The paper has tons of English grammar mistakes and typos. I also noticed several semantic mistakes, like calling p2p clients "networks", and using the word "swamp" when they obviously meant "swarm". They also repeated the "this won't work against FTP/email/DVD-in-mail" paragraph at least 3 times in the first two pages.
Doesn't IEEE have some quality standard for their publications?
Anyways, I got bored of reading this thing after the first few pages (maybe that was their intent?). In short, they propose a custom p2p content distribution system, or augmentation of existing p2p software. The main servers would do the management, and users would do the decentralized distribution part.
Their system adds some sort of authorization mechanism: after purchasing something you get a receipt, and you use that to connect to the network via a (company-controlled) bootstrap node. You have to continuously refresh your auth token against this node. And somehow this token lets anyone recognize a legal/illegal download request. And the poisoning part is there to stop clients that skip the authentication process (both producers and consumers). Does anyone feel like examining their method in detail?