A project could have computation done on a server.
You then need to keep an interloper from seeing the process server and running
on it.
One way to control this is the following.
Each user has a Kerberos principle.  To submit a program to the system,
the user authenticates with the principle and includes a ticket with
the request to run the program.  
When a sever is going to run the program, it checks with the principle
to see if it is a real request and if the resources requested are correct.
<P>
Another way this could be done is to have a process server.  Each time it is
contacted, it is given a IP number for the machine to run the program it then
produces a pseudo random number as a ticket.  This ticket is passed to the 
program trying to get the work done.  It will pass the ticket and request the
the specified machine.  The machine will check with the ticket granter to see
if this is valid ticket and not already in use.  If either not valid or in
use, the program can not run.  If the ticket is in use, the ticket granter will
cancel the inprocess job using the ticket. 
This allows external denial of service, but does not allow hijacking tasks.
<P>
Better versions of this could be produced, if we had more time.
If public/private keys were held, a Kerboros system or a Amoeba system
with signed capablities 
could be used.  Each of these could 
easily be done, but each requires dealing with a little more complex
environment.
<P>
For each major turn-in, the programming group is expected to
give a short in class presentation.  This is to include the design, 
is issues causing the design, and issues and steps to get the program
to work and do what is wanted.  
Things such as the test harness are also good items to talk about.

<HR>
<P>