PodNetSec: Secure Opportunistic Content Dissemination

PodNet: PodNet [1] (Fig. 1(a)) targets mobile content distribution by extending the traditional podcasting concept to opportunistic peer-to-peer content delivery among users via IEEE 802.11 wireless communications in ad hoc mode. Content is organized as episodes in channels, which users can subscribe to and download content once a peer within range holds new episodes. Information thus spreads from user to user in an epidemic fashion making use of mobility. In the initial version of PodNet, content publication was done anonymously, making it an ideal platform for spreading spam and illegal content. With PodNetSec three channel types are introduced, namely open, restricted, and closed. Closed channels allow private and encrypted dissemination of content in a limited group e.g., for friends to share photos. Restricted channels only allow authorized users to publish content but everybody to consume it, thus basically supporting official podcasters (e.g., BBC). Open channels allow every user to consume as well as create new content. Although useful for applications such as discussion forums, or video sharing (e.g., YouTube), it may serve as an easy platform to spread spam and objectionable content. AntiSpam control mechanisms are thus required. PodNetSec Integrated Security Framework: PodNetSec implements mechanisms – leveraging realworld social networks and communities – to prevent the dissemination of spam and illegal content in open channels. A two-level rating system as well as social trust metrics based on friend ties and local communities, are introduced and serve as input of a reactive as well as a proactive spam control mechanism. We introduce the notion of a user through self-created credentials (public/private key) [2]. These guarantee the inimitability of an identity and provide authentication of already known users, non-repudiation, and integrity without the support of a central authority (CA). As these cannot prevent users from generating multiple identities and launching Sybil attacks [3], we minimize their effect by establishing trust in genuine identities. This is based on their social ties demonstrated by a secure pairing process [4] or on their familiarity and similarity (community) in the underlying mobility graph [5]. A two level rating system is introduced to allow for content to be rated and author’s to build up a reputation (based on teir publications). It allows to rate, first, the legitimacy and, second, the quality of the content.