Abstract
One common revenue model in Content Distribution Networks (CDN), requires the
CDN operator to provide access statistics (e.g. hits, transferred bytes) to the
content provider, who in turn is expected to deliver payment dependent on these
reported values. An implicit assumption of self-regulated truthfulness of the
CDN operator governs this process. The content provider has to trust that the
content distributor provides accurate numbers and does not artificially "inflate"
them. This type of one-sided accounting is not tolerated well in two-party
business interactions. An independent accuracy proof is preferred.
Here we present a provable secure verification mechanism for access accounting
in this framework. Our solution exploits one of the common enabling mechanisms
of CDN location awareness, dynamic DNS. We discuss several variations and analyze
associated attacks.