Abstract
Peer-to-peer (P2P) architectures offer a flexible and user-friendly way to distribute digital content (e.g., sharing, rental, or superdistribution). However, the parties involved have different interests (e.g., user privacy vs. license enforcement) that should be reflected in the P2P security architecture.
We identify characteristic P2P scenarios and demonstrate how these can be realized by applying a few basic licensing operations. We present a security architecture to realize these basic license operations (i) in a generalized fashion and (ii) employing the ARM TrustZone technology, which is popular for embedded systems. Lastly, we extend existing superdistribution schemes for offline application, allowing a mobile peer to access superdistributed content without the need to first contact the actual licensor.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
ARM Ltd. ARM TrustZone. www.arm.com/products/esd/trustzone_home.html
Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Pratt, I., Warfield, A., Barham, P., Neugebauer, R.: Xen and the Art of Virtualization. In: SOSP 2003: Proceedings of the ACM Symposium on Operating Systems Principles (October 2003)
Ginzboorg, P., Ekberg, J.-E., Laitinen, P., Ylä-Jääski, A.: Charging for Broadband Access. In: ICTEC’98: Proceedings of the 1st International Conference on Telecommunications and Electronic Commerce (November 1998)
Kauer, B.: OSLO: Improving the Security of Trusted Computing. In: Proceedings of the 16th USENIX Security Symposium, pp. 229–237 (August 2007)
Kent, S.T.: Protecting Externally Supplied Software in Small Computers. PhD thesis, Massachusetts Institute of Technology (1980)
Liedtke, J.: Towards Real Microkernels. Communications of the ACM 39(9), 70–77 (1996)
Mori, R., Kawahara, M.: Superdistribution: The Concept and the Architecture. Transactions of the IEICE E 73(7), 1133–1146 (1990)
Nair, S.K., Popescu, B.C., Gamage, C., Crispo, B., Tanenbaum, A.S.: Enabling DRM-preserving Digital Content Redistribution. In: Proceedings of the 7th International IEEE Conference on E-Commerce Technology (July 2005)
Open Mobile Alliance. OMA DRM Version 2.0 (March 2006), http://www.openmobilealliance.org
Sadeghi, A.-R., Wolf, M., Stüble, C., Asokan, N., Ekberg, J.-E.: Enabling Fairer Digital Rights Management with Trusted Computing. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, Springer, Heidelberg (2007)
Sandhu, R., Zhang, X.: Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In: SACMAT 2005, Stockholm, Sweden (June 2005)
Sarmenta, L.F.G., van Dijk, M., O’Donnell, C.W., Rhodes, J., Devadas, S.: Virtual monotonic counters and count-limited objects using a TPM without a trusted OS. In: STC 2006: Proceedings of the 1st ACM Workshop on Scalable Trusted Computing, pp. 27–42 (2006)
Smith, S.W.: Secure Coprocessing Applications and Research Issues. Los Alamos Unclassified Release LA-UR-96-2805, Los Alamos National Laboratory (1996)
Stewin, P., Sadeghi, A.-R., Unger, M., Gasmi, Y., Asokan, N.: Beyond Secure Channels. In: STC 2007: Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing (2007)
Suh, G., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for Tamper-evident and Tamper-resistant Processing. In: Proceedings of the Annual USENIX Technical Conference (2003)
Trusted Computing Group. TPM Main Specification. Technical Report Version 1.2 Revision 94 (2006)
Trusted Computing Group. TCG Mobile Trusted Module Specification (June 2007)
Tygar, J.D., Yee, B.S.: Strongbox: A System for Self-Securing Programs. In: CMU Computer Science: A 25th Anniversary Commemorative, pp. 163–197. Addison-Wesley, Reading (1991)
Tygar, J.D., Yee, B.S.: Dyad: A System for Using Physically Secure Coprocessors. In: Proceedings of the IP Workshop (1994)
White, S.R., Comerford, L.D.: ABYSS: A Trusted Architecture for Software Protection. In: Proceedings of the IEEE Symposium on Security and Privacy (1987)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Osterhues, A., Sadeghi, AR., Wolf, M., Stüble, C., Asokan, N. (2008). Securing Peer-to-Peer Distributions for Mobile Devices. In: Chen, L., Mu, Y., Susilo, W. (eds) Information Security Practice and Experience. ISPEC 2008. Lecture Notes in Computer Science, vol 4991. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79104-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-79104-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79103-4
Online ISBN: 978-3-540-79104-1
eBook Packages: Computer ScienceComputer Science (R0)