Securing Peer-to-Peer Distributions for Mobile Devices

摘要

Peer-to-peer (P2P) architectures offer a flexible and user-friendly way to distribute digital content (e.g., sharing, rental, or su-perdistribution). However, the parties involved have different interests (e.g., user privacy vs. license enforcement) that should be reflected in the P2P security architecture. We identify characteristic P2P scenarios and demonstrate how these can be realized by applying a few basic licensing operations. We present a security architecture to realize these basic license operations (i) in a generalized fashion and (ii) employing the ARM TrustZone technology, which is popular for embedded systems. Lastly, we extend existing su-perdistribution schemes for offline application, allowing a mobile peer to access superdistributed content without the need to first contact the actual licensor.