Perl, POE, Peers and Paranoia

By Alexander Zangerl and Robert Barta.

Published by The Open Source Developers' Conference Papers

Format	Price
Article: Electronic	Free Download

P2P-based file replication is a proven approach to providing
cooperative robust backup for data: If one peer does not have a specific
datum, another one might. Given enough peers participating, the overall
system survives isolated failures.

Applying this approach to distributed File Integrity Checking (or similar
security-sensitive areas) implies that current and untampered
file fingerprint information has to be distributed
among the peers in such a way that a limited number of malicious peers
cannot subvert or sabotage the overall system.

As a proof-of-concept, such a system has been implemented in Perl using POE
as asynchronous platform. Authentication and message integrity layers were
implemented using a Perl interface to GnuPG.

This talk presents at first the goals and concepts underlying the
overall system. It then outlines some deployment scenarios and further
areas of opportunity for such a system.

The second part of the talk focuses on development experiences
and implementation issues, specifically those concerning POE and various
Perl Crypto packages.

Keywords:	Perl, Security, P2P, Unix

Article: Electronic (PDF File; 429.021KB). Published by The Open Source Developers' Conference Papers.

Alexander Zangerl

I'm teaching Unix system administration, computer security and a few other IT subjects at Bond University, QLD; Making and using open-source tools is a daily part of my work and life. Before moving to Australia in 2001, I've worked in Austria as a software designer and developer, systems and network administrator and security consultant and managed to cram in a university education at the Technical University, Vienna, as well. The proposed talk is a summary of the practical parts of my ongoing PhD work. In my Copious Free Time I risk my neck by flying paragliders and my sanity by contributing to the Debian Project.