Skip to Main Content
At present, the maturity of the peer-to-peer (P2P) research field has pushed through new problems such as those related with security. For that reason, it is important to provide security mechanisms to P2P systems since security is one of the key issues when evaluating them. The JXTA-Overlay project is an effort to use JXTA technology to cater to a generic set of functionalities that can be used by developers to deploy P2P applications. However, since its design focused on issues such as scalability or overall performance, it did not take security into account. This paper proposes a security framework specifically suited to JXTA-Overlay's idiosyncrasies. The main features of the proposal presented in this paper include a completely modular approach which may cater to a broad set of scenarios, an effective secure key distribution method, and a hybrid key-authenticity scheme which balances the need for meaningful information at the end-user level and simplicity at the lower middleware layers.