Trusted Computing and DRM

Proceedings of the IEEE, 2000

Proceedings of the 8th ACM workshop on Digital rights management - DRM '08, 2008

Defining Digital Rights Management (DRM) is a complex task. There is no unique universal definition. There are many legal, economic, functional, and technical definitions. This complexity induces also that there is not one unique modeling of DRM. Each model should help to compare different DRM systems and easily highlight the differences and the similarities between them. One of the weaknesses of the current models is that none puts specifically the focus on the most important characteristics of DRM: protection of content and rights management. We propose a four-layer model that complements traditional ones. Using trust layer, rights management layer, rights enforcement layer, and content protection layer, this model is security oriented. It is suitable to describe any content protections such as DRM, conditional access, copy protection or even pre-recorded content protection systems.

Automated Production of …, 2007

In this paper we propose some security mechanisms that can be used in a multimedia content distribution system with Digital Rights Management (DRM) to ensure that the software tools used in the client side are trusted not only in the moment when they are installed but during their whole life operation. For this purpose, certification, verification, reverification and recertification mechanisms are described, discussing the advantages as well as the drawbacks of using such techniques. A complex use case is presented to complement the description of the proposed mechanisms. The presented architecture and mechanisms are being implemented in the AXMEDIS project, which aims to create an innovative technology framework for the automatic production, protection and distribution of digital cross media contents over a range of different media channels, including PC (on the Internet), PDA, kiosks, mobile phones and i-TV.

The paper is meant to create a discussion on techniques developed for prevention of piracy in digital media which can be regarded as one of the biggest obstruction in the growth of digital media sector. The duplication caused by piracy has innumerable problems which are indispensable. Thus it is need of the hour to staidly understand the importance of preventing piracy so as to ensure unhindered growth of the staggering flourishing market of digital media. The fact that it is becoming relatively easy to access anyone's confidential data without any legal permission has led us to carefully think of some kind of innovative ways to protect ourselves and so this paper talks of some of the most effective counter measures. Here described an architecture integrated with different forms i.e. tamper proofing, obfuscation and watermarking that can shield digital media. These techniques are built with the purpose of controlling ever increasing piracy which and are undoubtedly capable of fighting against the hazardous consequences causes by the toughest rival of economy sector. This three layered technique enable us to withstand all most all types of attacks and prevent from Zero Day attacks. These techniques cover both hardware/manufacture level and software/user level protection, and are most affordable, reliable and everlasting counter measures.

The IASTED International …

Proceedings of the 2005 Australasian workshop …, 2005

Robust technological enforcement of DRM licenses assumes that the prevention of direct access to the raw bit representation of decrypted digital content and the license enforcement mechanisms themselves is possible. This is difficult to achieve on an open computing platform such as a PC. Recent trusted computing initiatives namely, the Trusted Computing Group (TCG) specification, and Microsoft's Next Generation Secure Computing Base (NGSCB) aim in part to address this problem. The protection architecture and access control model of mainstream operating systems makes them inappropriate as a platform for a DRM content rendering client because decrypted content cannot be protected against a privileged process. If a DRM client is to be deployed on an open computing platform, the operating system should implement the reference monitor concept, which underpins the mandatory access control model. The TCG model of trusted computing has important limitations when combined with an operating system enforcing discretionary access control. We argue that the TCG services of sealed storage and remote attestation which are important in DRM applications, cannot operate in a secure and efficient manner on such an operating system. .

Information Security Policies and Actions in Modern Integrated Systems

Multimedia content delivery applications are becoming widespread thanks to increasingly cheaper access to high bandwidth networks. Also, the pervasiveness of XML as a data interchange format has given origin to a number of standard formats for multimedia, such as SMIL for multimedia presentations, SVG for vector graphics, VoiceXML for dialog, and MPEG-21 and MPEG-7 for video. Innovative programming paradigms (such as the one of web services) rely on the availability of XML-based markup and metadata in the multimedia flow in order to customize and add value to multimedia content distributed via the Net. In such a context, a number of This chapter appears in the book, Information Security Policies and Actions in Modern Integrated Systems, edited by Mariagrazia Fugini and Carlo Bellettini.

Signal Processing: Image Communication, 2001

A digital home network is a cluster of digital audio/visual (A/V) devices including set-top boxes, TVs, VCRs, DVD players, and general-purpose computing devices such as personal computers. The network may receive copyrighted digital multimedia content from a number of sources. This content may be broadcast via satellite or terrestrial systems, transmitted by cable operators, or made available as prepackaged media (e.g., a digital tape or a digital video disc). Before releasing their content for distribution, the content owners may require protection by specifying access conditions. Once the content is delivered to the consumer, it moves across home the network until it reaches its destination where it is stored or displayed. A copy protection system is needed to prevent unauthorized access to bit streams in transmission from one A/V device to another or while it is in storage on magnetic or optical media. Recently, two fundamental groups of technologies, encryption and watermarking, have been identified for protecting copyrighted digital multimedia content. This paper is an overview of the work done for protecting content owners' investment in intellectual property.

In the DRM environment, content is usually distributed in an encrypted form. Typically, a secure encryption algorithm is utilized to accomplish such protection. However, executing this algorithm in an insecure environment may allow adversaries to compromise the system and obtain information about the decryption key. Keeping such a key secret is a major challenge for content distribution systems. We consider two solutions for securing content delivery. The first solution involves modifying the algorithm in such a way as to make implementation unintelligible. The second solution involves setting a buyer-seller protocol to communicate the key securely. In addition, the protocol can be set to achieve security for the content provider and privacy protection for user. This paper describes a study of these scenarios for DRM applications w.r.t securing content delivery.