Attempting to provide a framework for the development of secure peer-to-peer (p-to-p) applications, Intel Corp. have made an open-source library available for free download to companies that are developing p-to-p systems.
Intel's Peer-to-Peer Trusted Library is designed to allow software developers to add elements of security to their p-to-p applications. It provides support for digital certificates, peer authentication, secure storage, public key encryption, digital signatures, and symmetric key encryption.
"Security is one of the primary issues that the whole p-to-p thing will have to address," said Bob Knighten, Intel p-to-p evangelist, at the company's Peer-to-Peer Working Group meeting. "Most companies [developing p-to-p applications] have thought about security, but they all do it differently."
Intel officials said the Peer-to-Peer Trusted Library project is an attempt to spur innovation in p-to-p security by providing the basis for open-source development projects.
The Peer-to-Peer Trusted Library is built upon the Open SSL (Secure Sockets Layer) Tool Kit, officials said. The Open SSL provides low-level certificate support. The Peer-to-Peer Trusted Library makes Open SSL easy to use and more flexible, according to Intel officials.
The p-to-p trusted library is available for download at sourceforge.net/projects/ptptl.
"Getting p-to-p into the hands of end-users is the effort. People can build from this [library] secure p-to-p clients to avoid some of the security problems encountered in p-to-p," Knighten said.