http://wiki.cas.mcmaster.ca/index.php?feed=atom&target=Chowkw&title=Special%3AContributionsComputing and Software Wiki - User contributions [en]2026-05-23T07:55:30ZFrom Computing and Software WikiMediaWiki 1.15.1http://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T21:29:52Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks software such as BitTorrent and eMule make it easy for people to find what they want and share what they have. The first idea for using P2P networks are to exchange pirated audio, video, software, and other inappropriate content. An important thing should be noticed that share thing files on your computer with anonymous and unknown users on the public Internet could be dangerous and lead to security problem. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attacks===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Usage===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 17:29, 8 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T21:29:04Z<p>Chowkw: </p>
<hr />
<div>‘‘‘Peer-to-Peer‘‘‘ (or ‘‘‘P2P‘‘‘) networking is a fairly popular networking concept. Networks software such as BitTorrent and eMule make it easy for people to find what they want and share what they have. The first idea for using P2P networks are to exchange pirated audio, video, software, and other inappropriate content. An important thing should be noticed that share thing files on your computer with anonymous and unknown users on the public Internet could be dangerous and lead to security problem. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attacks===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Usage===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 17:29, 8 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T20:08:13Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Network softwares such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. An important thing should be noticed that share thing files on your computer with anonymous and unknown users on the public Internet could be dangerous and lead to security problem. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attacks===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Usage===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 16:08, 8 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T18:59:43Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Network softwares such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. An important thing should be noticed that share thing files on your computer with anonymous and unknown users on the public Internet could be dangerous and lead to security problem. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attack===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Use===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 14:59, 8 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T18:59:20Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. An important thing should be noticed that share thing files on your computer with anonymous and unknown users on the public Internet could be dangerous and lead to security problem. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attack===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Use===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 14:59, 8 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-08T00:07:24Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [4,5]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[1]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [2,7]<br />
<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [6,2]<br />
<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [2]<br />
<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [2]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [7,1]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [1]<br />
<br />
[[Image:Security.gif]]<br />
<br />
<br />
===Attack===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [4]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [4]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [2]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [1]<br />
</ul><br />
<br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [1]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [1]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [3]<br />
<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [3]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [3]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [3]<br />
</ul><br />
</ul><br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [2]<br />
<br />
<br />
===General Use===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing] - Files are stored and served by personal computers of the users.<br />
<br />
*[http://en.wikipedia.org/wiki/VoIP VoIP] - A protocol optimized for the transmission of voice through the Internet or other packet switched networks.<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony] - Provide voice communication over distances, specifically by connecting telephones to each other.<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media] - A kind of multimedia that is constantly received by, and normally displayed to, the end-user while it is being delivered by the provider.<br />
<br />
*Software publication and distribution - Giving out a big software product with P2P networks and therefore peer can get the latest updated of the software.<br />
<br />
*[http://en.wikipedia.org/wiki/Instant_Messaging Instant Messaging] - A real-time communication tool between two or more people based on typed text.<br />
</ul><br />
<br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [2]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [2]<br />
<br />
*'''Education and Academia''' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [2]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [2]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1] Declan, Jarlath, Keith, John, Dan, ''P2P Security'', TCD 4BA2 Project 2002/03, http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
[2]''Peer-to-peer'', March 2008, http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[3]Todd Sundsted, ''The practice of peer-to-peer computing: Trust and security in peer-to-peer networks'', 19 Jun 2002, http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[4] Tony Bradley, ''Peer-to-Peer (P2P) Network Security'', Four Steps To Sharing and Swapping Files Without Becoming a Victim, About.com, http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[5]''PEER-TO-PEER SECURITY: The Dangers of P2P'', Websense, Inc., http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[6]''Those aren’t just files you’re swapping – the dangers of Peer-to-Peer File Sharing'', Websense, Inc., Thttp://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[7]Vangie 'Aurora' Beal, ''All About Peer-To-Peer Architecture'', May 20, 2005, http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
<br />
<br />
--[[User:Chowkw|Chowkw]] 20:07, 7 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T21:16:32Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [3,8]<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [7,3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [8,9]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [9]<br />
<br />
[[Image:Security.gif]]<br />
<br />
===Attack===<br />
<ul><br />
*'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<br />
*'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<br />
*'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<br />
*'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<ul><br />
*'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [9]<br />
<br />
*'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [9]<br />
<br />
*'''Trust''' - Trust is necessary in any distributed application -- P2P applications included. Trust can become a serious issue for P2P applications that distribute processing work to distributed computing nodes and then collect the results. If you trust a node within the network, you might be tempted to trust the content it provides. In some cases, this assumption is reasonable, but not always. '''Trust''' can established by these three standard elements. [4]<br />
<ul><br />
*'''Authentication''' - This process determine which node is in fact who or what that node declares itself to be. [4]<br />
<br />
*'''Authorization''' - It gives an authentication to other node to access some subset of the resource s on another peer. [4]<br />
<br />
*'''Encryption''' - This process coverts understandable information (plaintext) into a form difficult to understand by unauthorized individuals and systems. One use of encryption is to protect the information that flows between peers on an unsecured network such as Internet. [4]<br />
</ul><br />
</ul><br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
===General Use===<br />
Peer-to-peer can be used for:<br />
<ul><br />
*[http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<br />
*VoIP<br />
<br />
*[http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<br />
*[http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<br />
*Software publication and distribution<br />
<br />
*Instant Messaging<br />
<br />
</ul><br />
<br />
===Outside Computer Science===<br />
Peer-to-peer networks have also begun to attract attention outside computer science point of view, especially those deal with large data-sets. [3]<br />
<br />
<ul><br />
*[http://en.wikipedia.org/wiki/Bioinformatics Bioinformatics] - P2P networks can used to run large programs designed to carry out tests to identify drug candidates. A program called [[http://www.proteomecommons.org/dev/dfs/ Tranche] was developed to solve the bioinformatics data sharing problem in a secure and scalable fashion. [3]<br />
<br />
*'''Education and Academia'' - Because P2P networks have fast distribution and large storage space features, many organizations are trying to apply it for educational and academic purposes. [3]<br />
<br />
*'''Military''' - The U.S. Department of Defense has already started research on P2P networks as part of its modern network warfare strategy. However, due to security reasons, details are kept classified. [3]<br />
<br />
*'''Business''' - It is still in the beginning states of using P2P networks in business areas. There are several reasons why companies prefer P2P networks, such as: Real-time collaboration, a process which requires strong computing power, etc.<br />
</ul><br />
<br />
<br />
==References==<br />
[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
<br />
[2]http://www.ibiblio.org/team/intro/search/search.html<br />
<br />
[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
<br />
[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
<br />
[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
<br />
[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
<br />
[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
<br />
[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
[[Streaming Media Technology]]<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 17:16, 7 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T19:01:26Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [3,8]<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [7,3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [8,9]<br />
<br />
The picture below shows the weakness of security when using P2P applications. It shows that these applications are allow to go though the network and the network is now not secure. [9]<br />
<br />
[[Image:Security.gif]]<br />
<br />
===Attack===<br />
<ul><br />
<li>'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<li>'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<li>'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<li>'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<ul><br />
<li>'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [9]<br />
<li>'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [9]<br />
<li>'''Trust''' - <br />
</ul><br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
*[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
*[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
*[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 15:01, 6 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T18:55:49Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. [3,8]<br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [7,3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
The picture below shows the weakness of security when using P2P applications. The picture shows that these applications are allow to go though the network and the network is now not secure. [9]<br />
[[Image:Security.gif]]<br />
<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [8,9]<br />
<br />
===Attack===<br />
<ul><br />
<li>'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<li>'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<li>'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<li>'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<ul><br />
<li>'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [9]<br />
<li>'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [9]<br />
<li>'''Trust''' - <br />
</ul><br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
*[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
*[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
*[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 14:54, 6 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Security.gifFile:Security.gif2008-04-07T18:53:43Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T03:46:40Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. [3] P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. [8] Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. <br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. [7]<br />
The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [8,9]<br />
<br />
===Attack===<br />
<ul><br />
<li>'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<li>'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<li>'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<li>'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<ul><br />
<li>'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [9]<br />
<li>'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [9]<br />
<li>'''Trust''' - <br />
</ul><br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
*[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
*[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
*[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 23:46, 6 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T03:46:17Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. An example for a non P2P file transfer is an FTP server where the client and server programs are quite distinct. [3] P2P networks are generally simpler but they usually do not offer the same performance under heavy loads. The P2P network itself relies on computing power at the ends of a connection rather than from within the network itself. [8] Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. <br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users within the same P2P networking program to connect with each other computers and use sophisticated searching techniques to directly access and download files from one another's hard drives. [7]<br />
The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. There are many kind of P2P networking attacks that cause the security problem and we have some example below. On the other hand, most of the security mechanisms using today are based on secret key, public key or combination of them. below has some introduction of the basic aspects of them. [8,9]<br />
<br />
===Attack===<br />
<ul><br />
<li>'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<li>'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<li>'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<li>'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<ul><br />
<li>'''Secret Key''' - Secret key techniques are based on the fact that the sender and recipient share a secret, which is used for various cryptographic operations, such as encryption and decryption of messages and the creation and verification of message authentication data. This secret key must be exchanged in a separate out of bound procedure prior to the intended communication (using a PKI for example). [9]<br />
<li>'''Public Key''' - Public Key Techniques are based on the use of asymmetric key pairs. Usually each user is in possession of just one key pair. One of the pair is made publicly available, while the other is kept private. Because one is available there is no need for an out of band key exchange, however there is a need for an infrastructure to distribute the public key authentically. Because there is no need for pre-shared secrets prior to a communication, public key techniques are ideal for supporting security between previously unknown parties. [9]<br />
<li>'''Trust''' - <br />
</ul><br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
*[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
*[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
*[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 23:46, 7 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-07T02:55:44Z<p>Chowkw: </p>
<hr />
<div>'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5,6]<br />
[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
<br />
__TOC__<br />
<br />
==What is Peer to Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. A typical example for a non peer-to-peer file transfer is an FTP server where the client and server programs are quite distinct, and the clients initiate the download/uploads and the servers react to and satisfy these requests. [3] Besides file sharing, P2P networks are also used for Distributed Computation or Instant messaging. <br />
<br />
==Network Structure==<br />
Peer-to-peer file sharing networks are transient Internet networks that allow computer users with the same P2P networking program to connect with each other and use sophisticated searching techniques to directly access and download files from one another's hard drives. [7]<br />
The P2P overlay network consists of all the participating peers as network nodes. There are links between any two nodes that know each other. Based on how nodes link to each other, P2P networks can classify as '''Unstructured''' and '''Structured'''. [3]<br />
<br />
===Unstructured P2P networks===<br />
An unstructured P2P network is formed when the overlay links are established arbitrarily. Such networks can be easily constructed as a new peer that wants to join the network can copy existing links of another node and then form its own links over time. In an unstructured P2P network, if a peer wants to find a desired piece of data in the network, the query has to be flooded through the network to find as many peers as possible that share the data. The main disadvantage with such networks is that the queries may not always be resolved. Popular content is likely to be available at several peers and any peer searching for it is likely to find the same thing, but if a peer is looking for rare data shared by only a few other peers, then it is highly unlikely that search will be successful. [3]<br />
<br />
===Structured P2P networks===<br />
Structured P2P network employ a globally consistent protocol to ensure that any node can efficiently route a search to some peer that has the desired file, even if the file is extremely rare. Such a guarantee necessitates a more structured pattern of overlay links. By far the most common type of structured P2P network is the distributed hash table (DHT), in which a variant of consistent hashing is used to assign ownership of each file to a particular peer, in a way analogous to a traditional hash table's assignment of each key to a particular array slot. [3]<br />
<br />
==Security Concern==<br />
One major concern of using P2P architecture in the workplace is, of course, network security. Security concerns stem from the architecture itself. Today we find most blocking and routing handles by a specific server within network, but the P2P architecture has no single fixed server responsible for routing and requests. [8]<br />
<br />
There are many kind of attack on P2P networking and here is some example.<br />
===Attack===<br />
<ul><br />
<li>'''TCP port''' - To share files on the computer within a P2P network such as BitTorrent, a specific TCP port must be opened for the P2P software to communicate. In effect, once you open the port you are no longer protected from malicious traffic coming through it. [5]<br />
<li>'''Trojans, Viruses''' - When files are downloading from other peer, there are no guarantee that the files being transfered are the one that you want. Also, when you double-click the EXE file, you can not sure that it has not installed a Trojans or bring viruses to the computer. [5]<br />
<li>'''Malware''' - The P2P network software itself may contain [http://en.wikipedia.org/wiki/Malware malware] or [http://en.wikipedia.org/wiki/Spyware spyware]. [3]<br />
<li>'''Bandwidth Clogging and File Sharing''' - P2P applications such as BitTorrent make it possible for one computer to share files with another computer located somewhere else on the Internet. A major problem with P2P file-sharing programs is that they result in heavy traffic, which clogs the institution networks. The rich audio and video files that P2P users share are very big. This affects response times for internal users as well as e-business customers and that results in lost income. [9]<br />
</ul><br />
<br />
===Security Mechanisms===<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
*[7]http://www.websense.com/docs/WhitePapers/PeertoPeer.pdf<br />
*[8]http://www.webopedia.com/DidYouKnow/Internet/2005/peer_to_peer.asp<br />
*[9]http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
*[http://ntrg.cs.tcd.ie/undergrad/4ba2.02-03/p10.html P2P Security]<br />
<br />
----<br />
Image:Architecture.png<br />
<br />
--[[User:Chowkw|Chowkw]] 22:55, 7 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-06T03:16:18Z<p>Chowkw: </p>
<hr />
<div>[[Image:Peer_to_peer.gif|thumb|250px|right| The different between Client-Server and P2P model.[2]]]<br />
'''Peer-to-Peer''' (or '''P2P''') networking is a fairly popular networking concept. Networks such as BitTorrent and eMule make it easy for people to find what they want and share what they have. P2P networks are used primarily to exchange pirated audio, video, software, and other inappropriate content. [5, 6]<br />
<br />
<br />
__TOC__<br />
<br />
==What is Peer To Peer Network==<br />
A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. A typical example for a non peer-to-peer file transfer is an FTP server where the client and server programs are quite distinct, and the clients initiate the download/uploads and the servers react to and satisfy these requests. [3] <br />
<br />
==Architecture==<br />
[[Image:Architecture.png|thumb|300px|right| Typical hybrid decentralized peer-to-peer architecture. A central directory server maintains an index of the metadata for all files in the network.[1]]]<br />
<br />
===Unstructured P2P networks===<br />
<br />
===Structured P2P networks===<br />
<br />
<br />
==Security Problem== <br />
<br />
<br />
==Applications==<br />
An important goal in peer-to-peer networks is that all clients provide resources, including bandwidth, storage space, and computing power. Thus, as nodes arrive and demand on the system increases, the total capacity of the system also increases. [3]<br />
<br />
Peer-to-peer can be used for:<br />
<ul><br />
<li> [http://en.wikipedia.org/wiki/File_sharing File sharing]<br />
<li> [http://en.wikipedia.org/wiki/Telephony Telephony]<br />
<li> [http://en.wikipedia.org/wiki/Streaming_media Streaming media]<br />
<li> Software publication and distribution<br />
</ul><br />
<br />
<br />
==References==<br />
*[1]http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.html<br />
*[2]http://www.ibiblio.org/team/intro/search/search.html<br />
*[3]http://en.wikipedia.org/wiki/Peer-to-peer<br />
*[4]http://www.ibm.com/developerworks/java/library/j-p2ptrust/<br />
*[5]http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm<br />
*[6]http://www.websense.com/global/en/ResourceCenter/p2p_security.php<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
*[http://www.ibm.com/developerworks/java/library/j-p2ptrust/ The practice of peer-to-peer computing: Trust and security in peer-to-peer networks]<br />
<br />
--[[User:Chowkw|Chowkw]] 00:12, 5 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Architecture.pngFile:Architecture.png2008-04-06T02:04:24Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Peer_to_peer.gifFile:Peer to peer.gif2008-04-06T02:00:42Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Peer_To_Peer_Network_SecurityPeer To Peer Network Security2008-04-05T04:12:32Z<p>Chowkw: </p>
<hr />
<div>P2P network security - UNDER CONSTRUCTION-<br />
__TOC__<br />
==What is Peer To Peer Network==<br />
<br />
==Architecture==<br />
<br />
==Applications==<br />
<br />
==Security Problem== <br />
<br />
==References==<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chowkw|Chowkw]] 00:12, 5 April 2008 (EDT)</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Importing_ModelsImporting Models2008-03-20T03:48:18Z<p>Chowkw: </p>
<hr />
<div>__TOC__<br />
A model (.mdl) resource is created by exporting a model from the World Editor.<br />
<br>The model to be imported MUST be a COLLADA (*.dae) file.<br />
<br>There are different way to export to collada file depend on the software you use to create the model. In this tutorial, we use [http://usa.autodesk.com/adsk/servlet/index?siteID=123112&id=7635018 Audodesk Maya] as an example<br />
<br />
==Importing Scene Data==<br />
<br>Export the model to COLLADA (*.dae) file. After exported to a collada file, put it in the directory "..\C4\Import"<br />
<br>[[Image:Import1.jpg]]<br />
<br>Start C4 and select Tool and New World. Select Import Scene from World menu<br />
<br>[[Image:Import2.jpg]]<br />
<br>Import Scene dialog displays and choose the collada file that is importing. Click OK<br />
<br>[[Image:Import3.jpg]]<br />
<br>After selecting a Collada file, the imported geometry (as well as lights and materials) will appear in the World Editor. At this point, you may make any changes that you need to.<br />
<br>Note that during the import process, the World Editor will keep track of the materials used by the imported geometry. The texture maps are correctly assigned to each geometry, but the images themselves still need to be imported using the [http://www.cas.mcmaster.ca/wiki/index.php/Importing_Textures Importing Textures]<br />
[[Image:Import4.jpg]]<br />
<br />
==Exporting to a Model==<br />
After you make the change, select World - Save as Model<br />
<br>[[Image:Import5.jpg]]<br />
<br>Export Model dialog shows up. Give the model a name and choose the location that you want to save at. Click OK<br />
<br>[[Image:Import6.jpg]]<br />
<br>Now, you can close the world and the collada file has covert to a model file<br />
<br />
==Insert Model to a world==<br />
To insert the model that you just import, open the world that you work on and from the menu, select World - Insert Model<br />
<br>[[Image:Import7.jpg]]<br />
<br>Import Model dialog display and you should see the model that you just import. Click OK<br />
<br>[[Image:Import8.jpg]]<br />
<br>In the viewports<br />
<br>[[Image:Import9.jpg]]<br />
<br><br />
Return to [http://www.cas.mcmaster.ca/wiki/index.php/RCaragogo RCaragogo]<br />
<br><br />
<br />
----<br />
'''References'''<br />
<br>http://www.terathon.com/wiki/index.php?title=Creating_an_Entity_Model</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import9.jpgFile:Import9.jpg2008-03-20T03:47:44Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import8.jpgFile:Import8.jpg2008-03-20T03:43:59Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import7.jpgFile:Import7.jpg2008-03-20T03:41:33Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import6.jpgFile:Import6.jpg2008-03-20T03:35:10Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import5.jpgFile:Import5.jpg2008-03-20T03:31:08Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import4.jpgFile:Import4.jpg2008-03-20T03:29:11Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import3.jpgFile:Import3.jpg2008-03-20T03:26:27Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import2.jpgFile:Import2.jpg2008-03-20T03:25:03Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Import1.jpgFile:Import1.jpg2008-03-20T03:19:51Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Adding_lightingAdding lighting2008-03-20T03:03:52Z<p>Chowkw: </p>
<hr />
<div>Create a new world or load the world you would like to add lighting on<br />
<br>From the page menu, select Lights. Lights page show up on the left panel<br />
<br>[[Image:Light1.jpg]]<br />
<br>Choose the light style that you want. Here we use "Infinite Light" as an example.<br />
Click on the Infinite Light button and add it to the scene. Use the top left viewport and click somewhere in the bottom right as seen in the image below. Once the node has been added it is made active, but it is always a good idea to click 1 on the keypad to enable the Select Nodes button.<br />
<br><br />
After adding the light, you could use Move Tool to move the light to the position you want and use Rotate Tool to turn where the light coming from. Looking closer at the light, notice that apart from the usual three axis manipulators there is an extra one, a yellow single line, this is the light direction. You might need to rotate it so the light direction is pointing to the direction you want.<br />
<br>[[Image:Light2.jpg]]<br />
<br>You could change the light property by selecting it and Node - Get Info or Ctrl-i<br />
[[Image:Lightifo.jpg]]<br />
<br>Before adding a light<br />
<br>[[Image:Lightbefore.jpg]]<br />
<br>After adding a light<br />
<br>[[Image:Lightafter.jpg]]<br />
<br><br />
----<br />
'''References'''<br />
<br>http://www.terathon.com/wiki/index.php?title=Creating_a_Basic_World<br />
<br>http://www.terathon.com/wiki/index.php?title=Lights_and_Shadows</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Lightifo.jpgFile:Lightifo.jpg2008-03-20T02:58:43Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Lightafter.jpgFile:Lightafter.jpg2008-03-20T02:56:48Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Lightbefore.jpgFile:Lightbefore.jpg2008-03-20T02:55:57Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Light2.jpgFile:Light2.jpg2008-03-20T02:51:02Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Light1.jpgFile:Light1.jpg2008-03-20T02:39:03Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Basic_CommandsBasic Commands2008-03-20T02:24:40Z<p>Chowkw: </p>
<hr />
<div>__TOC__<br />
==World Editor Layout==<br />
This is the place for edit a existing world. A menu bar on the top give different options while editing the world. <br />
On the left hand side of the world editor dialog, it shows '''Pages'''. Top of world editor shows '''Tool and Toggle buttons''' and the rest of it is '''Viewports''' of the world<br />
[[Image:newworld3.jpg]]<br />
<br />
==Tool and Toggle Buttons==<br />
Tool and Toggle buttons locate the top of world editor dialog<br />
<br>For Tool buttons, from left to right are the following:<br />
<br>[[Image:Tool.jpg]]<br />
*'''Box Select Nodes''' - Selects all nodes that intersect the rectangle that is dragged out<br />
*'''Select Nodes''' - Selects the one node that is clicked on. The Shift key can be used to add to or subtract from the current selection. <br />
*'''Move Nodes''' - Works just like the Select Nodes tool, except that dragging the cursor moves the selected nodes<br />
*'''Rotate Nodes''' - Works just like the Select Nodes tool except that handles appear on selected nodes. Dragging a handle rotates the selected nodes. The Shift key can be used while rotating to enable angle snap<br />
*'''Scale Nodes''' - Works just like the Select Nodes tool except that handles appear on selected nodes<br />
*'''Connect Nodes''' - Works just like the Select Nodes tool except that connectors appear on selected nodes (if they have any)<br />
*'''Scroll Viewport''' - Dragging with this tool pans the viewport<br />
*'''Zoom Viewport''' - Dragging vertically with this tool zooms in and out of a viewport<br />
*'''Box Zoom Viewport''' - A viewport is zoomed to the rectangle dragged out by this tool<br />
*'''Free Camera Move''' - (This tool can only be used in perspective viewports.) When the mouse button is held down with this tool, the WSAD keys can be used to fly the camera around forward, backward, left, and right. The Space and C keys move up and down<br />
<br />
<br>For Toggle buttons, from left to right are the following:<br />
<br>[[Image:Toggle.jpg]]<br />
*'''Toggle Backfaces''' - Shows or hides backfaces for geometries in wireframe display<br />
*'''Toggle Referenced Worlds''' - Shows or hides worlds that are externally referenced by marker nodes<br />
*'''Toggle Lighting''' - When active, full lighting is rendered in perspective viewports<br />
*'''Draw from Center''' - When active, many tools operate in relation to the center of a node instead of the opposite corner<br />
*'''Cap Geometry''' - When active, new geometries include end caps. When inactive, only lateral surfaces are created<br />
<br />
==Pages==<br />
[[Image:Page.jpg]]<br />
<br>A page is one of the palette-like subwindows shown on the left side of the World Editor. Most of them are not visible by default when a new world is created. An invisible page can be shown by selecting it from the Page menu. The pages can be rearranged by dragging them upward and downward by their title bars.<br />
<br><br />
*'''Geometries''' - Used to place primitive geometries in the scene<br />
[[Image:Geometric.jpg]]<br />
*'''Material''' - Displays the current material that is applied to new geometries<br />
[[Image:Material.jpg]]<br />
*'''Selection Mask''' - Toggle buttons that determine what types of nodes can be selected<br />
[[Image:Selectionmask.jpg]]<br />
*'''Viewports''' - Contains buttons that change the viewport layout<br />
[[Image:Viewports.jpg]]<br />
*'''Cameras''' - The single tool in this page places a frustum camera in the scene<br />
[[Image:Cameras.jpg]]<br />
*'''Effects''' - Used to place various special effects in the scene<br />
[[Image:Effects.jpg]]<br />
*'''Entities''' - Shows a list of registered entity type<br />
[[Image:Entities.jpg]]<br />
*'''Grid''' - Controls for grid settings<br />
[[Image:Grid.jpg]]<br />
*'''Info''' - Displays information about the node to which the gizmo is currently assigned<br />
[[Image:Info.jpg]]<br />
*'''Lights''' - Used to place light sources in the scene<br />
[[Image:Lights.jpg]]<br />
*'''Markers''' - Used to place marker nodes in the scene<br />
[[Image:Markers.jpg]]<br />
*'''Mesh Tools''' - Contains a single tool that selects individual surfaces on a mesh<br />
[[Image:Meshtools.jpg]]<br />
*'''Particle Systems''' - Tools for placing emitters in the scene. It also shows a list of registered particle system types. A particle system can be placed in the scene by selecting one from the list and then clicking in a viewport at the location where you want to place it<br />
[[Image:Particlesystems.jpg]]<br />
*'''Paths''' - Tools for drawing paths<br />
[[Image:Paths.jpg]]<br />
*'''Portals''' - Tools for placing portals in the scene and also contains tools for inserting and removing vertices from portals.<br />
[[Image:Portals.jpg]]<br />
*'''Skybox''' - Tool for placeing a skybox node in the scene<br />
[[Image:Skybox.jpg]]<br />
*'''Sources''' - Used to place sound sources in the scene<br />
[[Image:Sources.jpg]]<br />
*'''Spaces''' - Used to place various types of spaces in the scene<br />
[[Image:Spaces.jpg]]<br />
*'''Texture Mapping''' - Tools for offsetting, rotating, and scaling texture coordinates<br />
[[Image:Texturemapping.jpg]]<br />
*'''Transform''' - Lets you change the position, rotation, and size of a node numerically. The transform is shown for the node to which the gizmo is currently assigned<br />
[[Image:Transform.jpg]]<br />
*'''Triggers''' - Used to place trigger volumes in the scene<br />
[[Image:Triggers.jpg]]<br />
*'''Visibility''' - Contains buttons for showing and hiding nodes by type<br />
[[Image:Visibility.jpg]]<br />
*'''Zones''' - Used to place zones in the scene and also contains tools for inserting and removing vertices from polygon zones<br />
[[Image:Zones.jpg]]<br />
<br />
==Viewports==<br />
The World Editor displays one to four viewports at a time, but manages eight separate viewports internally. The visual configuration of the viewports can be changed using the buttons in the Layout page. The eight viewports are the four quarter-size viewports and the four half-size viewports (two horizontal and two vertical) of which at most four are shown in any multi-viewport configuration. Any viewport can be shown by itself at full size by typing Ctrl-n (or Cmd-n on the Mac), where n is a number between 1 and 8, or by selecting it from the Layout menu. Typing Ctrl-n again when viewport n is shown at full size returns to the previous multi-viewport configuration.<br />
<br />
There are three types of viewports: orthographic, perspective, and scene graph. Orthographic viewports can display the scene from one of six directions corresponding to the positive and negative x, y, and z axes. The type of each viewport can be changed by right-clicking in a viewport (or Ctrl-clicking on the Mac) and selecting a new viewport type from the popup menu that appears.<br />
<br />
The scene graph viewport is a special viewport that displays the scene hierarchy. All of the nodes in the scene are displayed in a tree that represents the actual structure of the scene. Subtrees can be collapsed or expanded by clicking on the collapse boxes between the various levels of the hierarchy. In a scene graph viewport, the Select and Move tool provides the capability to reparent nodes. The currently selected nodes can be reparented by dragging them to another node that will serve as the new parent. (Nodes cannot be reparented to any of their descendants.) [1]<br />
<br />
==Gizmo==<br />
The gizmo is a control that appears for one of the selected nodes. It shows the orientation of the node's local axes in red, green, and blue for the x, y, and z directions, respectively.<br />
<br>When the Select and Move tool is in use, the arrowheads on the axes can be dragged in any viewport to move the node along the corresponding direction.<br />
<br />
The gizmo assignment can be iterated through the nodes in the current selection by pressing the Tab key. <br />
<br><br />
----<br />
'''Reference'''<br />
<br>[1] http://www.terathon.com/wiki/index.php?title=World_Editor_Overview</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/Basic_CommandsBasic Commands2008-03-20T02:23:25Z<p>Chowkw: </p>
<hr />
<div>__TOC__<br />
==World Editor Layout==<br />
This is the place for edit a existing world. A menu bar on the top give different options while editing the world. <br />
On the left hand side of the world editor dialog, it shows '''Pages'''. Top of world editor shows '''Tool and Toggle buttons''' and the rest of it is '''Viewports''' of the world<br />
[[Image:newworld3.jpg]]<br />
<br />
==Tool and Toggle Buttons==<br />
Tool and Toggle buttons locate the top of world editor dialog<br />
<br>For Tool buttons, from left to right are the following:<br />
<br>[[Image:Tool.jpg]]<br />
*'''Box Select Nodes''' - Selects all nodes that intersect the rectangle that is dragged out<br />
*'''Select Nodes''' - Selects the one node that is clicked on. The Shift key can be used to add to or subtract from the current selection. <br />
*'''Move Nodes''' - Works just like the Select Nodes tool, except that dragging the cursor moves the selected nodes<br />
*'''Rotate Nodes''' - Works just like the Select Nodes tool except that handles appear on selected nodes. Dragging a handle rotates the selected nodes. The Shift key can be used while rotating to enable angle snap<br />
*'''Scale Nodes''' - Works just like the Select Nodes tool except that handles appear on selected nodes<br />
*'''Connect Nodes''' - Works just like the Select Nodes tool except that connectors appear on selected nodes (if they have any)<br />
*'''Scroll Viewport''' - Dragging with this tool pans the viewport<br />
*'''Zoom Viewport''' - Dragging vertically with this tool zooms in and out of a viewport<br />
*'''Box Zoom Viewport''' - A viewport is zoomed to the rectangle dragged out by this tool<br />
*'''Free Camera Move''' - (This tool can only be used in perspective viewports.) When the mouse button is held down with this tool, the WSAD keys can be used to fly the camera around forward, backward, left, and right. The Space and C keys move up and down<br />
<br />
<br>For Toggle buttons, from left to right are the following:<br />
<br>[[Image:Toggle.jpg]]<br />
*'''Toggle Backfaces''' - Shows or hides backfaces for geometries in wireframe display<br />
*'''Toggle Referenced Worlds''' - Shows or hides worlds that are externally referenced by marker nodes<br />
*'''Toggle Lighting''' - When active, full lighting is rendered in perspective viewports<br />
*'''Draw from Center''' - When active, many tools operate in relation to the center of a node instead of the opposite corner<br />
*'''Cap Geometry''' - When active, new geometries include end caps. When inactive, only lateral surfaces are created<br />
<br />
==Pages==<br />
[[Image:Page.jpg]]<br />
<br>A page is one of the palette-like subwindows shown on the left side of the World Editor. Most of them are not visible by default when a new world is created. An invisible page can be shown by selecting it from the Page menu. The pages can be rearranged by dragging them upward and downward by their title bars.<br />
<br><br />
*'''Geometries''' - Used to place primitive geometries in the scene<br />
[[Image:Geometric.jpg]]<br />
*'''Material''' - Displays the current material that is applied to new geometries<br />
[[Image:Material.jpg]]<br />
*'''Selection Mask''' - Toggle buttons that determine what types of nodes can be selected<br />
[[Image:Selectionmask.jpg]]<br />
*'''Viewports''' - Contains buttons that change the viewport layout<br />
[[Image:Viewports.jpg]]<br />
*'''Cameras''' - The single tool in this page places a frustum camera in the scene<br />
[[Image:Cameras.jpg]]<br />
*'''Effects''' - Used to place various special effects in the scene<br />
[[Image:Effects.jpg]]<br />
*'''Entities''' - Shows a list of registered entity type<br />
[[Image:Entities.jpg]]<br />
*'''Grid''' - Controls for grid settings<br />
[[Image:Grid.jpg]]<br />
*'''Info''' - Displays information about the node to which the gizmo is currently assigned<br />
[[Image:Info.jpg]]<br />
*'''Lights''' - Used to place light sources in the scene<br />
[[Image:Lights.jpg]]<br />
*'''Markers''' - Used to place marker nodes in the scene<br />
[[Image:Markers.jpg]]<br />
*'''Mesh Tools''' - Contains a single tool that selects individual surfaces on a mesh<br />
[[Image:Meshtools.jpg]]<br />
*'''Particle Systems''' - Tools for placing emitters in the scene. It also shows a list of registered particle system types. A particle system can be placed in the scene by selecting one from the list and then clicking in a viewport at the location where you want to place it<br />
[[Image:Particlesystems.jpg]]<br />
*'''Paths''' - Tools for drawing paths<br />
[[Image:Paths.jpg]]<br />
*'''Portals''' - Tools for placing portals in the scene and also contains tools for inserting and removing vertices from portals.<br />
[[Image:Portals.jpg]]<br />
*'''Skybox''' - Tool for placeing a skybox node in the scene<br />
[[Image:Skybox.jpg]]<br />
*'''Sources''' - Used to place sound sources in the scene<br />
[[Image:Sources.jpg]]<br />
*'''Spaces''' - Used to place various types of spaces in the scene<br />
[[Image:Spaces.jpg]]<br />
*'''Texture Mapping''' - Tools for offsetting, rotating, and scaling texture coordinates<br />
[[Image:Texturemapping.jpg]]<br />
*'''Transform''' - Lets you change the position, rotation, and size of a node numerically. The transform is shown for the node to which the gizmo is currently assigned<br />
[[Image:Transform.jpg]]<br />
*'''Triggers''' - Used to place trigger volumes in the scene<br />
[[Image:Triggers.jpg]]<br />
*'''Visibility''' - Contains buttons for showing and hiding nodes by type<br />
[[Image:Visibility.jpg]]<br />
*'''Zones''' - Used to place zones in the scene and also contains tools for inserting and removing vertices from polygon zones<br />
[[Image:Zones.jpg]]<br />
<br />
<br />
==Viewports==<br />
The World Editor displays one to four viewports at a time, but manages eight separate viewports internally. The visual configuration of the viewports can be changed using the buttons in the Layout page. The eight viewports are the four quarter-size viewports and the four half-size viewports (two horizontal and two vertical) of which at most four are shown in any multi-viewport configuration. Any viewport can be shown by itself at full size by typing Ctrl-n (or Cmd-n on the Mac), where n is a number between 1 and 8, or by selecting it from the Layout menu. Typing Ctrl-n again when viewport n is shown at full size returns to the previous multi-viewport configuration.<br />
<br />
There are three types of viewports: orthographic, perspective, and scene graph. Orthographic viewports can display the scene from one of six directions corresponding to the positive and negative x, y, and z axes. The type of each viewport can be changed by right-clicking in a viewport (or Ctrl-clicking on the Mac) and selecting a new viewport type from the popup menu that appears.<br />
<br />
The scene graph viewport is a special viewport that displays the scene hierarchy. All of the nodes in the scene are displayed in a tree that represents the actual structure of the scene. Subtrees can be collapsed or expanded by clicking on the collapse boxes between the various levels of the hierarchy. In a scene graph viewport, the Select and Move tool provides the capability to reparent nodes. The currently selected nodes can be reparented by dragging them to another node that will serve as the new parent. (Nodes cannot be reparented to any of their descendants.) [1]<br />
----<br />
'''Reference'''<br />
<br>[1] http://www.terathon.com/wiki/index.php?title=World_Editor_Overview</div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Zones.jpgFile:Zones.jpg2008-03-20T02:19:44Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Visibility.jpgFile:Visibility.jpg2008-03-20T02:19:31Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Triggers.jpgFile:Triggers.jpg2008-03-20T02:18:41Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Transform.jpgFile:Transform.jpg2008-03-20T02:18:13Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Texturemapping.jpgFile:Texturemapping.jpg2008-03-20T02:13:31Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Spaces.jpgFile:Spaces.jpg2008-03-20T02:13:15Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Sources.jpgFile:Sources.jpg2008-03-20T02:12:57Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Skybox.jpgFile:Skybox.jpg2008-03-20T02:12:35Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Portals.jpgFile:Portals.jpg2008-03-20T02:06:49Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Paths.jpgFile:Paths.jpg2008-03-20T02:06:27Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Particlesystems.jpgFile:Particlesystems.jpg2008-03-20T02:06:01Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Meshtools.jpgFile:Meshtools.jpg2008-03-20T02:05:31Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Markers.jpgFile:Markers.jpg2008-03-20T02:01:20Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Lights.jpgFile:Lights.jpg2008-03-20T02:01:01Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Info.jpgFile:Info.jpg2008-03-20T02:00:39Z<p>Chowkw: </p>
<hr />
<div></div>Chowkwhttp://wiki.cas.mcmaster.ca/index.php/File:Grid.jpgFile:Grid.jpg2008-03-20T02:00:17Z<p>Chowkw: </p>
<hr />
<div></div>Chowkw