Re: [DotGNU]password and walet facilities in KDE

[Bill Lance]

--- "Gopal.V" <address@hidden> wrote:
> Hi,

>       From what I read about UServ, it offers persistant 
> content by replication of data. But I *don't* want
> my
> passwords to be stored on an untrusted machine. M$
> is
> providing a secure (what they call secure) server to
> 
> store this. How do I trust Userv when it puts away 
> valuable/sensitive data like passwords in some
> remote 
> untrusted machine where it might be compromised.
> 
>       Updation of data in UServ is a major issue. It's
> great for static HTML pages that change once in a
> while.
> But my password list is added to/modified on a day
> to day
> basis. So how do I update all the other nodes
> hosting my
> data everyday ?.eg in Gnutella, I have seen various
> versions
> /incomplete data etc will UServ be any better ?
> 
>       The best solution is to provide LDAP style roaming
> access
> with good access controls. Just like Jabber manages
> the Roster
> list, protected by a password. This looks more like
> a browser
> based single login scheme which is more secure than
> the passport
> scheme. Also this does not need any change in the
> webpage to
> use this new scheme.(no application = no ASP =lower
> costs)
> 


Obviously, UServe as it exists is inadequate.  But it
does point to the idea of a 'virtual server'.  A
virtual server can respond to net requests without
actually being on line.  This is accomplished by using
a network of peered machines to respond to a net
request to any one of them. If the target machine is
offline, the rest of the local peer group responds
with the same data that the target machine would have
if online.  FreeNet demonstrates how data can be
distributed over a network in a way that protects it's
privacy and intregraty.  

Think of a three level system.

        * virtual server engine
        * distributed dataset repository
        * user dataset image 

The virtual Server engine runs on all participating
peer machines.  It responds to a request (http and/or
rpc, soap, whatever) to a supported group member by
either passing the request on if the target is online,
or responding as proxy using data drawn from the
dataset repository. 

The distributed dataset repository is spread over all
participating peer machines with a freenet like
system. All participating user datasets are mapped
into the repository.  The repository insures the
privacy and integraty of the data on peer machines. 

The User dataset image is maintained in the repository
by each participating user.  This image contains a set
of policy rules about access, individualized data, and
any object methods the user wishes to expose.  When
online and connected to the peer group, the repositry
image is updated.




__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com