Abstract. This paper focuses on the problem of preventing the illegal copying of digital content whilst allowing content mobility within a single user domain. This paper proposes a novel solution for binding a domain to a single owner. Domain owners are authenticated using two-factor authentication, which involves “something the domain owner has”, i.e. a Master Control device that controls and manages consumers domains, and binds devices joining a domain to itself, and “something the domain owner is or knows”, i.e. a biometric or password/PIN authentication mechanism that is implemented by the Master Control device. These measures establish a one-to-many relationship between the Master Control device and domain devices, and a one-to-one relationship between domain owners and their Master Control Devices, ensuring that a single consumer owns each domain. This stops illicit content proliferation. Finally, the pros and cons of two possible approaches to user authentication, i.e. the use of a password/PIN and biometric authentication mechanisms, and possible countermeasures to the identified vulnerabilities are discussed.
