P-to-P revisited as a business application
- 26 August, 2002 07:43
With the death of Napster, P-to-P technology seems to have dimmed as the protracted fight between Napster and the United States' federal government fades from the news headlines. The recent death of Gene Kan, a major P-to-P evangelist and an original designer of a P-to-P protocol called Gnutella, also dealt a blow to the P-to-P movement. However, development of P-to-P technology is still on going in the background.
P-to-P technology can be defined in many ways, but on a basic level, it is a class of applications that takes advantage of resources such as storage, cycles, content and human presence that are available at the edges of the Internet. P-to-P computing exploits the sharing of computer resources and services by direct exchange between systems. These include the exchange of information, processing cycles, cache storage, and disk storage for files without going through a separate server.
A main concern is that accessing these decentralized resources would mean a need to operate in an environment of unstable connectivity and unpredictable IP addresses. Hence, P-to-P nodes must often operate outside the DNS (domain name system) system and have significant or total autonomy from central servers.
In a peer-to-peer architecture, computers that have traditionally been using solely as clients communicating with a server will act as a client and a server depending on the needs of the applications. The P-to-P network can be an ad hoc connection for a couple of computers or a permanent infrastructure. It can also be a huge project in which special protocols and applications are used to set up direct relationships among users over the Internet.
Popular among users, instant messaging such as ICQ, Yahoo Messaging can also be grouped under P-to-P computing. But like Napster, some quarters do not consider them pure P-to-P, as there is a need to register with a central server before connecting to other peers directly to exchange messages and files.
Besides Napster, another P-to-P file-sharing system that uses the Internet is the Gnutella protocol. Gnutella-compatible end user applications create what is called a Gnutella servent when installed on an end user's PC. When logged on to the Internet, servents announce themselves to other servents and also propagate search requests for files housed on user hard drives. The query results are presented to the user via the servent application, the user selects the file he wants and then downloads it over the Internet directly from the PC housing the file.
Presently, most people still associate the term P-to-P with just file sharing and the problems organizations have had with bandwidth exhaustion and legal copyright challenges. However, P-to-P can be viewed as more than just file sharing but as another form of distributed computing architecture.
Research organization IDC believes that we are entering into the fourth generation of distributed computing technology according to Dan Kusnetzky, vice president, System Software, IDC.
"Generally," said Kusnetzky, "networking technology is inserted between one or more application components such as user interface processing, application rules processing or logic, data management, and/or storage management."
Unlike the familiar file sharing model, P-to-P is more than just a universal file sharing model. Business applications for P-to-P computing can fall into a few scenarios such as collaboration, edge service as well as distributed computing and resource.
P-to-P computing allows individuals and teams to collaborate in a variety of ways. Collaboration can offer benefits such as increased productivity by decreasing the time for multiple reviews by project participants and allows teams in different geographic areas to work together. It can also decrease network traffic by eliminating e-mail and decrease server storage needs by storing the project locally.
P-to-P computing can help businesses deliver services and capabilities by moving data closer to the consumption fringe of the network, providing edge services.
Distributed computing architectures have gone by many different names and buzzwords since the late 1960s. Terms such as "distributed computing", "client/server computing", "server-centric computing", "Web-centric computing", "grids", "clusters", "farms", and now "Web Services Architectures" have all been used to describe the process of inserting network technology into an application to enhance its performance, its scalability, or make the application resistant to failures of the underlying hardware.
Companies were working on architectures that would now be labelled P-to-P. P-to-P computing is a usage model that was popularized by the success of Napster, Gnutella, and SETI@home. It is due to the availability of inexpensive computing power, bandwidth, and storage that is allowing P-to-P technology to flourish.
A better understood concept for P-to-P, beside file sharing, is that of distributed computing and resources, which is popularized by the SETI@home program. It uses distributed processing to analyze radio telescope data and had attracted more than 2.6 million users who had donated over 500,000 years of processor system time to the hunt for extra- terrestrial intelligence.
The combined power of previously untapped computational resources can easily surpass the normal available power of an enterprise system without distributed computing. The results are faster completion times and lower cost because the technology takes advantage of power available on client systems.
Another promising P-to-P technology is Project JXTA, the project Kan was working on before his untimely demise, started as a research project incubated at Sun Microsystems under the guidance of Bill Joy and Mike Clary.
JXTA provides the protocols for basic functions of P-to-P networking, such as creating, finding, joining, leaving and monitoring groups, talking to other groups and peers, as well as sharing content and services. These functions are performed by exchanging XML advertisements and messages between peers.
Project JXTA is short for juxtapose, meaning, "side by side". Pronounced "juxta", JXTA is a set of open-source P-to-P networking protocols that allows any connected device on the network to communicate, including PC workstations and servers, cell phones and PDAs (personal digital assistants).
As it is based on protocols and not application protocol interfaces (APIs), JXTA works with any language, operating system, hardware and transport protocol. Virtually any network-capable device can be a JXTA peer. Because the underlying network does not have to be TCP/IP (transmission control protocol/Internet protocol), JXTA applications can include Bluetooth-enabled mobile handsets as peers.
The goal of JXTA is to explore a vision of distributed network computing using P-to-P topology, and to develop basic building blocks and services that would enable innovative applications for peer groups. This effort would benefit from expert coders outside of Sun and the project has been released under the Apache Software License. This would encourage other developers to join in the efforts.
The code is available online although it is of prototype quality. It is considered to be usable code, although it has not been through rigorous quality assurance processes and is not supported by Sun. Developers are working with it currently to understand and extend the approach and design, as well as to build their own applications.
Developers who are interested in developing distributed network computing and peer-to-peer applications and various individual programmers are using JXTA to create their own services and applications. As Project JXTA matures, applications written based on the current design and specifications can potentially be used by a variety of users on any connected device ranging from servers to PCs to pagers.
Last May, the Peer-to-Peer Working Group (P2PWG) merged with the Global Grid Forum (GGF). P2PWG was a group created for the advancement and interoperability of peer-to-peer computing. The members as well as the intellectual property of P2PWG will become part of GGF. Through the merger, GGF acquired tools that are essential for the advancement of grid computing as an enterprise computing architecture. Grid computing is a well-established architecture in scientific circles that needs appropriate messaging, load-balancing and security standards before widespread adoption by enterprises.
P2PWG was an independent consortium made up of a wide range of companies such as Intel, Fujitsu and Hewlett-Packard. The work group was working on areas such as firewalls and P-to-P, P-to-P security, P-to-P file services and P-to-P taxonomy.
Most recently, distribution portal McAfee.com hit on the idea of riding on the P-to-P file sharing applications to spread its SecurityCenter tool. The McAfee.com SecurityCenter is a free threat-assessment application that gives its users real time information on the status of Internet threats. It offers security information such as alerts, vulnerability checks and McAfee's World Virus Map. It also allows easy sign-on for McAfee.com's subscription-based security services such as managed antivirus and firewall. Each installation of SecurityCenter is designed to be a node in a network that exchange data with a central database that tracks ongoing attacks and virus outbreaks in real-time.
SecurityCenter will be included as an optional component with P-to-P applications such as Morpheus and Optisoft Blubster, a Spanish Napster-lookalike. It is believed that with this new distribution avenue, McAfee.com will gain one million new SecurityCenter installations in Q3 alone.
"This is just another form of distributed computing which might make better use of available network bandwidth," said IDC's Kusnetzky.
An interesting aspect, according to Kusnetzky, is that rather than seeking updated software at McAfee.com all the time, the software might be found on an adjacent computer in an organization's own network.
This would mean that version updates could flow into an organization's IT infrastructure without requiring each user to seek out, download and install the updates himself.
It also offers the potential for significant privacy and security problems within an organization. Kusnetzky believes that many organizations would not want their systems going out on the network and updating themselves. These organizations would be more comfortable with a process they could support.
"If security is handled properly, SecurityCenter could be an effective channel," said Chuang Shyne Song, general manager of RadianTrust, an IT security service provider that is spun off from CrimsonLogic. "However, if the downloadable content cannot be verified by a user, this could have adverse effects, especially if -attackers distribute harmful versions of the software."
But, with the proliferation of P-to-P file swapping applications, there come worms such as the Gspot.exe worm, which are designed specifically to spread over P-to-P networks. Gspot.exe is a worm that pretends to be whatever file users are searching for on the Gnutella network.
Although there is a lack of a central authority, there are methods whereby P-to-P network can be better secured if enough effort is expended. "P-to-P network can be secure. Mere mortals and security gods have relied on PGP (pretty good privacy) - something without a central authority - for quite some time now to address secure e-mail and privacy needs," said Chuang.
"The recent security issues discovered in PGP do not change our position above," added Chuang.
Although every layer of a P-to-P network needs to be secured, Chuang believes that the focus should be on the application layer followed by the system layer (operating system level).
"Application security is critical since the P-to-P software will be accepting connections and communicating with other peers from around the world," he said. "If we have a room with a window that is accessible to anyone on this planet within seconds, we would want the room to be compartmentalized from the rest of our home. Whether this is done via secure coding at the application level, system hardening or compartmentalization at the operating system level, or techniques like sandboxing, is left to be seen."
Yet this application as a distribution network had been sullied by the appearance of "sneakware."
The popular Kazaa file sharing network is reaping fees for allowing a partner to piggyback its software on downloads of Kazaa's client. Potentially, millions could find their PCs' bandwidth and hard disk space siphoned for different projects, just because they downloaded the client for a music- and file-swapping program.
Consumer complaints erupted after the disclosure in April that Kazaa users were unknowingly downloading a "sleeper" program from Altnet, now a business partner of Sharman Networks, which recently acquired Kazaa software and the Kazaa.com Web site. Since the bundle began in February, the size of the file sharing network has grown tremendously and accounts for a majority of downloads of Altnet software.
When a user connects to the Kazaa network, it will activate a program called SecureInstall, which comes with the Brilliant Digital's B3D projector, a multimedia banner ad technology that is also automatically downloaded with the Kazaa client. Kazaa will prompt the user to upgrade to a new version of the Kazaa Media Desktop. Then, Brilliant Digital's SecureInstall will launch the download of a program to access the Altnet network.
Altnet is actually both a software program and the access point to a parallel peer-to-peer network that runs concurrently with Kazaa. Kazaa uses the FastTrack network to share its files with Altnet being independent of Kazaa and could function even if Kazaa or the FastTrack network is shuttered.
In order to pacify the users, Brilliant introduced an Altnet "rewards program", enticing customers to swap PC bandwidth and hard drive space for points that can be redeemed by e-merchant partners when the users download advertisements for later playback.
The scheme includes the opportunity to become a participant in the Altnet distributive computing platform. Brilliant Digital will run "distributed computing" applications over the Altnet network, drawing on users' PC processing power when the PC is idle. Kazaa tried to answer consumer concerns by changing its policies so that no personally identifiable information is collected by any of its partners.
Yet there are still more altruistic uses for P-to-P computing in other sectors. An anthrax research project being conducted by Oxford University with the help of Intel, Microsoft and United Devices demonstrates how the computing power companies have at their disposal could be applied to research projects.
The Anthrax Project creates a virtual supercomputer by tapping into spare processing power offered by Internet-connected volunteers. The goal is to screen 3.5 billion molecules to identify those that are likely to bind to a protein known to mediate anthrax toxicity and hopefully inhibit the toxicity. Likely molecules identified through the virtual screening process will be examined in more detail in the lab.
United Devices' contribution to the projects is its distributed computing platform. Microsoft, through its .NET architecture, brings an underlying enabling technology for conducting distributed computing over the Internet. Intel, through its Intel Philanthropic Peer-to-Peer Program, brings in its P-to-P computing expertise.
Intel is also sponsoring Alzheimer and protein folding projects. Combined, the four research programs have more than 1 million computers that have contributed more than 700 million hours of processing time.