Options
2008
Conference Paper
Title
Security mechanisms of a legal peer-to-peer file sharing system
Abstract
Contrary to Digital Rights Management systems (DRMS), CONFUO©O [Schmucker, M. and Ebinger, P., 2005] is a legal peer-to-peer file sharing application that controls content distribution as opposed to content usage. A central entity called Trusted Third Party (TTP) validates whether users are allowed to legally distribute a particular content and users within the CONFUO©O system enable peer monitoring to identify irregularities. Several of the core features (such as inter-user observation) are as yet untested nor approved for use on the Internet. This article demonstrates the iterative improvement of CONFUO©O's security over conventional DRM systems. A summary of the extensive security analysis performed to identify threats and potential vulnerabilities resulting from the abuse of this new protocol is presented and led to the discovery of a possible Denial-of-Service (DoS) threat. In this instalment several advances for CONFUO©O's architecture involving the introduction of public-key technology and user-based accountability are presented which, significantly increases the overall security of the system.
Author(s)