The Implications of an Operating System Level DRM Controller

Digital Rights Management (DRM) is the persistent access control of digital content. This paper examines the implications of enforcing access control rules at the operating system kernel level. We describe our design for a prototype, operating system kernel level DRM Controller. Initial performance benchmarks measuring access time have yielded promising results. Only negligible overhead was measured unprotected data, while the overhead incurred for protected data is unnoticeable to a human user. Lastly, we discuss implications of operating system level DRM

Extending ODRL to Enable Bi-Directional Communication

Current rights expression languages (RELs) only allow for rights holders to dictate terms to the end users. This limits their use as a means for negotiating electronic contracts and end users are not able to request changes in their rights contracts. In this paper we propose extensions to ODRL that allow end users to request changes and for the rights holder to grant or deny these changes. These extensions allow the end user to request changes to their current rights, and for the rights holder to grant or refuse the request. We also provide two examples to demonstrate possible uses of our extensions. The extensions we discuss can also be implemented in other RELs like XrML

DRM Use License Negotiation using ODRL v2.0

In [9], Camp discussed why DRM is not equivalent to copyright enforcement. In 2005, Arnab et al. discussed how DRM is in fact the enforcement of licensing agreements, and promoted the use of negotiation in DRM as a mechanism to handle fair use scenarios [3]. In this paper, we detail negotiation protocols for two of the three types of negotiation -- bidding and bargaining (the third type, auctioning, can easily be handled without any new technology). We motivate the correctness and completeness of our protocols through the use of Petri net modeling. We also motivate the use of the latest draft of the ODRL v2.0 rights expression language (REL) as a language for expressing negotiations in DRM systems. By using a REL in the protocol specifications we remove the need to translate between the protocol and the rights expression language, thus speeding up the overall license acquisition process and reducing the risk of translation errors

A Graphical Environment for the Facilitation of Logic-Based Security Protocol Analysis

The development of cryptographic logics to analyze security protocols has provided one technique for ensuring the correctness of security protocols. However, it is commonly acknowledged that analysis using a modal logic such as GNY tends to be inaccessible and obscure for the uninitiated. In this paper we describe a graphical tree-based specification environment which can be used to easily construct GNY statements using contextualized pop-up menus. The interface which we describe helps to move logic-based analysis out of the world of academia and into the mainstream market

An Environment to Facilitate the Teaching of GNY-Based Security Protocol Analysis Techniques

The development of cryptographic logics to analyze security protocols has provided one technique for ensuring the correctness of security protocols. However, it is commonly acknowledged that analysis using a modal logic such as GNY tends to be inaccessible and obscure for the uninitiated. In this paper we describe a graphical tree-based specification environment which operates in conjunction with a Prolog-based GNY analyzer. This environment can be used to easily construct GNY statements using dynamically-constructed contextualized pop-up menus. We will show how this environment helps to distance students and protocol engineers from the syntactical element of GNY analysis, allowing them to focus more on the associated semantics and distil the critical issues that arise during protocol analysis. By freeing individuals to focus on an analysis, instead of hampering them with the necessary syntax, we can ensure that the fundamental concepts and advantages related to GNY analysis are kept in mind and applied as well

Attack Analysis of Cryptographic Protocols Using Strand Spaces

Network security protocols make use of cryptographic techniques to achieve goals such as confidentiality, authentication, integrity and non-repudiation. However, the fact that strong cryptographic algorithms exist does not guarantee the security of a communications system. In fact, it is recognised that the engineering of security protocols is a very challenging task, since protocols that appear secure can contain subtle flaws and vulnerabilities that attackers can exploit. A number of techniques exist for the analysis of security protocol specifications. Each of the techniques currently available is not capable of detecting every possible flaw or attack against a protocol when used in isolation. However, when combined, these techniques all complement each other and allow a protocol engineer to obtain a more accurate overview of the security of a protocol that is being designed. This fact, amongst others, is the rationale for multi-dimensional security protocol engineering, a concept introduced by previous projects in the DNA group. We propose an attack construction approach to security protocol analysis within a multi-dimensional context. This analysis method complements the method used in the existing inference construction analysis tools developed earlier in the group. This paper gives a brief overview of the concepts associated with our project, including a summary of existing security protocol analysis techniques, and a description of the strand space model, which is the intended formalism for the analysis

Digital Rights Management - A current review

Digital Rights Management (DRM) systems aim to create a secure framework to control access and actions that can be performed by users (both human and machine). DRM technologies have become very important in an increasingly networked world because it promises the owner of the file persistent control over the file even when the file leaves the owner's machine. It is not only useful in combating piracy (which is currently the main use of DRM systems) but also for protecting sensitive documents in enterprises. DRM systems can be seen to fit at various levels on a computer system - at an application layer, which is currently seen in applications like Apple iTunes; at an operating system level like Microsoft's Rights Management System (RMS) in Windows Server 2003 or at a hardware level like Content Scramble System (CSS) in DVD players. However, current DRM systems are mostly not interoperable and in most cases either do not provide all the requirements expected by the customer or do not provide a totally secure framework. DRM systems that are used for copyright enforcement give rise to many legal questions mostly revolving on the amount of control the copyright holder has over their creations once they have been distributed to the users. Many of the legal questions do not affect DRM systems for enterprises, but most of the technical requirements are the same. This report gives a broad overview of current state of DRM systems and their strengths and weaknesses. It starts by looking at the legal requirements of the system to satisfy both the right holders and the end consumers. We then discuss the structure of DRM systems, their characteristics and how well they satisfy the legal requirements. Finally we review three types of DRM systems and how well they satisfy the requirements desired in a DRM system

Ticket based Identity System for DRM

One of the major stumbling blocks in achieving interoperability in DRM systems is due to the variety of different user authentication systems utilised by DRM systems. For example, in [6], the authors detailed how Microsoft's Rights Management System fails in fulfilling its requirements mainly because of a lack of its user identity system. The authors discussed how, because one DRM system cannot authenticate users from another DRM system, it cannot offer interoperability, even if they shared the same data formats. Furthermore, interoperability for user authentication in DRM systems is further hampered by the wide range of devices that need to support DRM enabled data, but do not necessarily offer the same features. Decoupling of user identity from the main DRM system also reduces the chances of correlating users' access patterns of protected works. This improves the privacy of users of DRM systems, another major criticisms of current DRM systems. In this paper we discuss the requirements for user identity in a DRM system and then introduce a Kerberos like reusable ticket based user identity system. This system allows multiple systems to be authenticated by the use of time limited authentication tickets, without requiring online authentication. Tickets can be stored at a central controlling point, which is also responsible for acquiring tickets from authentication servers and redistributing tickets to the devices that need the tickets. In our experience, our approach fulfils all the requirements and is a more scalable and inter-operable approach when compared to existing DRM systems

Requirement Analysis of Enterprise DRM systems

Digital Rights Management or DRM has been mainly used to provide access control protection for multimedia products marketed to consumers, like music and movies. There are also a number of DRM products, like Authentica and Microsoft's RMS, that aim to protect documents for enterprises. However, none of these products provide for all the needs of an enterprise, and furthermore these products do not offer all the benefits that DRM potentially offers to an enterprise. In this paper we discuss what DRM offers to enterprises, examine the base requirements for an enterprise DRM system and then analyse how well three existing enterprise DRM products satisfy the requirements of an enterprise DRM system. We have found that enterprise DRM systems have yet to mature with many requirements not satisfied

Verifiable Digital Object Identity System

Identification is a two part system comprising of a token or label (an identifier) that can be used to reference an entity and a process that can be used to create label-entity associations and verify that the reference and entity belong together. There are a number of identity systems for digital objects that provide identifiers (such as the Handle system, the DOI and URIs). However none of these systems provide verification services. The primary application for our proposed system is in a DRM system, where it is necessary to correctly match users' use licenses to the digital objects covered by the use licenses. In such a case, incorrect associations are effectively failures of the system, and could have wide ranging legal and economic impact, depending on the nature of the protected data. In this paper we present an identity system for digital objects that support verification and the related details such as the identifier format, the verification process as well as a protocol to create identifiers for digital objects