用户身份验证和 dht

发布于 2024-08-15 08:31:25 字数 162 浏览 7 评论 0原文

假设我只实现了 DHT(分布式哈希表)(在 Python 中),并且我想通过 P2P 网络构建身份验证服务,但不引入具有此类服务的集中式身份验证服务器。可以吗?如果可以,我该如何实现这一目标?

我熟悉 Skype 和 Wuala 是如何做到这一点的,但我正在寻找没有单点故障的去中心化解决方案。

Lets say that I have only DHT (distributed hash table) implemented (in Python), and I want to build authentication service over P2P network, but without introducing centralized authentication server with such a service. Can it be done, and if so how can I achieve this?

I'm familiar with how Skype and Wuala have done this, but I am looking for decentralized solution without single point of failure.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

寄居人 2024-08-22 08:31:25

真正的问题是信任您收到的信息。就此而言,您至少必须验证您从中接收信息的人的身份。这个问题很好,但对于真正好的解决方案,您必须考虑基于排名的算法。

这些工作方式有点像 Pretty Good Privacy (PGP),其中传播可信关系并用于验证一系列推荐。关于这个主题有大量的学术研究:

  1. 虚拟企业中的信任关系模型
    捷克共和国布拉格
    9月1日-9月5日
    国际标准书号:0-7695-1993-8。

    Nicola Mezzetti,“走向虚拟企业中的信任关系模型”,数据库和专家系统应用程序,国际研讨会,第 420 页,第 14 届数据库和专家系统应用国际研讨会 (DEXA'03),2003 年。

  2. < a href="http://inderscience.metapress.com/app/home/contribution.asp?referrer=parent&backto=issue,4,9;journal,10,28;linkingpublicationresults,1:110892,1" rel= "nofollow noreferrer">对协作网络组织中的信任关系进行建模
    国际技术转让和商业化杂志
    第 6 卷,第 1 期 / 2007 年,第 40 - 55 页

The real problem is trusting the information you receive. For that matter, you have to at least authenticate the person you are receiving the information from. The question is good, but for really good solutions you would have to consider ranking-based algorithms.

These work a little like Pretty Good Privacy (PGP), where a trusted relationship propagates and is used to authenticate a chain of recommendations. There is a good deal of academic research on the subject:

  1. Towards a Model for Trust Relationships in Virtual Enterprises
    Prague, Czech Republic
    September 01-September 05
    ISBN: 0-7695-1993-8.

    Nicola Mezzetti, "Towards a Model for Trust Relationships in Virtual Enterprises," Database and Expert Systems Applications, International Workshop on, pp. 420, 14th International Workshop on Database and Expert Systems Applications (DEXA'03), 2003.

  2. Modelling trust relationships in Collaborative Networked Organisations
    International Journal of Technology Transfer and Commercialisation
    Volume 6, Number 1 / 2007, pages 40 - 55

故事灯 2024-08-22 08:31:25

身份验证单点故障的好处在于,可以更轻松地确保身份验证机器的结果安全有效。您必须能够在 DHT 上设置值,这些值不会被其他值覆盖,您必须验证它们的结果,验证它们是否与您的应用程序匹配,并且必须对这些值进行加密以防止其他人读取。 [许多大型DHT服务器可供很多人使用]

Well the great thing about a single point of failure with authentication is that it is easier to ensure that the results from the authentication machine[s] are safe and valid. You would have to be able to set values on the DHT, which are not overwritten by other values, you would have to validate their results, validate that they match with your application, and would have to encrypt the values from being read by other people. [Many large DHT servers are available to a lot of people]

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文