Ticket based Identity System for DRM

One of the major stumbling blocks in achieving interoperability in DRM systems is due to the variety of different user authentication systems utilised by DRM systems. For example, in [6], the authors detailed how Microsoft's Rights Management System fails in fulfilling its requirements mainly because of a lack of its user identity system. The authors discussed how, because one DRM system cannot authenticate users from another DRM system, it cannot offer interoperability, even if they shared the same data formats. Furthermore, interoperability for user authentication in DRM systems is further hampered by the wide range of devices that need to support DRM enabled data, but do not necessarily offer the same features. Decoupling of user identity from the main DRM system also reduces the chances of correlating users' access patterns of protected works. This improves the privacy of users of DRM systems, another major criticisms of current DRM systems. In this paper we discuss the requirements for user identity in a DRM system and then introduce a Kerberos like reusable ticket based user identity system. This system allows multiple systems to be authenticated by the use of time limited authentication tickets, without requiring online authentication. Tickets can be stored at a central controlling point, which is also responsible for acquiring tickets from authentication servers and redistributing tickets to the devices that need the tickets. In our experience, our approach fulfils all the requirements and is a more scalable and inter-operable approach when compared to existing DRM systems

Trustworthy content push

Delivery of content to mobile devices gains increasing importance in industrial environments to support employees in the field. An important application are e-mail push services like the fashionable Blackberry. These systems are facing security challenges regarding data transport to, and storage of the data on the end user equipment. The emerging Trusted Computing technology offers new answers to these open questions.Comment: 4 pages, 4 eps figure

Options for Securing RTP Sessions

The Real-time Transport Protocol (RTP) is used in a large number of different application domains and environments. This heterogeneity implies that different security mechanisms are needed to provide services such as confidentiality, integrity, and source authentication of RTP and RTP Control Protocol (RTCP) packets suitable for the various environments. The range of solutions makes it difficult for RTP-based application developers to pick the most suitable mechanism. This document provides an overview of a number of security solutions for RTP and gives guidance for developers on how to choose the appropriate security mechanism

Towards a General Framework for Digital Rights Management (DRM)

Digital rights management (DRM) can be defined as a technology that enables persistent access control. The common understanding of DRM is that of a technology that enables means to thwart piracy of digital multimedia through limiting how the media is used by the consumer. It can be observed that many of these restrictions can be applied to any type of data. Therefore, it should be possible to create a two part DRM system -- a common DRM system that enforces the basic access controls (such as read, write and execute) and an application specific DRM system that enforces the application specific access controls (such as print and play). The aim of this dissertation is to create such a framework for distribution independent DRM systems. Most vendors promote DRM as a copyright protection mechanism, and thus consumers expect a number of rights that are allowed by copyright legislation, but which are not available for the DRM protected media. However, DRM is not an enforcement of copyright law, but rather an enforcement of a licensing regime. Thus, there is incorrect (and possibly false) marketing of DRM enabled media from the vendors of DRM enabled media, leading to dissatisfied consumers. We think that one of the main reasons for the current situation, is that there is no defined legal framework governing the operation of DRM systems. In this dissertation, we address this gap, by developing a legal framework for DRM systems as one of the components of our DRM framework. Negotiation can be defined as the process which leads to the conclusion of a contract. Since DRM is the enforcement of licensing agreements, there is a need to cater for negotiation protocols in DRM systems. Negotiations provide the consumer with the power to request different rights packages, especially when consumers have a legitimate need for rights not granted normally to other consumers (for example, disabled consumers have needs that may not be met with standard rights set). Negotiations also allow the possibility for the licensors to extract the maximum value from the consumers. For this reason, the inclusion of negotiation protocols in DRM systems can become a powerful tool, and in this dissertation we present the first negotiation protocols for DRM systems. Even though the definition of DRM as an access control model has existed since at least 2002, there has been no formal description of DRM as an access control model. Thus, there are no formal models for any of the rights expression languages which express DRM access control policies, and various authors have commented on ambiguities present in interpretation and enforcement of licenses expressed in these languages -- a result of a lack of formal definition of these languages. In this dissertation, we develop a formal model for a Licensing Rights Expression Language (LiREL), which is designed to provide a mechanism to express access control policies which are also sound legal license documents. Our formal model also discusses the enforcement of the access control policies, and is thus the first formal model for DRM as a mechanism for access control. Access control is a two part process: authentication of the parties involved and authorisation of the parties to access the resources. Authorisation in DRM provides some unique challenges: there is a need to support multiple platforms, without guaranteed network connectivity and minimal trust between the parties involved. For this reason, the associated authentication framework becomes more complex. While many access control models define user management as part of their model, we have taken a different approach, and removed user management from the core DRM system. Instead, our authorisation process requires a trusted verification of the user's credentials and then decides on the access control request. For this reason, our user authentication framework is ticket based, and shares similarities to Kerberos tickets. DRM also requires a strong data identity management. However, all the current identity systems for data do not provide verification service for data identity. For this reason, we developed Verifiable Digital Object Identity (VDOI) System, to address this gap. These components are combined towards a general framework for digital rights management that advances the understanding, organisation and implementation of DRM compared to approaches or solutions which are currently available

Integrating security solutions to support nanoCMOS electronics research

The UK Engineering and Physical Sciences Research Council (EPSRC) funded Meeting the Design Challenges of nanoCMOS Electronics (nanoCMOS) is developing a research infrastructure for collaborative electronics research across multiple institutions in the UK with especially strong industrial and commercial involvement. Unlike other domains, the electronics industry is driven by the necessity of protecting the intellectual property of the data, designs and software associated with next generation electronics devices and therefore requires fine-grained security. Similarly, the project also demands seamless access to large scale high performance compute resources for atomic scale device simulations and the capability to manage the hundreds of thousands of files and the metadata associated with these simulations. Within this context, the project has explored a wide range of authentication and authorization infrastructures facilitating compute resource access and providing fine-grained security over numerous distributed file stores and files. We conclude that no single security solution meets the needs of the project. This paper describes the experiences of applying X.509-based certificates and public key infrastructures, VOMS, PERMIS, Kerberos and the Internet2 Shibboleth technologies for nanoCMOS security. We outline how we are integrating these solutions to provide a complete end-end security framework meeting the demands of the nanoCMOS electronics domain

An Economist's Guide to Digital Music

In this guide, we discuss the impact of digitalization on the music industry. We rely on market and survey data at the international level as well as expert statements from the industry. The guide investigates recent developments in legal and technological protection of digital music and describes new business models as well as consumers' attitude towards music downloads. We conclude the guide by a discussion of the evolution of the music industry

An Economist's Guide to Digital Music

In this guide, we discuss the impact of digitalization on the music industry. We rely on market and survey data at the international level as well as expert statements from the industry. The guide investigates recent developments in legal and technological protection of digital music and describes new business models as well as consumers' attitude towards music downloads. We conclude the guide by a discussion of the evolution of the music industry.Music; Internet; File-sharing; Peer-to-peer; Piracy; Digital Rights Management; Copyright; E-commerce

An Economist’s Guide to Digital Music

In this guide, we discuss the impact of digitalization on the music industry. We rely on market and survey data at the international level as well as expert statements from the industry. The guide investigates recent developments in legal and technological protection of digital music and describes new business models as well as consumers' attitude towards music downloads and audio-streaming. We conclude the guide by a discussion of the evolution of the music industry.music, internet, file-sharing, peer-to-peer, piracy, digital rights management, copyright, e-commerce

HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing

制度:新 ; 報告番号:乙2336号 ; 学位の種類:博士(人間科学) ; 授与年月日:2012/1/18 ; 早大学位記番号:新584

Interoperability of DRM Systems

The study deals with the cutting-edge subject of electronic contracts which have the potential to automatically process and control the access rights for (electronic) goods. It shows the design and the implementation of a rights expression exchange framework. The framework allows DRM systems to exchange electronic contracts, formulated in a standardized rights expression language, and thus provides DRM system interoperability. The work introduces a methodology for the standardized composition, exchange and processing of electronic contracts or rights expressions