In this chapter, we discuss the security infrastructure provided by the JXTA platform. From the beginning, JXTA was designed with a security infrastructure in mind. This is a big advantage: history has shown that when security is not included in initial architecture, it is far easier for malicious intruders to exploit any security mechanisms that are later added to the system. It is also always more difficult to add security infrastructure after a system has been designed.
Security in a P2P network presents some interesting challenges due to the distributed computing environment, the vulnerability of links (due to multi-hop routing), the dynamic nature of peer interactions, and the lack of a centralized authority. JXTA security requirements are very similar to traditional systems, but the decentralized nature of JXTA makes it more difficult to implement confidentiality, integrity, and nonrepudiation.
Given the organization of the JXTA platform, one can envision a security architecture in which ...