Flexible security in peer-to-peer applications: Enabling new opportunities beyond file sharing

The widespread adoption of P2P applications in environments beyond ordinary file sharing demands the fulfillment of several security requirements. Important steps have been taken towards security in P2P systems, with relevant mechanisms being proposed in the past to address specific vulnerabilities. However, existing approaches lack flexibility, since they do not (include enough mechanisms to) tackle a wide range of requirements in an integrated fashion. In addition, they oblige the user/application to manipulate a complex programming interface, as well as going through a cumbersome configuration process. To address these issues, we present P2PSL (P2P Security Layer), a software architecture that allows gradual and flexible integration of security functionality into P2P applications. To show concept and technical feasibility, we have implemented P2PSL, assessed the overhead it induces, and estimated the feasibility of incorporating the layer into two categories of real world P2P applications. 2007 Elsevier B.V. All rights reserved.