Perl, POE, Peers and Paranoia

By:

P2P-based file replication is a proven approach to providing
cooperative robust backup for data: If one peer does not have a specific
datum, another one might. Given enough peers participating, the overall
system survives isolated failures.

Applying this approach to distributed File Integrity Checking (or similar
security-sensitive areas) implies that current and untampered
file fingerprint information has to be distributed
among the peers in such a way that a limited number of malicious peers
cannot subvert or sabotage the overall system.

As a proof-of-concept, such a system has been implemented in Perl using POE
as asynchronous platform. Authentication and message integrity layers were
implemented using a Perl interface to GnuPG.

This talk presents at first the goals and concepts underlying the
overall system. It then outlines some deployment scenarios and further
areas of opportunity for such a system.

The second part of the talk focuses on development experiences
and implementation issues, specifically those concerning POE and various
Perl Crypto packages.

Stream: Perl

Paper: Perl, POE, Peers and Paranoia

I'm teaching Unix system administration, computer security
and a few other IT subjects at Bond University, QLD; Making and using
open-source tools is a daily part of my work and life.

Before moving to Australia in 2001, I've worked in Austria as a
software designer and developer, systems and network administrator
and security consultant and managed to cram in a university education
at the Technical University, Vienna, as well.

The proposed talk is a summary of the practical parts
of my ongoing PhD work.

In my Copious Free Time I risk my neck by flying paragliders
and my sanity by contributing to the Debian Project.