General security recommendations

The authenticity of peers in a distributed network cannot be trusted unless reputation can be assured from a source outside of the conventional communication of the distributed network. Problem: this leads to some centralization.

A secure distributed protocol should generally not let a remote peer make you:

• execute or pass data from the network to system or library calls unchecked
• establish active connections and send data originating from a remote peer
• interact with hosts outside of the distributed network, at least, only within strict limits of bandwidth, connections and data
• use locally firewall-breaching techniques (e.g. push routing) unless explicitly configured by the user

As additional protection for the user and his anonymity, the following general policies should be configurable in distributed applications:

• ability to block the uploading of own data
• ability to use a virtual IP address or an alias
• ability to block IP addresses and network ranges from being neighboring peers
• ability to ignore and drop request messages from certain addresses and aliases

Prev Next Index