oreilly.comSafari Books Online.Conferences.
Articles Radar Books  

Security

Category View | Alphabetical Listing | Detail Listing
BadBlue BadBlue's line of server products is designed to transform any client workstation into a powerful, search-enabled web server with built-in security features for creating and managing user accounts and passwords and restricting access to shared areas and virtual directories. The BadBlue system also provides users with the ability to share Microsoft Office files such as Excel spreadsheets and Word documents in real time, and supports CGI, ISAPI, PHP and popular web extensions. The BadBlue core small footprint server is only 65k and was designed for use within mobile and embedded devices. A version of the BadBlue Personal Edition is freely available for the Windows 95, 98, ME and NT 4 platforms. Two white papers, A Standards-based, P2P Approach to Marketplaces and Exchanges and BadBlue Platform Approach: A Web Server in every device, provide more details about the company's technology strategy.
Base One International Base One develops programming tools and middleware for developing P2P applications. The company uses its patent-pending technologies to extend Microsoft's Visual C++ and MFC classes and connect to any existing database including: SQL Server, Access, Sybase, IBM DB2, Oracle and SQL Anywhere. The company's Base/1 Internet Server (BIS) and other products are all build upon the same Peer-to-Peer, Rich Client Architecture. Current clients include Deutsche Bank, who uses BaseOne to create a virtual supercomputer able to do the work of a mainframe.
Endeavors Technology, Inc. Endeavor's products (Magi Suite) focus on document management and control over the Web using Java technology and open source standards such as HTTP, WAP/WML, XML, especially for its work flow sharing product. Document management and control includes remote document control, including authoring, publishing, sharing, manipulation, approval, collaboration and more in a secure and scalable way over the Web.
Filetopia Bitmap Multimedia is the developer of Filetopia, a free communications software that includes instant messaging, chat, e-mail, a powerful distributed file sharing system with a search engine, an online friends list and message boards. Filetopia's file sharing tool includes public key encryption and a choice of strong ciphers to protect the IP addresses of its users.
Flycode Flycode offers a web-based peer-to-peer secure file-sharing network for the automatic distribution and digital rights management of video and image files using Preview Systems Inc.ís ZipLock Technology. ZipLock provides content owners with a digital rights protection and management tool for: specifying payment requirements, placing limits on the length of time a file can be viewed, or limiting the number of users allowed to share a file. Flycode's secure network uses Microsoft's Windows Media Digital Rights Management technology, and its Windows-based Flycode Client Application requires Internet Explorer 4 or later.
Global Network Computers Global Network Computers' patented Borgbuster technology is a peer-based security system that uses a "hybrid firewall" that runs on the client that can be configured to both detect and prevent security intrusions. Most effective when hardware-based, Borgbuster's special new hybrid firewall can be configured to protect a specified portion of the PC. Global Network Computers is currently developing licensing arrangements.
Groove Networks Groove Networks was founded by Lotus Notes creator Ray Ozzie. The company's flagship product, Groove 1.0, is a groupware application (the company likes to refer to it as "peerware") that enables groups of collaborators to form in a decentralized ad-hoc fashion. Groove enables group members to interact in highly secure shared spaces to support collaborative editing in real time. All of a group's documents, messages and applications are stored and replicated across user machines so that all of a group's members can access the materials online or off. Groove Enterprise Network Services provides an outsource model for component management security services. Groove Networks has an extensive developer program. A Groove Development Kit (GDK) containing resources for building tools, skins and Groove-based solutions is available for download. Presentations, white papers and a collection of FAQ are also available.

Check out the OpenP2P.com article featuring Groove: "How Ray Ozzie Got His Groove Back".
Harmonic Invention Software Harmonic Invention Software's Direct File Express Private System of private filesharing servers have numerous security features built into them. All users uploading or downloading files must have a valid account, and permissions can be configured at the account, group or file level. A demonstration of the Direct Private File Trader product is available for download.
Intel IAS Intel's Internet Authentication Services (IAS) is a comprehensive system for enabling secure transactions for the e-health industry. The service provides a centralized location where all authentication activity can be handled, enabling the messages themselves to be distributed via a peer-to-peer network or any other kind of network. It is able to authenticate all different kinds of complex healthcare-related transactions and also provides a system for managing such transactions. Intel provides a number of Demonstrations of its IAS services in action, as well as a Reference Center of white papers.
Invisible IRC Project Invisible IRC Project (IIP) is anonymity software for Internet Relay Chat (IRC) clients that was originally inspired by point to point anonymity encryption protocol networks as demonstrated by Icecast and Shoutcast. IIP operates as a sophisticated proxy between IRC servers and clients. An IIP network offers IRC communications that are both anonymous and secured by 128 bit encryption. A future version currently in development will drop servers from the architecture to become a completely decentralized anonymous IRC protocol.

IIP suports Unix, Portable Operating System Interface for Unix (POSIX), OS X and Windows 95/98/CE/ME/NT/2000/XP. The IIP download package is distributed under a Berkely Software/Standard Distribution (BSD) license.
Killdara Killdara has developed a family of products using an XML open architecture to create a platform for universal data exchange. The products include Killdara's Paraphrase Engine, that, when triggered by a specified event, generates an XML document from various data sources (such as relational databases) and distributes it via the Web, e-mail or FTP, to any "interested partners". Killdara's b2b Messenger, designed to assist and enable B2B (business to business) transactions, performs similar functions while also supporting digital encryption and "signatures". Killdara's Health Data Courier features similar document distribution methods, and is designed to conform to existing medical information standards, such as the HL7 XML templates. White papers and a FAQ are available for review.
myCIO.com myCIO.com is a Network Associates, Inc. subsidiary that offers Peer-To-Peer technology-based network security services. myCIO.com's Rumor service manages anti-virus updates by allowing users to serve each other virus signature files. The first five users on a network retrieve virus updates, then the update spreads throughout the network as the users serve it to one another (Rumor is named for the almost viral way the application independent service transports and propagates). Token-based authentication insures only legitimate anti-virus update files can be shared by Rumor. Network Associates feels that the Peer-To-Peer model will ultimately let myCIO.com spend less time supporting updating, and more time developing anti-virus code. PGP, Sniffer, VirusScan and McAfee antivirus technologies were incorporated into Rumor.
OnSystems, Inc. OnSystems, Inc. (formerly InterFriendly) develops software technology called Virtual Internet Networks (VINs) that allow people to create virtual networks between PCs over the Internet. Unlike networking technologies like Napster, VINs are private secure networks.
OpenPrivacy OpenPrivacy is an open source, distributed, cryptographically secure platform for sharing anonymous demographic profiles. The project aims to allow users to reap the available benefits of sharing their profile information, while protecting consumer's privacy using anonymous submissions. The platform manages Reputations, which are XML Digital Signature based objects that securely store personal profile information. Reputation Servers are agents that respond to requests pertaining to reputations. Trust capabilities of the system include complete disassociation of submitted information from the user's identity and an open system available for public inspection and auditing. One project implementing OpenPrivacy is JetsPeek, an XML-based enterprise information portal developed as part of the Java Apache Project (which is in the process of merging with the Jakarta Project).
Peek-A-Booty Peek-A-Booty is distributed anti-censorship software that forms an ad hoc, Gnutella-like P2P network to enable unrestricted Web browsing within the 21 nations that currently restrict or censor Web access, such as China, Malaysia, North Korea and many Arabic countries.

The application takes advantage of the fact that all governments must have Web access for their own information and the nation's economic interests, and use firewalls for Web security that allow full access to themselves and restricted access to others. Computers running Peek-A-Booty form a distributed server cloud, where a small number of randomly selected computers access Web documents. To the firewall, a computer appears to be accessing documents not on the restricted list. Retrieved documents are encrypted and shared among the Peek-A-Booty peers.
Peer-to-Peer Trusted Library Peer-to-Peer Trusted Library is security software for Peer-To-Peer (P2P) application development. Intel has released the Library under a Berkeley Software Distribution (BSD) license to encourage area development. The Peer-to-Peer Trusted Library Application Programming Interface (Peer-to-Peer Trusted Library API) offers support for signing, encryption, authentication, secure storage, and encryption for developers using C++ on Windows or Linux.
Publius Named for the pen name of the 18th-century authors of The Federalist Papers (Alexander Hamilton, John Jay, James Madison), Publius is a web publishing system aimed at resisting censorship by inserting a layer of encryption that protects the anonymity of a publisher. As the project's web site explains: "Publius content is encrypted by the publisher and spread over some of the web servers. ... The publisher takes the key, K that is used to encrypt the file and splits it into n shares, such that any k of them can reproduce the original K, but k-1 give no hints as to the key. Each server receives the encrypted Publius content and one of the shares. At this point, the server has no idea what it is hosting -- it simply stores some random looking data. To browse content, a retriever must get the encrypted Publius content from some server and k of the shares. Mechanisms are in place to detect if the content has been tampered with."
Softwax GUTS Media LLC develops Softwax, a Peer-To-Peer file sharing application for Windows 95/98/NT/2000. The software is primarily intended for licensing to Internet Service Providers (ISPs), portals, digital asset distributors, web sites, corporate intranets, and other locations where it's desirable to install a turnkey solution for adding P2P file sharing with security management. The company calls this focus "legitimate, niche file sharing". Users do not have unrestricted access to peer files in the secure environment.

The Softwax Broker component monitors each P2P transaction and authenticates it with a secure key. It also performs virus checking and can be set to disable infected files. Softwax can also employ filters for copyrighted materials. The system does not offer chat or instant messaging. The Softwax site includes a Frequently Asked Questions (FAQ) digest, and an online demonstration Softwax application called Shareshack, a P2P enabled e-zine for snowboarders that allows users to search for and download various media files. (Interacting with the demo requires a Windows based browser.)
Texar Corporation Texar Corporation's s-Peer is a Peer-to-Peer client that uses a security architecture for peer-to-peer networking and selective file sharing on the Web. s-Peer supports Windows, Solaris and Linux. It is currently available as a free download at www.s-peer.com. The Java-technology based toolkit includes features supporting policy-based access controls, unique digital identities, secure communications, and data integrity and validation. To demonstrate these security enhancements, Texar has developed a peer-to-peer file sharing and collaboration application based on s-Peer. Texar has released the source code for s-Peer under its own license. See the FAQ and white paper for more of s-Peer's technical details.
Tuneprint Recordings that sound identical to humans actually have unique psychoacoustical differences. Geoffrey Schmidt, a Massachusetts Institute of Technology (M.I.T.) student, is one of the first to develop an audio fingerprinting algorithm taking advantage of this principle. The audio fingerprint does not change when the sound is compressed, changed to a different file format, broadcast over the radio, passed through an MP3 encoder, re-equalized or played at a different speed. The resulting Tuneprint technology is developing around the tuneprint.com site set up by Schmidt for incubation. Tuneprint utilizes a model of human hearing used to predict how audio will appear after it's been distorted by the human ear, and the parts of neural processing that are understood. This is some of the same information that led to MP3 encoders achieving exceptional audio compression. Characteristics that uniquely identify the track are then identified by picking out the most important, surprising, or significant features of the sound.

Possible distributed audio applications include building netplay popularity charts based on real time global live play, more capable music search engines, improvements in musical file sharing (sorting, categorizing, removing duplicates), digital rights, practical micropayment systems for artists and enabling record companies to tag a track as copyrighted in real time upon request.
Wannafree Welus is the developer of the Wannafree Peer-To-Peer communications application. Wannafree offers several knowledge sharing methods, including news group, Internet board, real-time chat and Instant Messaging (IM). A primary focus of the product is support of anonymous operation. The application keeps Internet Protocol (IP) addresses confidential and uses ID codes as identifiers rather than personal information. When using the Secret Group feature, communications between registered group members are encoded with a 1024 bit encryption key. The Wannafree protocol changes its topology simultaneously and non-periodically to make the network architecture difficult to trace. Wannafree supports Windows 95/98/Me/NT/2000. 10 Mb of installation space, a Pentium and 32 Mb of RAM are recommended (a 486 with 16 Mb of RAM is supported). The program is available as a free download and a Manual is also provided.

P2P Weblogs

Richard Koman Richard Koman's Weblog
Supreme Court Decides Unanimously Against Grokster
Updating as we go. Supremes have ruled 9-0 in favor of the studios in MGM v Grokster. But does the decision have wider import? Is it a death knell for tech? It's starting to look like the answer is no. (Jun 27, 2005)

> More from O'Reilly Developer Weblogs


More Weblogs
FolderShare remote computer search: better privacy than Google Desktop? [Sid Steward]

Data Condoms: Solutions for Private, Remote Search Indexes [Sid Steward]

Behold! Google the darknet/p2p search engine! [Sid Steward]

Open Source & The Fallacy Of Composition [Spencer Critchley]