%0 Journal Article
%T Secure P2P Data Storage and Maintenance
%A Nouha Oualha
%A Melek ˋnen
%A Yves Roudier
%J International Journal of Digital Multimedia Broadcasting
%D 2010
%I Hindawi Publishing Corporation
%R 10.1155/2010/720251
%X P2P data storage requires strong reliability and security assurances. Existing data storage solutions have been designed for centralized as well as distributed settings; yet they do not address the security and cooperation issues raised by self-organization. P2P systems also introduce new needs regarding data availability due to the dynamicity of the infrastructure, which are unaddressed so far. This paper first discusses the approaches for tackling these problems. A solution is then introduced that relies on self-organizing security mechanisms in conjunction with a data rejuvenation scheme using erasure codes. 1. Introduction P2P file sharing systems (e.g., KaZaA [1] and BitTorrent [2]) aim at fairly distributing storage services to the whole community of peers. P2P data storage solutions like Wuala [3], AllMyData [4], and UbiStorage [5] have recently appeared with similar scalability objectives. Such approaches unfortunately do not take the selfish nature of peers into account, even though free riding is a well-known fact in unregulated P2P file storage applications. Selfishness is however much more critical for data storage in that selfish peers may destroy the data they are supposed to store on a long-term basis. Techniques for remotely detecting data corruption or destruction have been analyzed in [6每10], and dedicated cryptographic primitives have been proposed. These studies however do not consider the need for a self-organizing data restoration mechanism, which is however critical after data corruption has been detected in order to achieve storage reliability and availability on the long term. The dynamic nature of P2P systems exacerbates these issues in data storage applications because peers can sometimes be offline while their data still need to be preserved within the network. Achieving scalability requirements in that context requires data storage and verification tasks to be delegated, which has not been addressed in existing systems. This paper is structured as follows: the requirements for a secure P2P data storage and maintenance mechanism are first introduced and its five main phases are described. A threat model is then presented that outlines possible attacks that may compromise such a protocol. A new solution is then introduced for achieving self-organizing remote data integrity checking mechanisms in conjunction with an erasure code-based data rejuvenation scheme. The security of this scheme is finally discussed together with data availability and reliability, the latter being analyzed using an analytic model of the maintenance
%U http://www.hindawi.com/journals/ijdmb/2010/720251/