MSc Dissertation: "Secure File Sharing in JXTA Using Digital Signatures", by Erita Skendaj

Abstract

The work presented in this dissertation thesis describes a step by step procedure on how to build a secure file sharing mechanism in JXTA, a universal platform independent Peer to Peer (P2P) environment. Digital Signatures are chosen as the soundest tool towards ensuring authenticity and integrity of shared files in a hybrid P2P environment. This paper pictures the P2P paradigm in its whole complexity; describes known successful implementations such as Gnutella and notorious ones, such as Napster; points out P2P power and limitations and puts a special focus on security as one of the most crucial up to date challenges of P2P systems. JXTA is introduced as an innovative P2P protocols suite aiming ubiquity and interoperability in the P2P world. Basic JXTA entities and protocols are explained to ensure the audience comprehends the platform structure and functionality prior to delve in intricacies of file sharing and security mechanisms. The project developed during the thesis preparation uses JXSE, the Java implementation of JXTA and reuses CMS as a an early realization of Content Management System by the community, but which does not support security out of the box. After a detailed analysis of JXTA Security library and evaluation of various security schemas, this thesis proposes a new security model for sharing files in CMS. When peers join a custom JXTA group, they are equipped with a set of (public, private) key pair. Each peer appends its digital signature, generated by its private key, to the files it is sharing. When other peers want to verify the authentication and integrity of the file, they need to verify the file against the digital signature by using the source peers’ public key. The model supports a service for one peer to retrieve the public key of another peer. Several use cases of the model are implemented, tested and documented in this thesis together with important code fragments. Designing the architecture and workflow of such system was a multifaceted process dealing with several concerns in parallel, such as understanding the complex JXTA protocol, poor documentation of JXSE libraries and sometimes not supported back compatibility of newer libraries. As a conclusion, a post analysis of the model is carried out indicating the flaws of the model and possible improvements to it in the future. An enterprise version of the system is considered and possible arguments that should be taken into account during deployment are depicted.

 

For the full version of the thesis contact Erita Skendaj at: erita.skendaj@gmail.com