Peer-to-Peer by Andy Oram

Jon Udell, BYTE.com, and Nimisha Asthagiri and Walter Tuvell, Groove Networks

Security is hard enough in traditional networks that depend on central servers. It’s harder still in peer-to-peer networks, particularly when you want to authenticate your communication partners and exchange data only with people you trust. Earlier chapters stressed protection for users’ anonymity. The need to assert identity is actually more common than the need to hide it, though the two are not mutually exclusive. As shown in Chapter 16, systems that assign pseudonyms to users need not absolve users of responsibility. This chapter touches on the interplay of identity and pseudonymity too, but will mainly focus on how to authenticate users and ensure they can communicate securely in a peer-to-peer system.

At Groove Networks Inc., we’ve developed a system that provides a type of strong security consistent with Groove’s vision of a peer-to-peer system. The details are described in this chapter. We hope that our work can serve not only as proof that traditional conservative security principles can coexist with a novel distributed system, but also as a guide to developers in other projects. Groove is a peer-to-peer groupware system. Before we focus on its security architecture, we should first explain its goals and the environment in which it operates. Using Groove, teams of collaborators form spontaneous shared spaces in which they collect the documents, messages, applications, and ...