Authors: Marko Wolf, Andre Osterhues, Christian Stueble
Addresses: Escrypt GmbH, Lise-Meitner-Allee 4, Bochum 44801, Germany. ' Escrypt GmbH, Lise-Meitner-Allee 4, Bochum 44801, Germany. ' Sirrix AG, Lise-Meitner-Allee 4, Bochum 44801, Germany
Abstract: Superdistribution and other peer-to-peer (P2P) distribution schemes like sharing or rental offer a flexible and user-friendly way to distribute digital content. However, the parties involved have different interests (e.g. user privacy vs. license enforcement) that should be reflected in the underlying security architecture. We identify characteristic P2P scenarios and demonstrate how these can be realised by applying a few basic licensing operations. We then present a security architecture to realise these basic license operations (1) in a generalised fashion and (2) employing the ARM TrustZone technology, which will be used in many future mobile platforms. Further, we extend existing superdistribution schemes for offline application, allowing a mobile peer to access superdistributed content without the need to first contact the actual licenser.
Keywords: ARM TrustZone; mobile platforms; P2P content distribution; peer-to-peer; secure hardware; security architectures; digital content; superdistribution; trusted computing; trust; mobile devices; mobile communications; offline application.
International Journal of Applied Cryptography, 2009 Vol.1 No.4, pp.251 - 263
Published online: 31 Aug 2009 *Full-text access for editors Access for subscribers Purchase this article Comment on this article