Information protection in content-centric networks

Information-centric networks have distinct advantages with regard to securing sensitive content as a result of their new approaches to managing data in potential future internet architectures. These kinds of systems, because of their data-centric perspective, provide the opportunity to embed policy-centric content management components that can address looming problems in information distribution that both companies and federal agencies are beginning to face with respect to sensitive content. This information-centricity facilitates the application of security techniques that are very difficult and in some cases impossible to apply in traditional packetized networks. This work addresses the current state of the art in both these kinds of cross-domain systems and information-centric networking in general. It then covers other related work, outlining why information-centric networks are more powerful than traditional packetized networks with regard to usage management. Then, it introduces a taxonomy of types of policy-centric usage managed information network systems and an associated methodology for evaluating the individual taxonomic elements. It finally delves into experimental evaluation of the various defined architectural options and presents results of comparing experimental evaluation with anticipated outcomes

The problem with rights expression languages

In this paper we consider the functionality that a rights expression language (REL) should provide within a digital rights management (DRM) environment. We begin by noting the dearth of applications that make use of RELs, despite the fact that they have now been available since the late 1990’s. We posit that one of the main impediments to the use of RELs is the complexity associated with understanding and using them. This results from the fact that the functionality needed to handle a wide variety of possible DRM scenarios is typically built into a REL, and it is often difficult to cleanly partition out only those pieces needed by a particular DRM application. Basing DRM system design on a layered architecture provides one way of achieving a partitioning and points to the need for a simple REL that is exclusively responsible for the expression of rights, while pushing much of the functionality found in current RELs into higher system layers. In order to demonstrate the usefulness of this approach, we provide an example implementation dealing with DRM-based negotiations