A First Look at Digital Rights Management Systems for Secure Mobile Content Delivery

Digital rights management (DRM) solutions aim to prevent the copying or distribution of copyrighted material. On mobile devices, a variety of DRM technologies have become widely deployed. However, a detailed security study comparing their internal workings, and their strengths and weaknesses, remains missing in the existing literature. In this paper, we present the first detailed security analysis of mobile DRM systems, addressing the modern paradigm of cloud-based content delivery followed by major platforms, such as Netflix, Disney+, and Amazon Prime. We extensively analyse the security of three widely used DRM solutions -- Google Widevine, Apple FairPlay, and Microsoft PlayReady -- deployed on billions of devices worldwide. We then consolidate their features and capabilities, deriving common features and security properties for their evaluation. Furthermore, we identify some design-level shortcomings that render them vulnerable to emerging attacks within the state of the art, including micro-architectural side-channel vulnerabilities and an absence of post-quantum security. Lastly, we propose mitigations and suggest future directions of research

A First Look at Digital Rights Management Systems for Secure Mobile Content Delivery

Digital rights management (DRM) solutions aim to prevent the copying or distribution of copyrighted material. On mobile devices, a variety of DRM technologies have become widely deployed. However, a detailed security study comparing their internal workings, and their strengths and weaknesses, remains missing in the existing literature. In this paper, we present the first detailed security analysis of mobile DRM systems, addressing the modern paradigm of cloud-based content delivery followed by major platforms, such as Netflix, Disney+, and Amazon Prime. We extensively analyse the security of three widely used DRM solutions -- Google Widevine, Apple FairPlay, and Microsoft PlayReady -- deployed on billions of devices worldwide. We then consolidate their features and capabilities, deriving common features and security properties for their evaluation. Furthermore, we identify some design-level shortcomings that render them vulnerable to emerging attacks within the state of the art, including micro-architectural side-channel vulnerabilities and an absence of post-quantum security. Lastly, we propose mitigations and suggest future directions of research

A New Approach to Complex Dynamic Geofencing for Unmanned Aerial Vehicles

The anticipated widespread use of unmanned aerial vehicles (UAVs) raises significant safety and security concerns, including trespassing in restricted areas, colliding with other UAVs, and disrupting high-traffic airspaces. To mitigate these risks, geofences have been proposed as one line of defence, which limit UAVs from flying into the perimeters of other UAVs and restricted locations. In this paper, we address the concern that existing geometric geofencing algorithms lack accuracy during the calculation of complex geofences, particularly in dynamic urban environments. We propose a new algorithm based on alpha shapes and Voronoi diagrams, which we integrate into an on-drone framework using an open-source mapping database from OpenStreetMap. To demonstrate its efficacy, we present performance results using Microsoft's AirSim and a low-cost commercial UAV platform in a real-world urban environment.Comment: Accepted to the 40th IEEE Digital Avionics Systems Conferenc