Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security mechanisms of a legal peer-to-peer file sharing system

 
: Schinzel, Sebastian; Schmucker, Martin; Ebinger, Peter

International Journal on Computer Science and Information Systems 4 (2009), Nr.2, S.59-72
ISSN: 1646-3692
Englisch
Zeitschriftenaufsatz
Fraunhofer IGD ()
content distribution; content sharing; perceptual hashing; Peer-to-peer (P2P); security protocol

Abstract
Contrary to Digital Rights Management systems (DRMS), CONFUO©O [Schmucker, M. and Ebinger, P., 2005] is a legal peer-to-peer file sharing application that controls content distribution as opposed to content usage. A central entity called Trusted Third Party (TTP) validates whether users are allowed to legally distribute a particular content and users within the CONFUO©O system enable peer monitoring to identify irregularities. Several of the core features (such as inter-user observation) are as yet untested nor approved for use on the Internet. This article demonstrates the iterative improvement of CONFUO©O's security over conventional DRM systems. A summary of the extensive security analysis performed to identify threats and potential vulnerabilities resulting from the abuse of this new protocol is presented and led to the discovery of a possible Denial-of-Service (DoS) threat. In this instalment several advances for CONFUO©O's architecture involving the introduction of public-key technology and user-based accountability are presented which, significantly increases the overall security of the system.

: http://publica.fraunhofer.de/dokumente/N-106005.html