1. Field of the Invention
The present invention relates to computer networks. More specifically, the present invention relates to a method and an apparatus for facilitating secure distributed content delivery across a computer network.
2. Related Art
The explosion of broadband communications has helped the Internet become a viable distribution mechanism for multimedia and high quality video. Prior to broadband, conventional modems were much too slow for the large file sizes that video demands. Now that more and more people have broadband connections and are requesting ever larger items of content, bandwidth and server utilization is quickly becoming a bottleneck on the distribution end. For example, in some cases, extraordinary events have brought online news sites to a virtual standstill as people flocked to them to retrieve video of the events.
Some companies have tried to solve this problem by creating distributed content delivery networks. In a distributed content delivery network, once a client has received a file, that client becomes a potential server for that file to other clients. This is a great advantage because as clients download the content, the number of potential servers for the content grows. In this way, the classic bottleneck caused by many clients trying to retrieve the same content from a single server is virtually eliminated.
However, one major problem in this type of system is security, because all of intermediate nodes on the network through which the content passes have access to the content. Hence, it is important to be able to tell if a piece of the content has been tampered with or corrupted during transport. If one client upstream is compromised, all of the clients downstream may receive compromised copies of the content. Although packets typically include checksums to ensure integrity, these checksums can be tampered with as well.
Another possible solution is to include a checksum with the content itself, but the entire content would have to be received in order to allow the checksum to be calculated and verified. This results in the client having to wait until a file is completely downloaded and verified before it can be sent to other clients. This problem is compounded by the fact that a large item of content may potentially be forwarded through a large number of clients, each one of which would have to wait for the file to be completely downloaded and verified before forwarding the content to a subsequent client.
What is needed is a method and apparatus for facilitating the distributed delivery of content across a network in a secure manner without the above-described problems associated with existing distributed content delivery networks.