Today, Peer-to-Peer SIP based communication systems have attracted much attention from both academia and industry. The decentralized nature of P2P might provide the distributed peer-to-peer communication system without help of the traditional SIP server. However, it comes to the cost of reduced trustworthiness and may cause security problems, e.g. privacy leaks, unpredictable availability, etc. In this paper, we investigate on P2PSIP security issues and propose a subjective based trust model that offers trust services during P2PSIP session establishment. The main issues considered in this model include opinion calculation, opinion maintenance, data confidentiality and integrity, message routing, and NAT traversal. After that we implement a typical use scenario to show how our model is exploited to offer the trusted session initiation service and protects the security breaches through the malicious or faulty intermediate peers. We take Chord as the P2PSIP overlay for example in this paper. However, the system is independent of the Chord overlay and is extendable to the other DHT (Distributed Hash Table) technologies.
展开▼
