A refined architecture for DRM (original) (raw)
Related papers
Towards a software architecture for DRM
Proceedings of the 5th ACM workshop on Digital rights management - DRM '05, 2005
The domain of digital rights management (DRM) is currently lacking a generic architecture that supports interoperability and reuse of specific DRM technologies. This lack of architectural support is a serious drawback in light of the rapid evolution of a complex domain like DRM. It is highly unlikely that a single DRM technology or standard will be able to support the diversity of devices, users, platforms, and media, or the wide variety of system requirements concerning security, flexibility, and efficiency. This paper analyses state-of-the-art DRM technologies and extracts from them high level usage scenarios according to content consumers, producers, and publishers. In addition, the key services are identified both from a functional and security perspective.
A novel approach to DRM systems
Modern Digital Rights Management (DRM) systems are often developed as web software platforms designed as service oriented architectures composed of a federation of coordinated web entities that play distinct roles and dynamically interact within a trusted environment. Such a design approach requires that trustu relationships have to be dynamically established across multiple and heterogeneous organizational boundaries so as to facilitate an ``on-the-fly'' resource sharing. This introduces non-trivial security architectural requirements concerning with the mechanisms that allow different security realms of web entities to be federated. This paper presents a DRM system developed as a web software platform designed to give a specific support both to the interaction of the web entities involved in the platform and to the development of the trusted relationships among them, in a much more flexible way than before, dynamically and with minimal overheads and shared infrastructure.
The Digital Rights Management (DRM) systems aim at protecting and enforcing the legal rights associated with the use of digital content distributed on the Internet. Most of such systems use watermarking techniques to implement the content protection. Although the effectiveness of the implemented protection strictly depends on the adopted watermarking techniques, an important role is also played by watermarking protocols. They define the scheme of the interactions that have to take place among the entities involved in the processes of content protection and web-based distribution governed by the DRM systems. This paper presents a DRM system developed as a web software platform to implement the copyright protection of multimedia digital content distributed on the Internet. The DRM system is based on a watermarking protocol previously developed by the authors, and has been designed as a service oriented architecture composed of a federation of coordinated web entities that play distinct roles and interact within a trusted environment.
DRM & Security Enabling Mechanisms Leveraging User Centric Multimedia Convergence
Cutting Edge Research in New Technologies, 2012
Cutting Edge Research in New Technologies 192 protect their digital media from illegally, unauthorized and without the appropriate rights usage of their products, while let them to use possibly unsafe media like Internet for delivering their products with less hesitation and anxiety about non-legitimate usage of their content. Moreover, the increasing capabilities of embedded systems combined with their decreasing cost have enabled their adoption in a wide range of personalized entertainment services, applications and services, leading thus to a user-converged networked multimedia environments. Furthermore, as dynamicity in networks, embedded security and interoperability in DRM systems become the critical aspects in such networked ecosystems, new emerging frameworks for secure, user-converged digital content delivery are required, leading to specific treatment for the design and deployment of DRM systems that take in care the resource-demanding nature of security in embedded systems, (Fragopoulos & Serpanos, 2005), (Fragopoulos et al., 2009). Thus, it is a requirement to provide integrated DRM mechanisms in such services and applications that target delivery of IP protected content to a large base of clients. Considering the technical problems that result from add-on security solutions to independently developed network services, the design and deployment of architectures with security and DRM as inherent requirements will lead to secure solutions that will increase the trust placed by content providers on the system and thus, it will lead to wider availability of services to a larger population. In this book chapter, we describe extensive research that has been done in the areas of DRM management and embedded security, towards the design and deployment of an integrated architecture that exposes security functionalities and DRM mechanisms, focusing on usercentric and nomadic environments. In that context we have taken specific care how we could adapt our architecture in order to cope with mobility management issues, while providing interoperability towards other similar architectures. The architecture that we describe, (a) provides the capability to the user to act as content creator who set its own usage rules to his content, thus protecting digital content from unauthorized usage from non-legitimate users; (b) operates over heterogeneous network technologies; (c) provides to the end-user friendliness; (d) provides adequate security mechanisms, under possible attacks; and, (e) is adapted to mobility frameworks, providing secure access to DRM protected multimedia digital contents, (enabling DRM in session migration-high mobility environments). Towards implementing licensing for DRM-protected multimedia contents, we have focused mainly to the usage of newly proposed MPEG-21 standard, (International Standards Organization [ISO], 2005), (Burnett et al., 2006), which has been recently proposed for primary use in the area of multimedia world, allowing the seamless, interoperable, transparent and universal delivery of multimedia digital contents to the end-users in a dynamic environment. More specific, our research work involved usage of two parts of the standard, (a) Part 4, MPEG Intellectual Property Management and Protection (IPMP), which provides mechanisms for protection of digital item, since security problems may arise from the fact that, the digital item's description, i.e. its structure, contents, attributes and metadata, is a clear XML document and it is easily visible to anyone and vulnerable to non-authorized usage; and, (b) Part 5, MPEG Rights Expression Language (REL), which provides a simple XML-based data model which allows to the content creator to meta-describe the license that describes the usage rules over a specific digital content. The use of MPEG-21, leads to a DRM scheme that is adaptive to the end-user needs, i.e. different users must have different usage rights over the same digital content, while also characterized by interoperability.
A DRM Framework for Distributing Digital Contents through the Internet
ETRI Journal, 2003
This paper describes our design of a contents distribution framework that supports transparent distribution of digital contents on the Internet as well as copyright protection of participants in the contents distribution value chain. Copyright protection must ensure that participants in the distribution channel get the royalties due to them and that purchasers use the contents according to usage rules. It must also prevent illegal draining of digital contents. To design a contents distribution framework satisfying the above requirements, we first present four digital contents distribution models. On the basis of the suggested distribution models, we designed a contract system for distribution of royalties among participants in the contents distribution channel, a license mechanism for enforcement of contents usage to purchasers, and both a packaging mechanism and a secure client system for prevention of illegal draining of digital contents.
EC-GATE: an infrastructure for DRM
Proc. of the IASTED Intl. Conference …, 2003
DRM technologies include a range of functions to support the management of intellectual property for digital resources, such as expression of rights and obligations, description, identification, trading, protection, monitoring and tracking of digital content. This paper presents the EC-GATE system, a general framework capable of supporting very heterogeneous DRM applications and scenarios. This system enables content owners to enforce access control policies, copyright agreements, payments and other obligations, to digital objects in a distributed environment. The idea of this work is that the security requirements of all processes related to the secure transmission and commerce of digital contents can be fulfilled if we guarantee that the software running at the other side of the communication line is protected. To achieve what we call "protected software" we must ensure that it is neither possible to discover nor to alter the function that the software performs and it is also impossible to impersonate the software. The solution that we present is also based on the notion of "secure container", a protected package of data and administrative information. Our solution uses mobile software elements to convey the protected contents and force the user to fulfill the obligations previously established by the content owner before granting the rights and access to these contents. EC-GATE also includes components for authorization and management.
Frontiers of DRM knowledge and technology
IJCSNS, 2007
In today's digital world digital information can be copied and distributed with ease and little expense. While this makes life easier for law-abiding citizens, it also facilitates misuse, mass piracy and the violation of Intellectual Property Rights (IPR) causing revenue loss to many rights holders. Consumers are also concerned about their privacy, and therefore experience a need to be able to have control over their own personal information, including the manner of its acquisition and the use to which it is put. In the future world of ambient intelligence, digital content will be ubiquitous and people will interact with it in all areas of their lives, a situation that presents new challenges in the area of Digital Rights Management (DRM). There are many techniques that can be used by a DRM system to curtail infringements of IPR. Each one has its strengths and weaknesses, which must be weighed against each other along with the cost of acquiring, integrating and maintaining them. This paper likewise gives an overview of the frontiers of DRM knowledge and technology in the form of a brief survey. On the basis of this review of the present state of the art and activities in the field of DRM, the paper also charts trends and predicts developments.
Design and development challenges for an E2E DRM content business integration platform
International Journal of Information Management, 2009
Current studies on Digital Rights Management (DRM) have focused on controlling access to and copies Digital rights 0 f contents, centered exclusively on the end of the valué chain (end users). This focus has been oriented Platform towards security and encryption as a means of solving the issue of ¡Ilegal copying by purchasers. In this paper, we propose End-to-End Digital Rights Management (E2E DRM) that involves the protection of the content throughout the entire valué chain. This concept is given form in the new technologies for representing intellectual property (IP) which, in a secure and unequivocal manner, identify the content at each point in the valué chain: from the author to the end user, the content is identifiable in any of the transactions and statuses through which it passes. The key concept which E2E DRM must provide is not only the governability of access and copying, but also that of all the processes associated with the content business. We establish an E2E DRM model and architecture, and propose the R&D management of its design and implementation that makes it possible to protect content from content creator to purchaser. Finally, the paper also analyzes their impact from a global perspective.
Rights protection of digital content in the DRM environment
2015
In electronic-business settings, content providers produce digital goods/services (such as, games, images, softwares, etc.) which consumers/users wish to purchase. In general, mass-production of digital goods/services is possible if an instance of the goods/services is made available. Digital Rights Management (DRM) mainly considers technological approaches to protect content providers' rights on their original products (also known as, intellectual property) against illegal reproduction of the goods/services (also known as, piracy). Due to the wide range and different types of digital goods, several DRM systems have been studied in the literature. Many existing DRM systems, however, focus on the security of the content provider and often neglect the users' privacy. The problem statement of this thesis is devising DRM systems that protect users' privacy while content provider's security is maintained. To achieve this goal during the life-time of the digital content, w...