Enabling Secure Communication over Existing Peer-to-Peer Frameworks

Abstract

Peer-to-peer technologies are, due to their distributed nature and the absence of a single point of failure, most promising in the field of providing privacy and security if appropriate mechanisms are in place. Currently security and privacy in peer-to-peer networks is tightly bound to specific frameworks. In this paper a flexible and modular approach for existing peer-to-peer frameworks to enable a secure communication using well-established and proven protocols and algorithms called SP2P is proposed. An interoperability layer is introduced where existing peer-to-peer frameworks, transport security protocols, different types of identities and appropriate identity authentication services can be plugged in seamlessly. The identity authentication service is designed to be compatible with existing quality level assurance frameworks which can be chosen depending on the deployment environment and requirements. Further the different components of end-to-end security protocols and their impact on the overall security and privacy level is analysed. This enables developers to use proven and well established security mechanisms without diving in the very specifics of different peer-to-peer framework specifications.