《对等网络文件分发系统的接入权限控制》由会员分享,可在线阅读,更多相关《对等网络文件分发系统的接入权限控制(65页珍藏版)》请在金锄头文库上搜索。
1、华中科技大学 硕士学位论文 对等网络文件分发系统的接入权限控制 姓名:阿米路 申请学位级别:硕士 专业:信息与通信工程 指导教师:左冬红 2010-05-25 华 中 科 技 大 学 硕 士 学 位 论 文 华 中 科 技 大 学 硕 士 学 位 论 文 I 摘 要 近年来,对等(Peer-to-Peer,P2P)传输技术在 Internet 上的文件分发中得到了 广泛的应用。P2P 技术采用分布式的架构,节点之间可以共享他们的处理能力、存储 设备和带宽等资源,所有的内容可以直接被节点获得而不需要经过中间服务器。许 多公司采用 BitTorrent 来分发软件, 以减少客户下载时间, 减轻服务
2、器的负载。 然而, 现有的 BitTorrent 协议无法对非法内容的传输和分发进行管理, 也无法保护所分发内 容的版权。如何对基于 P2P 协议进行分发的内容进行管理是近年的研究热点。本文 将实现一个基于 BitTorrent 协议、具有内容管理功能的文件分发系统。 该系统实现了用户认证、权限管理和种子文件加密的功能。用户认证可以防止 非认证用户进入系统进行文件的分发和共享,所有的用户必须向管理员注册,获得 分配的用户名和密码后才可以使用该系统。权限管理为每个注册用户分配不同的权 限,系统根据用户信息判断用户权限,登录用户只能得到权限允许的内容。为了使 用户获得的种子文件只能被该用户使用,系
3、统对所有种子文件进行加密,这样,其 他用户无法用该种子文件进行下载,从而进一步提高了系统的安全性。 种子文件的加密过程采用对称加密算法。由于对称加密系统中加密和解密采用 同一个密钥,获得该密钥的用户可以解密种子文件。为了进一步提高加密的安全性, 系统中采用非对称加密算法加密对称密钥,用公钥加密对称密钥,从而使只有拥有 特定私钥的用户才能得到对称密钥进而解密种子文件。 本论文的组织结构如下:第一章介绍论文的主要内容,第二章将介绍 P2P 文件 分发系统的原理,第三章和第四章描述系统的设计与实现,第五章对该系统进行测 试并给出结论,最后,第六章对已实现的系统作一个总结并给出完善该系统的建议。 本论
4、文提出了一种在 P2P 文件分发系统中进行内容保护和权限管理的方案并实 现了一个具有管理功能 P2P 文件分发的系统,利用该系统,可以防止未授权用户非 法访问系统获得文件共享权利,从而提高了系统安全性。 关键字:关键字:对等文件分发系统,访问权限管理,加密 华 中 科 技 大 学 硕 士 学 位 论 文 华 中 科 技 大 学 硕 士 学 位 论 文 II ABSTRACT The Internet is a place where communication take place in a high level (worldwide), users interchange informati
5、on, but the flow of information from one side to another one must follows some rules and regulations called protocol. In our thesis we will explore the distributions file system and the protocol is BitTorrent. This last five years, Peer-to-Peer (P2P) technologies have become very popular. The P2P sy
6、stem is a distributed network architecture, where members share their own resources, such as processing power, storage capacity, or network bandwidth. The service or content provided by the P2P network is accessible by other peers directly, without passing intermediary entities (such as servers or s
7、table hosts). Many organizations use BitTorrent to distribute their software in order to reduce client download time and reduce the load on their servers. In the process of files sharing there are many illegitimate contents one can download via BitTorrent, and the protocol does not provide the prote
8、ction against downloading content with copyright or individual properties. This lack of content protection is a big issue, and has been a subject of research area. Therefore our main objective is to implement a system using BitTorrent protocol that will discriminate some users who are not members. O
9、ur system has been developed to alleviate difficulties in sharing torrent file within members, it will provide some securities such as user identification, authentication, authorization and torrent file encryption. The identification and authentication is used to check the user that is login to our
10、system, in order to ban unwanted users. Here the user must register and wait for the administrator to approve, after acceptance the user enters the system using his username and password. Realizing that the given security level is not enough came the idea of authorization. In the authorization the s
11、ystem will provide a control to determining whether an authenticated client is allowed to access some torrent files and perform the task within a security domain. Authorization uses information about a clients identity (access level) to determine the torrent file that is granted to the current user.
12、 Authorization locks out some unwanted users but once the torrent file is in the hand 华 中 科 技 大 学 硕 士 学 位 论 文 华 中 科 技 大 学 硕 士 学 位 论 文 III of the user the protection is vanish, so for that reason we introduce the encryption aspect. Encrypting our torrent file will provide more security for the conten
13、t protection. The encryption process is done using symmetric algorithm, since Symmetric cryptography uses a single private key to both encrypt and decrypt torrent. Any user that has the key can use it to encrypt and decrypt torrent, yet the protection is not complete. To provide a complete solution
14、to that security issue we have to use the asymmetric encryption to protect the symmetric key. Another user can not have access without the private key. The aim of this Thesis is to indicate how to protect data that are transfer using peer-to-peer file sharing system using BitTorrent protocol. Our sy
15、stem provides (private data and copyright file) protection against unauthorized individual, those contents can be share without the fear of being sued. Keywords: Peer-to-Peer Distributed System, Access Right Control, Encryption. 华 中 科 技 大 学 硕 士 学 位 论 文 华 中 科 技 大 学 硕 士 学 位 论 文 VII List of Figures Fig
16、ure 2.1: Peer-to-Peer Topology.6 Figure 2.2: Web Application Design Issues.10 Figure 2.3: Authentication10 Figure 2.4: Direct Authentication. 11 Figure 2.5: Broker Authentication 11 Figure 2.6: Hybrid Encryption Process15 Figure 2.7: Symmetric Encryption.16 Figure 2.8: Asymmetric Encryption. 17 Figure 3.1: System Bloc Diagram18 Figure 3.2: BitTorrent Architecture19 Figure 3.3: Server Client Interaction22 Figure 3.4: Server Function23 Figure 3.5: Client Function. .24 Figure 4.1: Access
