Slashdot Mirror

← Back to Stories (view on slashdot.org)

Putting P2P To Work

Posted by ryuzaki0 on from the it's-all-data-anyhow dept.

An anonymous reader writes "Looks like some folks at IBM have had moderate success in getting P2P adopted within the corporate enterprise. One new paper on the site describes experiences in deploying a decentralized search network spanning machines in 43 countries. Another describes a system for peer-to-peer sharing of dynamic web applications instead of static files. The idea is to support development and distribution of simple modules that themselves form meta p2p networks. Neat."

11 of 131 comments (clear)

  1. Security? by cscx · · Score: 5, Interesting

    What stops you from doing a man-in-the-middle attack, as so to speak? I.e., what assures the integrity of the original files, and how do you know that you're obtaining an authentic file?

    1. Re:Security? by JohnFluxx · · Score: 5, Interesting

      No no - look you just sign everything with pgp. The host has to inherently trust _someone_, so the key they trusts signs someones key who signs someone elses key and so on until you have a chain of trust to the signature on the pgp file.

      One way of doing this practically is to joe-bloggs sign his new files with his keys. Then some main server checks over it all, and signs his keys. Then you client get: 1) the file 2) the pgp signature of the file 3) the pgp signature from the main server of the pgp key

      This involves having a main server, however you don't need to talk to it.

      You need some way to make a chain of trust, and a central server/group of servers that everyone trusts is the easiest way.

      JohnFLux

    2. Re:Security? by Bert690 · · Score: 5, Informative
      Every YouServ node is granted an SSL certificate from an integrated certificate authority, and uses it for support of HTTPS/SSL. Use of HTTPS guarantees there is no man in the middle.

      YouServ is a bit different than traditional P2P apps most people are familiar with. For one, there is accountability: Every one of the files you share has YOUR NAME embedded within the URL required for accessing that file, even if that file resides on another machine at the time of download (e.g. from the ability to replicate your site to other machines). Unless you don't value your job, you'd be highly unlikely to use this system for sharing porn / MP3's / etc, a point made in the paper on the search function.

      Two, it's not just for sharing files that are world readable. It's also for sharing stuff with only designated users and groups. Every node is tied together by a single sign-on infrastructure so you can use one and only one password to access secured content on any node, without the possibility of malicious nodes sniffing and stashing your password.

      Third, it's at its core web compatible. You access the network with a regular web browser. There s no need to install spyware riddled clients to get at anything. Each node provides a web accessible search interface for searching the globally shared content or site-specific content. You only install the software if you want to host stuff.

  2. As the linked webpage says... by kaosrain · · Score: 5, Insightful

    As the linked webpage says, we've already had a story on this here. All that is different is a new version (and name) of YouServ, and that the currently active users number has risen from 900 to 5,000. Good job to the guys at IBM, and keep up the good work!

  3. I can smell the synergy by mr_gerbik · · Score: 5, Funny

    What they need to do is synergize by making more robust b2b real-time applications using p2p e-solutions.

    1. Re:I can smell the synergy by capnjack41 · · Score: 5, Funny

      You've been using the Web Economy Bullshit Generator, haven't you!

  4. Coming into its own by dirvish · · Score: 5, Interesting

    First academia starts contributing to peer to peer development, now it is being used as a business app. Looks like the folks who would love to see p2p dissapear are out of luck.

    --
    FoundNews.com - get paid to blog.,
  5. Other Upcoming Uses by Superfreaker · · Score: 5, Interesting

    Well,
    Earlier I posted to /. on a DRM solution I was deploying for a major record label. Some of you also know that these labels are paying companies to distribute files that look like real audio files, but turn out to be ads, or silence.

    With the system I built, they are going to give downloads of actual music files protected by DRM on these p2p networks, where upon playing it, you will be prompted for payment. You can make payment in the licensing window of WMP. It should be noted this only works for .wma files and not mp3's. However, most p2p users use apps like kazaa where selecting "audio" files will return wma's.

    It will be interesting to see how this works. It can obviously be circumvented using one of the DRM hacks, but I'm sure at least some will buy the files. Especially those on dial up who spent 15 minutes to get one song.

    Is it evil? Sure. Not as evil in my mind as those companies that distribute silence or ads on these networks. Please understand, I have all the same feelings as the concensus here has. But this is a necessary step for the industry to get with the times. The DRM at least will have unlimited play, cd copy, and move to portable device.

    Baby steps. Slow and steady wins the race.

  6. I don't get it by papasui · · Score: 5, Funny

    You'd think a huge corporation like IBM would have enough copies of 'Jenna's built for speed' to around so employees wouldn't have to share DiVX's. Damn ecconomy.

  7. Hooray by toomz · · Score: 5, Funny

    At the rate P2P is going people will be able to use 100% of my CPU power and hard disk space to remotely code DivX files reliably in just a few years!

    --
    If a chair is thrown in a forest, and there are no witnesses, did Ballmer still do it?
  8. Re:For a real challenge, try P2P-ing the database by Bert690 · · Score: 5, Informative
    As a developer of the system, I can tell you that a p2p database is not, nor will it be, one of the goals of YouServ.

    The system is intended for personal web hosting, that is, for use by mostly non-technical users for sharing files, creating web logs, guest books, and so on, using their own hardware (and that of their friends). In no way are we trying to provide p2p solutions to business class functions such as serving an online store (though I agree it would be cool if someone did that).

    Indeed the existing plugins are simple (my development time has been limited and this component is very new), and at this point are intended only to demonstrate the API features. But even quite simple plugins, if they cooperate across multiple machines, can do some very cool things, a few examples of which are proposed in the paper: sharing files on multiple other p2p networks, distributed content caching ("akamai for free"), cooperative weblogging, and so on. Again, you woudln't use this to build a high-traffic online store, but it does give you many new and easy to use ways to enhance and publish your own (web) content.