 August 2004 with the application number 04019230.4 and entitled "Procedure for ensuring authenticity and / or confidentiality in a P2P network".
• the local procedure is characterized by the provision of certificate revocation lists as resources in a decentralized network.
• data such. B. a user profile of a network element or messages to absent network elements are introduced as resources in the decentralized network, they must be digitally signed by the generating network element.
• the network element calculates an index value (for example hash value) of this data and then signs it with a private key which corresponds to the public key from the certificate of the network element. In addition to the integrity protection, this ensures that only authorized and authenticated network elements can store data in the decentralized network.
• This data record can also be transferred to a collection point for billing.
• a method for collecting accounting data was filed in the filed with the German Patent and Trademark Office on August 23, 2004 application with the registration file 10 2004 040 766.5 and the title »Procedure and arrangement for billing in a decentralized network « submitted. If a network element has certain resources, such as a foreign user profile, messages stored for it, etc. from another network element, it must make a signed request to authorize and authenticate itself. This request can also be used for billing. This allows both access control to the network and consumption-based charging.
• a disadvantage of such a decentralized architecture is that decentralized network elements can be manipulated.
• a manipulation is particularly in the case of purely software - based peers through an examination and modification of the machine - readable instructions of the software or software. Reverse engineering is easily possible. Some possible malicious manipulations are shown below.
• the peer continues to provide its data and services to third parties but does not generate billing information or forwards it.
• a peer authorizes third parties without verification, d. H . without exercising access control to the network, services are available, although they may not be eligible to receive the services.
• a peer suppresses a notification or forwarding of noise and logging information when it receives invalid requests or other problems. Turning off logging itself does not interfere directly with the network, but can be used to prepare for further manipulation. An automatic detection of a peer software manipulated in this respect is complicated since the entire data exchange of a network element would have to be logged.
• a solution of the object is achieved in a communication system with the features of patent claim 1 with regard to its method aspect by a method having the features of the claim and with respect to its device aspect by a network element having the features of claim 14.
• the object is further achieved by a computer program product with the features of Patent claim 15 solved
• the method according to the invention for controlling network elements in a decentralized network in which at least a first part of the network elements at least temporarily provides a service for at least a second part of network elements, sees in a first step a selection of a second network element to be controlled by a first Network element before.
• the first network element may be an otherwise normally operating network element, or else a decentralized control peer whose task is performed in a z. B. cyclic control of other network elements resp. Peers lies.
• the second network element is the network element to be checked.
• the selection of the second network element is z. B. after a cyclic control scheme or after processing a list containing suspiciously working network elements (black list) or also on a random basis. Incidentally, the selection is possible according to any criterion.
• a definition of one takes place
• Request message parameters are simulated parameters, for example a given to the intended control purpose sender address - alias address - the first network element, which does not necessarily have to match the actual sender address of the first network element.
• Other parameters include z. B. a certificate, a request signature, a timestamp, etc.
• An essential advantage of the method according to the invention is the fact that the automated analysis proposed according to the invention, based on request and response messages, has hitherto required time-consuming and labor-intensive ad hoc measures with an on-site inspection of manipulated peer-to-peer Software is unnecessary.
• controlling peer may be an otherwise conventional and hierarchical peer, advantageously no changes in the architecture of the network and no further intervention in the software of other network elements are necessary to implement the method according to the invention.
• an analysis takes place on the basis of the parameters previously stored in the first network element and the parameters contained in the at least one response message.
• This storage is appropriate, in particular in the case of an embodiment of the request message explained below, with valid parameters in order to create an analysis based on contents of the response message in comparison with contents of the request message.
• An advantageous embodiment of the invention relates to an embodiment of the request message with valid parameters, eg. B. proper signature, certificate, timestamp, etc.
• the controlling first network element is entitled to execute these requests and expects a correspondingly correct response.
• the network element to be checked sees this request message as correct and causes a correspondingly correct answer.
• a simulated request for a paid service requires service provision.
• the controlling network element checks this proper billing, which it from a collection point or.
• Verification point confirms. If the first network element does not receive a valid response message or, in the case of a simulated request for a costly service, no confirmation of the charge point, then the peer-to-peer software of the checked second network element has been manipulated with high probability. The result of the analysis is negative in this case. If the data transport in the network is not reliable and messages (UDP packets etc.) can be lost, this check must be repeated several times if necessary.
• An advantageous embodiment of the invention relates to an embodiment of the request message with invalid or erroneous parameters.
• Erroneous parameters are, for example, an expired and / or revoked and / or invalid certificate or a certificate issued by other certification bodies not recognized in the decentralized network.
• Incorrect parameters are furthermore an incorrect request signature, an outdated request with expired time stamp, etc.
• An answer to such invalid request messages must deny a correctly working network element with non-manipulated peer-to-peer software. If the request is answered anyway, a network element with manipulated peer-to-peer software was found. If the request is but not answered, the controlling first network element additionally checks whether an alarm message from the tested network element arrives at a collection point, for example a so-called »logging system «. The absence of such an alarm message can similarly indicate a manipulated peer-to-peer software. Again, if necessary, a repetition of the review may be provided if messages can be lost.
• the FIGURE shows a structure diagram for the schematic representation of a decentralized network.
• a decentralized network P2P comprises a first network element PX and two further network elements Pl, P2.
• Each of the aforementioned network elements Pl, P2, PX holds a certificate C1, C2, CX.
• the certificate CX of the first network element PX can be adjusted for control purposes. changeable.
• a first and a second collection point SV1, SV2 are either arranged outside the decentralized network P2P, as shown, or also-not shown-within the decentralized network P2P.
• Network element Pl works correctly, meets at a subsequent time a valid response message VRP (»Valid Response ") on the testing network element PX.
• the checking network element PX controls in a request REQ to a central billing point SVl a correct billing of requested by the network element to be checked service. If a response RSP from the charging point SV1 indicates that the charge is correct, the result of the analysis with respect to the network element C1 to be checked is positive. The result of the analysis is optionally transmitted to a collection point (not shown).
• Another network element P2 to be checked is to be checked with an erroneous or invalid request message IRQ (»Invalid Request «) initiated by the checking network element PX.
• the simulated request message IRQ contains z. B. an expired and / or revoked and / or invalid certificate or a CX certificate issued by other certification bodies not recognized in the decentralized network. Incorrect parameters are furthermore a wrong request signature, an outdated request with expired time stamp, etc. A positive response to the invalid request message IRQ would have to refuse a correctly working network element with non-manipulated peer-to-peer software.
• a manipulated peer-to-peer software is brought to expiration on the network element P2 to be checked, which is why the invalid request message IRQ is nevertheless answered with a response message IRP (Invalid Response).
• IRP Invalid Response
• the controlling first network element PX additionally checks whether an alarm message from the tested network element arrives at a collection point, for example a so-called "logging system". The absence of such an alarm message indicates same way to a manipulated peer-to-peer software out.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Computer Hardware Design (AREA)
• Computer Security & Cryptography (AREA)
• Computing Systems (AREA)
• General Engineering & Computer Science (AREA)
• Data Exchanges In Wide-Area Networks (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=36096445

Family Applications (1)

Country Status (9)

Families Citing this family (2)

Family Cites Families (9)

• 2005
  • 2005-02-01 DE DE102005004611A patent/DE102005004611A1/de not_active Withdrawn
• 2006
  • 2006-01-30 WO PCT/EP2006/050534 patent/WO2006082177A1/de active Application Filing
  • 2006-01-30 US US11/883,461 patent/US20080253292A1/en not_active Abandoned
  • 2006-01-30 CN CNA2006800037635A patent/CN101112066A/zh active Pending
  • 2006-01-30 JP JP2007553595A patent/JP2008529434A/ja not_active Withdrawn
  • 2006-01-30 KR KR1020077019993A patent/KR20070111506A/ko not_active Application Discontinuation
  • 2006-01-30 AU AU2006210223A patent/AU2006210223A1/en not_active Abandoned
  • 2006-01-30 EP EP06707910A patent/EP1847091A1/de not_active Withdrawn
• 2007
  • 2007-07-17 ZA ZA200705938A patent/ZA200705938B/en unknown

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events