Digital Rights Management for Personal Networks

The thesis is concerned with Digital Rights Management (DRM), and in particular with DRM for networks of devices owned by a single individual. This thesis focuses on the problem of preventing illegal copying of digital assets without jeopardising the right of legitimate licence holders to transfer content between their own devices, which collectively make up what we refer to as an authorised domain. An ideal list of DRM requirements is specified, which takes into account the points of view of users, content providers and copyright law. An approach is then developed for assessing DRM systems based on the defined DRM requirements; the most widely discussed DRM schemes are then analysed and assessed, where the main focus is on schemes which address the concept of an authorised domain. Based on this analysis we isolate the issues underlying the content piracy problem, and then provide a generic framework for a DRM system addressing the identified content piracy issues. The defined generic framework has been designed to avoid the weaknesses found in other schemes. The main contributions of this thesis include developing four new approaches that can be used to implement the proposed generic framework for managing an authorised domain. The four novel solutions all involve secure means for creating, managing and using a secure domain, which consists of all devices owned by a single owner. The schemes allow secure content sharing between devices in a domain, and prevent the illegal copying of content to devices outside the domain. In addition, each solution incorporates a method for binding a domain to a single owner, ensuring that only a single consumer owns and manages a domain. This enables binding of content licences to a single owner, thereby limiting illicit content proliferation. In the first solution, domain owners are authenticated using two-factor authentication, which involves "something the domain owner has", i.e. a master control device that controls and manages consumers domains, and binds devices joining a domain to itself, and "something the domain owner is or knows", i.e. a biometric or password/PIN authentication mechanism that is implemented by the master control device. In the second solution, domain owners are authenticated using their payment cards, building on existing electronic payment systems by ensuring that the name and the date of birth of a domain creator are the same for all devices joining a domain. In addition, this solution helps to protect consumers' privacy; unlike in existing electronic payment systems, payment card details are not exposed to third parties. The third solution involves the use of a domain-specific mobile phone and the mobile phone network operator to authenticate a domain owner before devices can join a domain. The fourth solution involves the use of location-based services, ensuring that devices joining a consumer domain are located in physical proximity to the addresses registered for this domain. This restricts domain membership to devices in predefined geographical locations, helping to ensure that a single consumer owns and manages each domain

Online File Sharing: Resolving the Tensions Between Privacy and Property

This essay expands upon an earlier work (Grodzinsky and Tavani, 2005) in which we analyzed the implications of the Verizon v RIAA case for P2P Networks vis-à-vis concerns affecting personal privacy and intellectual property. In the present essay we revisit some of the concerns surrounding this case by analyzing the intellectual property and privacy issues that emerged in the MGM Studios v. Grokster case. These two cases illustrate some of the key tensions that exist between privacy and property interests in cyberspace. In our analysis, we contrast Digital Rights Management (DRM) and Interoperability and we examine some newer distribution models of sharing over P2P networks. We also analyze some privacy implications in the two cases in light of the theory of privacy as contextual integrity (Nissenbaum, 2004)

A personal networking solution

This paper presents an overview of research being conducted on Personal Networking Solutions within the Mobile VCE Personal Distributed Environment Work Area. In particular it attempts to highlight areas of commonality with the MAGNET initiative. These areas include trust of foreign devices and service providers, dynamic real-time service negotiation to permit context-aware service delivery, an automated controller algorithm for wireless ad hoc networks, and routing protocols for ad hoc networking environments. Where possible references are provided to Mobile VCE publications to enable further reading

Lex Informatica: The Formulation of Information Policy Rules through Technology

Historically, law and government regulation have established default rules for information policy, including constitutional rules on freedom of expression and statutory rights of ownership of information. This Article will show that for network environments and the Information Society, however, law and government regulation are not the only source of rule-making. Technological capabilities and system design choices impose rules on participants. The creation and implementation of information policy are embedded in network designs and standards as well as in system configurations. Even user preferences and technical choices create overarching, local default rules. This Article argues, in essence, that the set of rules for information flows imposed by technology and communication networks form a “Lex Informatica” that policymakers must understand, consciously recognize, and encourage

Securing personal distributed environments

The Personal Distributed Environment (PDE) is a new concept being developed by Mobile VCE allowing future mobile users flexible access to their information and services. Unlike traditional mobile communications, the PDE user no longer needs to establish his or her personal communication link solely through one subscribing network but rather a diversity of disparate devices and access technologies whenever and wherever he or she requires. Depending on the services’ availability and coverage in the location, the PDE communication configuration could be, for instance, via a mobile radio system and a wireless ad hoc network or a digital broadcast system and a fixed telephone network. This new form of communication configuration inherently imposes newer and higher security challenges relating to identity and authorising issues especially when the number of involved entities, accessible network nodes and service providers, builds up. These also include the issue of how the subscribed service and the user’s personal information can be securely and seamlessly handed over via multiple networks, all of which can be changing dynamically. Without such security, users and operators will not be prepared to trust their information to other networks

Governing by internet architecture

In the past thirty years, the exponential rise in the number of Internet users around the word and the intensive use of the digital networks have brought to light crucial political issues. Internet is now the object of regulations. Namely, it is a policy domain. Yet, its own architecture represents a new regulative structure, one deeply affecting politics and everyday life. This article considers some of the main transformations of the Internet induced by privatization and militarization processes, as well as their consequences on societies and human beings.En los últimos treinta años ha crecido de manera exponencial el número de usuarios de Internet alrededor del mundo y el uso intensivo de conexiones digitales ha traído a la luz cuestiones políticas cruciales. Internet es ahora objeto de regulaciones. Es decir, es un ámbito de la política. Aún su propia arquitectura representa una nueva estructura reguladora, que afecta profundamente la política y la vida cotidiana. Este artículo considera algunas de las principales transformaciones de Internet inducida por procesos de privatización y militarización, como también sus consecuencias en las sociedades y en los seres humanos

Determinants in the on-line distribution of digital content: an exploratory analysis

This article shows the phases – and discusses the results – of an empirical analysis addressing the legal business models that are adopted online to distribute digital content

Property and the Construction of the Information Economy: A Neo-Polanyian Ontology

This chapter considers the changing roles and forms of information property within the political economy of informational capitalism. I begin with an overview of the principal methods used in law and in media and communications studies, respectively, to study information property, considering both what each disciplinary cluster traditionally has emphasized and newer, hybrid directions. Next, I develop a three-part framework for analyzing information property as a set of emergent institutional formations that both work to produce and are themselves produced by other evolving political-economic arrangements. The framework considers patterns of change in existing legal institutions for intellectual property, the ongoing dematerialization and datafication of both traditional and new inputs to economic production, and the emerging logics of economic organization within which information resources (and property rights) are mobilized. Finally, I consider the implications of that framing for two very different contemporary information property projects, one relating to data flows within platform-based business models and the other to information commons