Check out the new USENIX Web site. next up previous
Next: Status and conclusions Up: POST: A secure, resilient, Previous: Incremental deployment


Related work

Lotus Notes and Microsoft Exchange provide a general, secure messaging infrastructure based on the client-server model, providing the ability to transfer email, personal contacts, calendars, and tasks. POST aims to provide similar functionality based on a serverless, decentralized and cooperative p2p architecture.

Current email protocols, including SMTP, POP3, and IMAP, are tailored towards an infrastructure based on dedicated servers. Minimal security is provided in these protocols, as they do not provide confidentiality, verifiability, or data integrity. Extensions like PGP provide secure email, but are not widely used.

The use of a single-writer, self-authenticating log in POST was inspired by the use of similar logs in the Ivy filesystem [11]. The loghead is the root of a Merkle hash tree [10], which allows the log to be stored on untrusted nodes, while ensuring that the authenticity of each log entry can be verified locally. This allows POST to avoid more complex byzantine state machine protocols [4].

A serverless email system proposed in [8] shares many of the goals of ePOST. Unlike POST, it focuses on email service only, and unlike ePOST, it is not compatible with the existing email infrastructure. Providing email services on top of a p2p storage system has also been explored in the OceanStore project [5]. The use of single-writer logs allows POST to achieve similar functionality with significantly less complexity, while providing general support for collaborative applications.


next up previous
Next: Status and conclusions Up: POST: A secure, resilient, Previous: Incremental deployment