Title:
|
SECURITY MECHANISMS OF A LEGAL PEER-TO-PEER FILE SHARING SYSTEM |
Author(s):
|
Sebastian Schinzel , Martin Schmucker , Peter Ebinger |
ISBN:
|
ISSN: 1646-3692 |
Editors:
|
Pedro Isaías and Marcin Paprzycki |
Year:
|
2009 |
Edition:
|
V IV,2 |
Keywords:
|
Content Distribution, Content Monitoring, Fingerprinting, P2P, Perceptual Hashing, Secure Distribution |
Type:
|
Journal Paper |
First Page:
|
59 |
Last Page:
|
72 |
Language:
|
English |
Cover:
|
|
Full Contents:
|
click to dowload
|
Paper Abstract:
|
Contrary to Digital Rights Management systems (DRMS), CONFUO©O [Schmucker, M. and Ebinger,
P., 2005] is a legal peer-to-peer file sharing application that controls content distribution as opposed to
content usage. A central entity called Trusted Third Party (TTP) validates whether users are allowed to
legally distribute a particular content and users within the CONFUO©O system enable peer monitoring
to identify irregularities.
Several of the core features (such as inter-user observation) have not yet been tested or approved for use
on the Internet. This article demonstrates the iterative improvement of CONFUO©Os security over
conventional DRM systems. A summary of the extensive security analysis performed to identify threats
and potential vulnerabilities resulting from the abuse of this new protocol is presented and led to the
discovery of a possible Denial-of-Service (DoS) threat. In this installment, several advances for
CONFUO©Os architecture involving the introduction of public-key technology and user-based
accountability are presented, which significantly increase the overall security of the system. |
|
|
|
|