Security Management Strategies for the CIORequires Free Membership to View
P2P has more uses than just sharing files such as music, videos and games, as is commonly thought. It can also include Instant Messaging (IM) and grid computing architectures. In either case, the two biggest issues, to start, are confidentiality and authentication.
A Web of authentication needs to be set up so only trusted clients can communicate with each other. First, since multiple clients can access each other, without a central authentication server, the system has to have a way for two clients to authentication each other when communicating. This can be done through certificates or key exchanges, for example.
Confidentiality is best protected by encrypting the traffic between the peers once they authenticate each other. Again, key exchanges and agreed upon encryption protocols for the system can be used for this purpose, similar to the way SSL works.
Since P2P networks contain a mix of clients, not always designed for heavy traffic like a dedicated server, they can also suffer from availability issues. Some P2P networks can't handle the loads of their stronger client-server cousins.
Finally, P2P networks can be a den of malware and spread viruses among their clients. They should be carefully monitored for unwanted traffic from outside the network and usage policies should be in place restricting the types of files they can transfer and to which networks they can connect.
More information
This was first published in November 2005
Join the conversationComment
Share
Comments
Results
Contribute to the conversation