In this chapter, we discuss the security infrastructure provided by the JXTA platform. From the beginning, JXTA was designed with a security infrastructure in mind. This is a big advantage: history has shown that when security is not included in initial architecture, it is far easier for malicious intruders to exploit any security mechanisms that are later added to the system. It is also always more difficult to add security infrastructure after a system has been designed.

Security in a P2P network presents some interesting challenges due to the distributed computing environment, the vulnerability of links (due to multi-hop routing), the dynamic nature of peer interactions, and the lack of a centralized authority. JXTA security requirements are very similar to traditional systems, but the decentralized nature of JXTA makes it more difficult to implement confidentiality, integrity, and nonrepudiation.

Typically, security models define security in terms of users, objects, and actions. The action defines the operation allowed on an object by a user. The JXTA platform does not provide for the concept of users. This keeps the core minimal; user definition can always be done at a service layer. The JXTA protocols do not need to know who a user is or how a user is authenticated. Instead, the protocol messages provide placeholder fields to store security credentials.

Given the organization of the JXTA platform, one can envision a security architecture in which ...