Check out the new USENIX Web site. next up previous
Next: User Accounts Up: POST: A secure, resilient, Previous: Background


POST Architecture

POST provides three basic services: a shared, secure single-copy message store, metadata based on single-writer logs, and event notification. These services can be combined to implement a variety of collaborative applications, like email, news, instant messaging, shared calendars and whiteboards.

A typical pattern is that users create messages and insert them in encrypted form into the secure store. To send a message to another user or group, the notification service is used to provide the recipient(s) with the necessary information to locate and decrypt the message. The recipients may then modify their personal metadata to incorporate the message into their view (e.g., into a private mail folder).

POST assumes the existence of a certificate authority. This authority signs certificates binding a user's unique name (e.g., her email address) to her public key. The same authority issues the nodeId certificates required for secure routing in Pastry [2]. Furthermore, the authority may set policies for each user (such as ensuring that each user owns a nodeId bound to a live IP address), thus forcing the user to contribute resources to the system. Users can access the system from any node, but it is assumed that the user trusts her local node, hereafter referred to as the trusted node, with her private key.

Throughout the design of POST, we assume that objects stored in PAST cannot be deleted. Thus, the amount of available disk space in the system must be increasing and greater than the total storage requirements, which is reasonable to expect in a p2p environment where each participant is required to contribute a portion of her desktop's local disk.



Subsections
next up previous
Next: User Accounts Up: POST: A secure, resilient, Previous: Background