Distributed computing and peer-to-peer systems face a host of security issues. In addition to traditional concerns, this architecture also must address challenges unique to P2P architecture. Fundamentally, Internet P2P applications are built out of computers that do not trust each other and to succeed, must operate as part of an untrusted and hostile network. We will discuss the security issues surrounding of P2P systems, both charting the problem areas and discussing solutions. The talk will include real-world examples based on the customer, participant and architecture issues addressed by Popular Power as it builds a secure distributed computing platform, with lessons generalized to Internet-based P2P systems.
Specific topics that will be covered include:
- The importance of reputation for establishing trust
- Methods for securely executing untrusted code
- Protecting secrets while sending them to untrusted systems
- Navigating the firewalled Internet
- Applicability and limitations of cryptographic techniques
- Building ?safe? distributed systems - how to prevent your P2P app from becoming a distributed denial of service tool