The dynamic, multi-organization nature of large-scale grid computing introduces security issues that must be addressed before grid systems can become widely popular. This paper proposes P2PSLF (Peer-to-Peer Security Layer Framework), a flexible security framework for peer-to-peer based grid computing. P2PSLF provides a wide range of security mechanisms (e.g., authentication, confidentiality, integrity, authorization, and audit), and allows the creation of new ones. It is independent of the overlying application, which enables new systems to be implemented without having to deal with security issues within the application. In addition, the framework is modular and reconfigurable. The set of security requirements to be satisfied in communications is determined per peer, and can be changed without recompiling the application. The framework is exercised using OurGrid, a P2P-based middleware that enables the creation of a multi-organization grid computing environment for the execution of bag-of-tasks applications. Copyright 2004 ACM.