SlideShare una empresa de Scribd logo
1 de 36
Digital Rights Management
  (DRM)

ISA 767, Secure Electronic Commerce
Xinwen Zhang, xzhang6@gmu.edu
George Mason University




Reference
 Digital Rights Management: Business
 and Technology. New York: Hungry
 Minds/John Wiley & Sons, 2001.




                                       2
An example
 Buy a book in bookstore:
   you get the right to read the book for as long and
   as many times as you want, and you can give,
   sell, or lend it to someone.
   you can't legally make copies of it, change it, or
   embed parts of it in other works.




                                                             3




Changing of DRM
 New Technologies changes the rights management:
   Digital format, easy to copy and manipulate
   Internet-based distribution, cheap and instantaneous
   New mechanisms for payment
 New business models:
   dynamic pricing
   permission to view content in exchange for user info (e.g.,
   demographics)
   syndicating content to other web sites
   Other value-added service
 DRM: controlling and managing rights digital objects
   Mostly IP objects

                                                             4
DRM Origin: Business
Perspectives
Super-distribution by Mori, 1983.
     Consumer’s further Distribution to other consumers
     Digital objects are freely available to public in
     protected manner and only authorized users are
     allowed to use the objects
     Can increase revenues by providing an opportunity to
     experience digital objects
DRM first appeared in mid 90s for controlling
distribution of consumer media

                                                       5




DRM Enforcement Tech
       Legally, through registration forms, license
1.
       agreements, and copyright laws.
       Legally with an audit trail, such as copyright
2.
       notices or watermarks (identifiers
       embedded permanently in the content).
       Technologically, using encryption and user
3.
       authentication to protect content and only
       make it accessible under strictly specified
       conditions.
                                                       6
DRM Origin: Technology
Perspectives (1)
 As part of access control discipline
   Since the advent of timesharing system (70’s)
      Multi-user OS
      Need to share computing resource and information
      resource
   Shift from mainframe to client-server and P2P
      Needs to control digital objects even after distributions
   Originator control policy in open environment
      Originator’s control at the outside of system



                                                              7




DRM Origin: Technology Perspectives
(2) – by Rosenblatt et al.
 Software distribution
   Availability of cheap Floppy disks, CD-RWs, DVD-
   RWs
   Needs Protection schemes to prevent illegal copies
      Warning message, product ID, activation, dongles
   Software license admin in LAN
 Encrypted content distribution
   Simple encryption scheme: Password, zip, etc.
   Type fonts. Fonts are used to be expensive
   Encrypt files on CD-ROMs

                                                              8
DRM Origin: Commercial History
(1) – by Rosenblatt et al.
Early commercial systems (beginning in 1994)
  IBM infoMarket
    All software-based
     Cryptolope and a set of software for web-based
    marketplaces
  Electronic Publishing Resources (EPR) later named
  as InterTrust
    Originally an entire end-to-end system with hardware-
    based devices (including client-side hardware devices)
    Later developed software-based systems
    Now patent-based licensing, DRM interoperability

                                                             9




DRM Origin: Commercial History
(2) – by Rosenblatt et al.
  Xerox PARC research labs
     A new paradigm of DRM and Trusted
     Systems discussed in “letting loose the
     light” by Mark Stefik
       in essence, it should always be possible to
       strictly define and control who can do what to a
       piece of content, when, on what devices, and
       for how much money or other form of
       consideration.
       Based on trusted system
     Digital Property Rights Language (DPRL)
     by Mark Stefik                          10
DRM Origin: Commercial History
 (2) – by Rosenblatt et al.

  ContentGuard’s XrML
  Trusted Computing
     Smart card, music player, etc
     Intel LaGrande, TCG’s NGSCB
  Watermarking Technologies
     DigiMarc, …..


                                                 11




 Scenario 1


            MP3 file

    Alice              Bob

                 Undesirable distribution

Alice sent her song to Bob for review
                                              Chris
Alice doesn’t want Chris to listen the song

                                                 12
Scenario 2


                      Digital Book

             Alice                   Bob
                                 Desirable distribution

 Alice sold her e-book to Bob
                                                                        Chris
  Alice wants Bob to distribute his copy to Chris so he can read part
of the book and become a potential customer (super-distribution)
                                                                           13




          Problems
          Unauthorized distribution & Use
             Reproduction of a digital object does not reduce
             its quality or value
             Unauthorized person can access exactly same
             digital objects as the original copy
             Commercially, unauthorized dissemination and use
             of digital object may cause revenue loss
             Unauthorized dissemination and use of sensitive
             information causes information leakage (e.x.
             intelligence community, health care)
                                                                           14
DRM in Nutshell
It’s a system, a technology, a service, an application
software, and a solution
No concrete definition.
   Many interests groups, many vendors, many solutions, but no
   standards
   Little interoperability
Controlling and tracking access to and usage (including
dissemination) of digital information objects
Securing digital object itself, not the transmission
   By using cryptographic, and watermarking technologies
Business perspectives
   Not just for protections, but new business models
   Increased revenue
                                                             15




Variations of DRM definition
   Originally,
       to capture a set of new technologies that
       enables controlling use of digital contents
       after the contents are distributed to clients.
   Today,
       vary by different researchers and scientists
       unclear what should be included in DRM
       boundary and what DRM is capable of.

                                                             16
DRM Definition - Rosenblatt et al.
2002
 In their book, Rosenblatt et al. refers DRM as
 controlling and managing legal, transactional,
 and implicit rights to digital intellectual
 property.
   Legal: Rights that you get either automatically
   under law (such as inherent copyright) or by some
   legal procedure (such as applying for a patent)
    Transactional: Rights that you get or give up by
   buying or selling them, such as buying a book or
   selling a manuscript to a publisher
    Implicit: Rights defined by the medium that the
   information is in
                                                  17




DRM Definition – Robson 2003
 In his article “The TEACH Act and The MPEG
 Rights Expression Language”, Robson defines
   DRM is a technology that restricts or prevents the
   unauthorized use of digital contents in accordance
   with defined rights and conditions.
   DRM is the process of defining, tracking and
   enforcing permissions and conditions through
   electronic means.



                                                  18
DRM Definition – Iannella
2001
  In “DRM architectures”, d-lib, Iannella tries
 to capture the evolution of DRM definitions by
 saying that
   DRM focused on security and encryption as a
   means of solving the issue of unauthorized
   copying, that is, lock the content and limit its
   distribution to only those who pay. This was the
   first-generation of DRM.
   The second-generation of DRM covers the
   description, identification, trading, protection,
   monitoring and tracking of all forms of rights
   usages over both tangible and intangible assets
   including management of rights holders
   relationships.                                    19




DRM Definition –various
scopes
 Rosenblatt tries to include more than
 technologies within DRM scope (such as
 business and legal issues)
 Robson tries to include only technological
 issues (specifically, emphasizing both
 protections and tracking) within DRM
 definition.
 Iannella tries to capture wide range
 technologies
                                                     20
DRM Definition - Ambiguity
  many researchers and scientists tried to
  define the meaning and scope of DRM
  Still ambiguous in its definition, scope,
  and meaning.
  The references in previous slides show
  that there is no airtight, single definition
  of DRM.
  DRM technologies vs. DRM applications

                                                               21




Basic functions of a DRM
system
Basic functions:
   Systems that content providers can use internally for
   defining, organizing, and managing contents and rights
   Systems for distributing content to consumers in a controlled
   way
   Systems for managing usage to content
   Systems for licensing and distributing content to other
   publishers in a controlled way
   Systems for measuring content usage
   Payment systems
   …
Functions can be integrated or separated.

                                                               22
Understanding DRM
Some of DRM aspects
 Dissemination Scale
   Small, medium, and large scale
 Dissemination Environment
   Closed, federated, open, and p2p environment
 Payment-based vs. Payment-free
 Prevention vs. Detection & Tracking


                                                   23




 Dissemination Scale
  Small Scale Dissemination
    1 item   1 to 100 recipients
    Much less tolerance for leakage
    B2B Business transaction, Intelligence community
  Medium Scale Dissemination
    1 item   103 to 105 recipients
    Textbook publishing, technical journals
  Large Scale Dissemination
    1 item   106 to 108 recipients
    Some leakage is acceptable or even desirable
    Music, popular books
                                                   24
Dissemination Environment
 Closed Environment Dissemination
   Internal distribution (commercial and Intelligence)
   Easy to customize client-side systems (both S/W & H/W)
 Federated Environment Dissemination
   Limited number of organizations are involved
   B2B, B2G and G2G dissemination
   Limited administrative control over recipients
 Open Environment Dissemination
   B2B and B2C dissemination
   Hard to customize client-side system
 P2P Environment Dissemination


                                                            25




Two Types of Dissemination
 Payment-Based Type (PBT)
    Payment is required in order to access digital
    content
    B2C mass distribution e-commerce system
 Payment-Free Type (PFT)
    Payment is not required
    Dissemination must be controlled for
    confidentiality or other security requirements
    B2B Hub System, G2G, Intelligence Community

                                                            26
Characteristics of PBT & PFT
Payment-Based
  A small amount of information leakage is acceptable
  and even desired
  The number of legitimate copies of a single digital item
  is usually greater than that of PFT
  The objective in PBT is to distribute as many copies as
  possible and extract payment
Payment-Free
  Information leakage is not acceptable
  The number of legitimate copies of a single digital item
  is less than that of PBT
  It is the distribution itself which needs to be limited
  The security requirements are likely to be more
  stringent than that of PBT                               27




Prevention vs. Detection
   Prevention
      Leakage “cannot” occur
   Detection & Tracking
      Leakage can occur but can be detected
      and tracked to re-distributor
   Both solutions can/must coexist


                                                             28
Commercial Interest
                                                                                      Prevent vs.
                                               Payment          Scale   Environment
                                                                                        Detect

                                                                           Open
                   Major                                        Large
                   Commercial                       Yes                  Federated       Both
                                                               Medium
                   Interest                                               Closed


                                                                           Open
                   Less                                                                  Both
                                                               Medium
                   Commercial                        No                  Federated    (Prevention
                                                                Small
                   Interest                                                            emphasis)
                                                                          Closed


                                                                                             29




                  DRM systems overview
                 Heterogonous
                 requirements
                 Many techniques
                 Huge number of providers




Comparing the Usage of Digital Rights. Management Systems
                                                                                             30
    in the Music, Film, and Print, Fetscherin & Schmid, 2003
DRM Overview
  Objectives:
    Mainly for technical objectives
  Models:
    access control or usage control model
  Architectures:
    Distribution architectures
    Enforcement architectures
    Other supported architectures
  Mechanisms:
    Mechanisms to control the distribution/dissemination
    Mechanisms to control the usage
    Payment mechanisms
                                                     31




DRM objectives
Mainly for protection of intellectual property
rights and copyrights
Also detection and tracking of (unauthorized)
usage
Controlling and tracking usage of digital
objects even after distribution
Originator control in non-closed environment
Broader scope includes
   business, legal, social issues, etc.
  Content creation, management, re-distribution, etc
                                                     32
Access Control in DRM
    Payment based access control
       Authorization is based on payment
       Most of commercial solutions
    Non-payment based access control
       Little studies on this for DRM
       MAC, DAC, RBAC, ORCON
       Non-commercial (e.g., intelligence community, health care)
    UCON can be used as model for DRM systems
    ORCON can be viewed as the core policy for many DRM
    systems.
       UCON can support ORCON policy
                                                                    33




     Access Control Model in DRM
Entity Model(by Iannella)
  Users:
    owner, distributor, consumer
  Objects: digital assets with values
     Security sensitive
     Privacy sensitive
  Rights: usage permissions
     need to be modeled
  Each entity should be identified and described
  with metadata.
     User attributes
     Object identifies
     Rights descriptions                                            34
Access control Model in DRM

Content model: (by Iannella)




                               35




 Access Control Model in DRM
Right Model (by
Iannella)
DRM is
generally
closed system




                               36
Usage Rights in DRM by Stefik
Render Rights
  View, play, print
Transport Rights
  Copy, move, loan
Derivative Work Rights
  Extract, edit, embed


File management rights (backup, restore, etc.)
Configuration rights (install, uninstall)
                                                 37




 Usage Rights




                                                 38
Usage controls in DRM
Mainly payment-based (can be viewed as
authorization or obligation)
  Paid download, pay-per-view/listen, subscription,
  metered payment
Payment-free is possible
  Authorization-based (ID, role, membership-based)
  Obligation-based (e.g., parental control, by providing
  personal info, license agreement)
  condition-based ( e.g., location, time, security status
  (normal, high-alert), system load, etc.
                                                                        39




 Traditional Originator Control
 (ORCON)

                  Digital                    Digital
                  Object                     Object
   Originator                 Subject A                  Subject B



         ACL                Access Control


                               Control
      Non-
                              Authority
  discretionary    ACL
      ACLs
                                                       Control Domain




                                                                        40
ORCON in Open Environment - An
Example

                   Digital Object (DO)
                                                Subject
   Originator                                     A
                                 License
                   Control                    Virtual Machine
                                 License
                   Center                 Control Domain
        ACL                      Granting
                                           License         DO
                                  Ticket
                                                License
      Non-       ACL
                                                Subject
  discretionary
                                                   B
      ACLs
                Control Domain


                                                                41




 DRM Architecture by Rosenblatt
 et al.




                                                                42
DRM Architectures by Park et
     al.
                                  w/o VM                     w/ VM


                            MP     ER           Fixed CS                     External CS
VM: Virtual Machine
                                                               Embedded CS
CS: Control Set
MP: Message Push           NC1    NC2
ER: External Repository                    MP           ER      MP    ER       MP     ER

NC1: No control architecture w/ MP       FC1            FC2     EC1   EC2     XC1     XC2
NC2: No control architecture w/ ER
FC1: Fixed control architecture w/ MP
FC2: Fixed control architecture w/ ER
EC1: Embedded control architecture w/ MP
EC2: Embedded control architecture w/ ER
XC1: External control architecture w/ MP
XC2: External control architecture w/ ER

                                                                                      43




     Content Distribution
         Darknet(Biddle et al.):
             Small-worlds networks
                  (a) - “Sneaker Net”




                                                    P
                                                    C
             P
             C


                                           Search


             P
             C

                                                                                      44
Content Distribution
              Central Internet Servers
                           (b) - The World Wide Web



                                        Http
                                Http
                                                          FTP


                   Web
                                               FTP
                  Search
                                               http
                  Engine


                                                                     PC


                            P
                            C


                                       PC                       PC
                                                      P
                                                      C


                                                                                                      45




          Content Distribution
              1st generation P2P systems
                  Napster, Gnutella
                  DHT

                                P
                                C
                                                                                              P
                                                                                              C
              P
              C
                                                                      P
                                                                      C
                                        P
                                        C
                        TCP /
Napster                                                                                           P
                                                                                                  C
Search                                                                         gnutella
                       Napster
Engine                                                                         Search
                       Protocol                                                Engine
                                                                                      TCP/UDP
                                               P
                                               C                                      Gnutella
                                                                                                       P
                                                                                                       C
                                                                                      Protocol
                                                            P
                                                            C
          P
          C

                  P
                  C                    P
                                       C
                                                                          PC                      P
                                                                                                  C
                           PC
                                                                                                      46
                                                                                          P
                                                                                          C
Content Distribution
2nd P2P systems
  KaZaA, BitTorrent,   Web page with
                       link to .torrent
                                                                                                                            Data
                              file


                                                                  Web Server                                         Tracker Site




                                          1. Get .torrent file
                                                                                                              3.
                                                                                 2.                              R
                                                                                    G                  es
                                                                                      et                 po
                                                                                         -a
                                                                               ns           nn
                                                                                 e-            ou
                                                                                    pe           nc
                                                                                       er          e
                                                                                          lis
                                                                                             t



                                                                                  4. Shake hand

                                                                           5. Download piece Mi




                                                                                                                                 47
                                                                 Peer k                                                 Peer j




  Mechanisms: 7 Key Tech
  components (Fetscherin & Schmid)




                                                                                                                                 48
DRM Technology Hierarchy




                                                     49




  Digital Watermarking
Embedding information in information
Mainly for information authenticity (tracking) and
integrity
Watermarking technologies are dependent on the
type of digital information (e.g., text, image,
audio and etc.)
Minimum size of object is required
Difficulty of embedding different watermark
(fingerprint) in each copy of original objects in
case of mass distribution
                                                     50
Understanding Digital
Watermarking (1)

    Visible Watermarking
       Watermark is visible (e.g.background logo)
       Can be used for sample digital objects to
       reduce commercial value on them
    Invisible Watermarking
       Most of Watermarking belongs here
       Digital Watermark can be detected by
       special software

                                                      51




Understanding Digital
Watermarking (2)

Public Watermarking
  Watermark information w/ publicly known key (w/o
  any secret key)
  Everyone can read watermarked information
  In commercial sector, customer can find copyright
  owner’s information
Private Watermarking
  Only authorized users can detect the watermarks
  Good for tracking purpose
                                                      52
Understanding Digital
Watermarking (3)

    Watermark retrieval
        Reference-required watermark
            The original object or embedded watermark
            information is required for comparison
        Reference-free watermark
            Watermark can be retrieved without the
            original document or added information
            The mechanism detects specific properties and
            patterns from documents

                                                                       53




Understanding Digital
Watermarking (4)

 Different format, different watermarking
    text, image, audio, and video
 Text Watermarking (Brassil, et al.)
    Line-shift coding
       Text lines are shifted imperceptibly up and down
    Word-shift coding
       Words are shifted horizontally
       Original un-watermarked documents are required for extracting
       watermarked information
    Feature coding
       Characters are altered (vertical or horizontal)
       Least discernible, larger information embedded

                                                                       54
Digital watermarking in DRM
 Can be used to embed metadata such
 as owner’s info, usage rights, rules, etc.
 Can provide tracking capability to illicit
 distribution
 Fingerprinting for individual tracking
 Largely independent from security
 architectures

                                                55




Watermarking vs. Encryption in
DRM (1) - Rosenblatt et al.
 Both encryption and watermarking can
 be used to carry metadata for digital
 contents
   Using encryption, encapsulate digital
   contents together with metadata
     Need special rendering application (CRM)
   Using watermarking, embed metadata in
   digital contents
     No protection on digital contents

                                                56
Watermarking and Encryption in
   DRM (2) - Rosenblatt et al.
Use both for end-to-end secure content distribution
   Case1: embed metadata, then encrypt watermarked
   contents
       Protect both contents and metadata
       Even after cracking encrypted content, metadata is still bound
       with the content
   Case2: encrypt metadata, then embed encrypted
   metadata into contents
       temper-resistant, secure watermark
       Digital timestamping from Surety Inc’s digital notary tech.,
       DigiMarc’s tracking pirated contents

                                                                      57




   Commercial Efforts for Open-
   standard (XrML)
XrML: Extensible Rights Markup Language
  What is XrML?
    “A language in XML for describing specifications of rights,
    fees and conditions for using digital contents, together with
    message integrity and entity authentication within these
    specifications” (www.xrml.org)
    An extension of the Xerox “Digital Property Rights Language
    version 2.0 (DPRL)”
    ContentGuardTM has developed XrML as an open
    specification licenced on a royalty-free basis
  Why XrML?
    In DRM, XrML can be viewed as one of potential
    mechanisms to express specific rights and rules.
    XrML is extensible, open specification with license
    XrML is accepted as a standard for MPEG21                         58
Top-Level Structure
<XrML>
   <BODY>
         (TIME)?                         time interval in which this spec is valid
         (ISSUED)?                     time moment at which this spec is issued
         (DESCRIPTOR)?               description or meta data of this spec
         (ISSUER)?                     principal who issues this spec
         (ISSUEDPRINCIPALS)?       list of principals this spec is issued to
            (PRINCIPAL)+
         (WORK)?                      work and rights this spec specifies
         (AUTHENTICATEDDATA)?      data that provided to application
   </BODY>
   (SIGNATURE)?
</XrML>

"?" denotes zero or one occurrence; "+" denotes one or more occurrences; and "*" denotes
    zero or more occurrences
                                                                                     59




        Digital Works & Usage
        Rights
  <WORK>
       OBJECT           object used to identify the work
       DESCRIPTION      description of the work
       CREATOR          creator of the work
       OWNER             owner of the work
       METADATA         additional metadata of the work
       DIGEST           digest value of the work
       PARTS             parts of the work, each of which is a work itself
       CONTENTS         indicator of where content of the work is
       COPIES           number of copies of the work that are specified
       COMMENT         Comment
       SKU             Stock Keeping Unit, for extensibility to allow people to
                       identify this work in their own stock.
       FORMAT          Digital or physical manifestation of the work
       (RIGHTSGROUP | REFERENCEDRIGHTSGROUP )+ rights group associated
                       with the work | reference rights group of the work
                                                                                     60
  </WORK>
Rights in RIGHTSGROUP
Element
 Digital property rights
 Specifying times, fees and incentives
 Specifying access controls
 (licenses/certificates, security levels)
 Specifying territory information
 Specifying tracking information
 Specifying watermark information
 Bundle specifications (time limits, fees,
 access, and watermark info inside bundle)

                                             61




Case Study

   Windows Media Digital Rights
         Management
Workflow




                        63




Encryption of content




                        64
License
 The key to unlock the Windows Media file
 The rights, or rules, that govern the use of the
 digital media file:
   How many times can a file be played
   Which devices a file can be played or transferred on.
   When the user can start playing the file and what is
   the expiration date.
   If the file can be transferred to a CD recorder
   (burner).
   If the user can back up and restore the license.
   What security level is required on the client to play
   the Windows Media file.
   …
                                                     65




            Related Issues
Fair Use
Fair use provides an exemption on legal
liability for the use of copyrighted
materials.
  To limit copyright owner’s exclusive rights
  on copyrighted materials
  Reproduction or other means for criticism,
  news reporting, teaching, scholarship, and
  research is fair use and not an
  infringement of copyrights [section 107]
                                                67




First Sale
  When you buy a physical book, you can
  do anything you want on your copy and
  your copy only.
     Read, sell, destroy, give away, etc.
     You buy a copy, you own the copy.
  However, no rights on copyrights



                                                68
Purchase vs. License
 In general, digital contents are not sold but
 licensed
 When you are licensing, you don’t buy
 anything but a right to use (read, listen, run,
 etc.) the copy
 By agreeing on a license, you may give up
 your rights for fair use and first sale.
 License is contract law and shouldn’t be
 overridden federal copyrights law.

                                              69




Fair use and first sale in DRM
 DRM largely relies on licensing
 There exists a great fear about DRM because
 license agreement can give away rights on
 fair use and first sale
 Fair use is very difficult or impossible to
 implement in DRM because it cannot be pre-
 judged
 First sale is not likely to be allowed in
 licensing (e.g., MS windows OS)

                                              70
Digital Millennium Copyright Act
(DMCA)
 Legislated in 1998
 “anti-circumvention provision”, in
 Section 1201 is most controversial.
   Implies that copy protection technology is
   not perfect
   Abused to override copyright law such as
   fair use


                                           71

Más contenido relacionado

La actualidad más candente

PRESERVATION Web archiving
PRESERVATION  Web archivingPRESERVATION  Web archiving
PRESERVATION Web archivingEssam Obaid
 
DRM: A Skeptics View
DRM: A Skeptics ViewDRM: A Skeptics View
DRM: A Skeptics ViewLeigh Dodds
 
Qo E E2 E4 Net Neutrality Leo Van Audenhove
Qo E E2 E4   Net Neutrality   Leo Van AudenhoveQo E E2 E4   Net Neutrality   Leo Van Audenhove
Qo E E2 E4 Net Neutrality Leo Van Audenhoveimec.archive
 
Digital Watermarking Applications and Techniques: A Brief Review
Digital Watermarking Applications and Techniques: A Brief ReviewDigital Watermarking Applications and Techniques: A Brief Review
Digital Watermarking Applications and Techniques: A Brief ReviewEditor IJCATR
 
5 context aware services
5 context aware services5 context aware services
5 context aware servicesguest3cf4991
 
Drm digital rights managment-june2014-tarek gaber
Drm digital rights managment-june2014-tarek gaberDrm digital rights managment-june2014-tarek gaber
Drm digital rights managment-june2014-tarek gaberTarek Gaber
 
Ecrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo PptEcrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo Pptimec.archive
 
Copyrightcontraband
CopyrightcontrabandCopyrightcontraband
CopyrightcontrabandEddan Katz
 
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...anjuvipin
 
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...IRJET Journal
 
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management PlatformsiDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management PlatformsCarlos Serrao
 
Digital watermarking
Digital watermarkingDigital watermarking
Digital watermarkingrupareliab14
 
Clouds are about sharing - Digital London 2012
Clouds are about sharing - Digital London 2012Clouds are about sharing - Digital London 2012
Clouds are about sharing - Digital London 2012CGI
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 

La actualidad más candente (19)

PRESERVATION Web archiving
PRESERVATION  Web archivingPRESERVATION  Web archiving
PRESERVATION Web archiving
 
DRM: A Skeptics View
DRM: A Skeptics ViewDRM: A Skeptics View
DRM: A Skeptics View
 
Qo E E2 E4 Net Neutrality Leo Van Audenhove
Qo E E2 E4   Net Neutrality   Leo Van AudenhoveQo E E2 E4   Net Neutrality   Leo Van Audenhove
Qo E E2 E4 Net Neutrality Leo Van Audenhove
 
Digital Watermarking Applications and Techniques: A Brief Review
Digital Watermarking Applications and Techniques: A Brief ReviewDigital Watermarking Applications and Techniques: A Brief Review
Digital Watermarking Applications and Techniques: A Brief Review
 
5 context aware services
5 context aware services5 context aware services
5 context aware services
 
Drm digital rights managment-june2014-tarek gaber
Drm digital rights managment-june2014-tarek gaberDrm digital rights managment-june2014-tarek gaber
Drm digital rights managment-june2014-tarek gaber
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
 
Ecrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo PptEcrea1a Van Audenhove Leo Ppt
Ecrea1a Van Audenhove Leo Ppt
 
Copyrightcontraband
CopyrightcontrabandCopyrightcontraband
Copyrightcontraband
 
Digital Rights And Digital Television
Digital Rights And Digital TelevisionDigital Rights And Digital Television
Digital Rights And Digital Television
 
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...
ROBUST LOSSLESS WATERMARKING OF RELATIONAL DATABASES USING MULTIMEDIA DATA_An...
 
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...
IRJET- A Review on Colour Image Watermarking based on Wavelet and QR Decompos...
 
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management PlatformsiDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
 
Chapter1 2
Chapter1 2Chapter1 2
Chapter1 2
 
Digital watermarking
Digital watermarkingDigital watermarking
Digital watermarking
 
Clouds are about sharing - Digital London 2012
Clouds are about sharing - Digital London 2012Clouds are about sharing - Digital London 2012
Clouds are about sharing - Digital London 2012
 
Digitalwatermarking
DigitalwatermarkingDigitalwatermarking
Digitalwatermarking
 
Drm
DrmDrm
Drm
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technology
 

Destacado

Fotoverhaal groepje Aaron
Fotoverhaal groepje AaronFotoverhaal groepje Aaron
Fotoverhaal groepje AaronMeester.William
 
Sounding Forth
Sounding ForthSounding Forth
Sounding Forthiluvleah9
 
São Conrado, Golf Village , São Conrado
São Conrado, Golf Village , São ConradoSão Conrado, Golf Village , São Conrado
São Conrado, Golf Village , São ConradoLancamentosrj
 
Management Team Training 4-2-07
Management Team Training 4-2-07Management Team Training 4-2-07
Management Team Training 4-2-07wendyw
 
Radio remote controllers
Radio remote controllersRadio remote controllers
Radio remote controllerswil4345
 
21st Century Journalism (Ver. 13 Apr)
21st Century Journalism (Ver. 13 Apr)21st Century Journalism (Ver. 13 Apr)
21st Century Journalism (Ver. 13 Apr)laszlo.turi
 
Reduce SMT Changeover Time
Reduce SMT Changeover TimeReduce SMT Changeover Time
Reduce SMT Changeover TimeDamian Denis
 
SMED Setup & Lead Time Reduction
SMED Setup & Lead Time ReductionSMED Setup & Lead Time Reduction
SMED Setup & Lead Time ReductionAnand Subramaniam
 

Destacado (12)

Test File
Test FileTest File
Test File
 
Fotoverhaal groepje Aaron
Fotoverhaal groepje AaronFotoverhaal groepje Aaron
Fotoverhaal groepje Aaron
 
Sounding Forth
Sounding ForthSounding Forth
Sounding Forth
 
Bingo-Cole
Bingo-ColeBingo-Cole
Bingo-Cole
 
São Conrado, Golf Village , São Conrado
São Conrado, Golf Village , São ConradoSão Conrado, Golf Village , São Conrado
São Conrado, Golf Village , São Conrado
 
Management Team Training 4-2-07
Management Team Training 4-2-07Management Team Training 4-2-07
Management Team Training 4-2-07
 
Radio remote controllers
Radio remote controllersRadio remote controllers
Radio remote controllers
 
21st Century Journalism (Ver. 13 Apr)
21st Century Journalism (Ver. 13 Apr)21st Century Journalism (Ver. 13 Apr)
21st Century Journalism (Ver. 13 Apr)
 
How to reduce changeover loss
How to reduce changeover lossHow to reduce changeover loss
How to reduce changeover loss
 
SMED overview
SMED overviewSMED overview
SMED overview
 
Reduce SMT Changeover Time
Reduce SMT Changeover TimeReduce SMT Changeover Time
Reduce SMT Changeover Time
 
SMED Setup & Lead Time Reduction
SMED Setup & Lead Time ReductionSMED Setup & Lead Time Reduction
SMED Setup & Lead Time Reduction
 

Similar a Presentazione

Digital Rights Management PPT
Digital Rights Management PPTDigital Rights Management PPT
Digital Rights Management PPTSuresh Khutale
 
What is Digital Rights Management System and How does it work : Ameva Tech
What is Digital Rights Management System and How does it work : Ameva TechWhat is Digital Rights Management System and How does it work : Ameva Tech
What is Digital Rights Management System and How does it work : Ameva TechAmeva Tech
 
Digital rights management (drm) and you
Digital rights management (drm) and youDigital rights management (drm) and you
Digital rights management (drm) and youSaneMaly
 
Authorship Drm Seminar
Authorship Drm SeminarAuthorship Drm Seminar
Authorship Drm Seminarcorinnejordan
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?Carlos Serrao
 
digital rights management for multimedia files
digital rights management for multimedia filesdigital rights management for multimedia files
digital rights management for multimedia filesApurva Vyas
 
Privacy in computing &amp; interlectual property
Privacy in computing &amp; interlectual propertyPrivacy in computing &amp; interlectual property
Privacy in computing &amp; interlectual propertyMutongole Benjamin Benjamin
 
Digital Rights Management and Trusted Computing Base
Digital Rights Management and Trusted Computing BaseDigital Rights Management and Trusted Computing Base
Digital Rights Management and Trusted Computing BaseSajid Marwat
 
Can DRM achieve its security goals?
Can DRM achieve its security goals?Can DRM achieve its security goals?
Can DRM achieve its security goals?blogzilla
 
A Digital Rights Management System Based on Cloud
A Digital Rights Management System Based on CloudA Digital Rights Management System Based on Cloud
A Digital Rights Management System Based on CloudTELKOMNIKA JOURNAL
 
Iadis Tns2007 Presentation
Iadis Tns2007 PresentationIadis Tns2007 Presentation
Iadis Tns2007 PresentationCarlos Serrao
 
Untitled presentation.pptx
Untitled presentation.pptxUntitled presentation.pptx
Untitled presentation.pptxakshobdhira
 
Drm metadata presentation fina lwith-notes
Drm metadata presentation fina lwith-notesDrm metadata presentation fina lwith-notes
Drm metadata presentation fina lwith-notesPamela Carson
 

Similar a Presentazione (20)

Digital Rights Management
Digital Rights Management Digital Rights Management
Digital Rights Management
 
What is DRM?
What is DRM? What is DRM?
What is DRM?
 
DRM_Interoperability_Final
DRM_Interoperability_FinalDRM_Interoperability_Final
DRM_Interoperability_Final
 
Digital Rights Management PPT
Digital Rights Management PPTDigital Rights Management PPT
Digital Rights Management PPT
 
What is Digital Rights Management System and How does it work : Ameva Tech
What is Digital Rights Management System and How does it work : Ameva TechWhat is Digital Rights Management System and How does it work : Ameva Tech
What is Digital Rights Management System and How does it work : Ameva Tech
 
Digital rights management (drm) and you
Digital rights management (drm) and youDigital rights management (drm) and you
Digital rights management (drm) and you
 
Authorship Drm Seminar
Authorship Drm SeminarAuthorship Drm Seminar
Authorship Drm Seminar
 
DRM in the Digital Age
DRM in the Digital AgeDRM in the Digital Age
DRM in the Digital Age
 
Digital rights management
Digital rights managementDigital rights management
Digital rights management
 
Rights Technologies for E-Publishing
Rights Technologies for E-PublishingRights Technologies for E-Publishing
Rights Technologies for E-Publishing
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?
 
digital rights management for multimedia files
digital rights management for multimedia filesdigital rights management for multimedia files
digital rights management for multimedia files
 
The landscape of content protection technology
The landscape of content protection technologyThe landscape of content protection technology
The landscape of content protection technology
 
Privacy in computing &amp; interlectual property
Privacy in computing &amp; interlectual propertyPrivacy in computing &amp; interlectual property
Privacy in computing &amp; interlectual property
 
Digital Rights Management and Trusted Computing Base
Digital Rights Management and Trusted Computing BaseDigital Rights Management and Trusted Computing Base
Digital Rights Management and Trusted Computing Base
 
Can DRM achieve its security goals?
Can DRM achieve its security goals?Can DRM achieve its security goals?
Can DRM achieve its security goals?
 
A Digital Rights Management System Based on Cloud
A Digital Rights Management System Based on CloudA Digital Rights Management System Based on Cloud
A Digital Rights Management System Based on Cloud
 
Iadis Tns2007 Presentation
Iadis Tns2007 PresentationIadis Tns2007 Presentation
Iadis Tns2007 Presentation
 
Untitled presentation.pptx
Untitled presentation.pptxUntitled presentation.pptx
Untitled presentation.pptx
 
Drm metadata presentation fina lwith-notes
Drm metadata presentation fina lwith-notesDrm metadata presentation fina lwith-notes
Drm metadata presentation fina lwith-notes
 

Último

Trauma Training Service for First Responders
Trauma Training Service for First RespondersTrauma Training Service for First Responders
Trauma Training Service for First RespondersBPOQe
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...Brian Solis
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGlokeshwarmaha
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursKaiNexus
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsWristbands Ireland
 
MC Heights construction company in Jhang
MC Heights construction company in JhangMC Heights construction company in Jhang
MC Heights construction company in Jhangmcgroupjeya
 
Scrum Events & How to run them effectively
Scrum Events & How to run them effectivelyScrum Events & How to run them effectively
Scrum Events & How to run them effectivelyMarianna Nakou
 
Entrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsEntrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsP&CO
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...AustraliaChapterIIBA
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessAPCO
 
Personal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaPersonal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaEricBonilla13
 
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfPDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfHajeJanKamps
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsyasinnathani
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023Steve Rader
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examplesamberjiles31
 
Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Lviv Startup Club
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Winbusinessin
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..dlewis191
 

Último (20)

Trauma Training Service for First Responders
Trauma Training Service for First RespondersTrauma Training Service for First Responders
Trauma Training Service for First Responders
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, Ours
 
WAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdfWAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdf
 
Fabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and FestivalsFabric RFID Wristbands in Ireland for Events and Festivals
Fabric RFID Wristbands in Ireland for Events and Festivals
 
MC Heights construction company in Jhang
MC Heights construction company in JhangMC Heights construction company in Jhang
MC Heights construction company in Jhang
 
Scrum Events & How to run them effectively
Scrum Events & How to run them effectivelyScrum Events & How to run them effectively
Scrum Events & How to run them effectively
 
Entrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsEntrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizations
 
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
IIBA® Melbourne - Navigating Business Analysis - Excellence for Career Growth...
 
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for BusinessQ2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
Q2 2024 APCO Geopolitical Radar - The Global Operating Environment for Business
 
Personal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric BonillaPersonal Brand Exploration Presentation Eric Bonilla
Personal Brand Exploration Presentation Eric Bonilla
 
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdfPDT 89 - $1.4M - Seed - Plantee Innovations.pdf
PDT 89 - $1.4M - Seed - Plantee Innovations.pdf
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story points
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examples
 
Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024Ethical stalking by Mark Williams. UpliftLive 2024
Ethical stalking by Mark Williams. UpliftLive 2024
 
Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..Team B Mind Map for Organizational Chg..
Team B Mind Map for Organizational Chg..
 

Presentazione

  • 1. Digital Rights Management (DRM) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Reference Digital Rights Management: Business and Technology. New York: Hungry Minds/John Wiley & Sons, 2001. 2
  • 2. An example Buy a book in bookstore: you get the right to read the book for as long and as many times as you want, and you can give, sell, or lend it to someone. you can't legally make copies of it, change it, or embed parts of it in other works. 3 Changing of DRM New Technologies changes the rights management: Digital format, easy to copy and manipulate Internet-based distribution, cheap and instantaneous New mechanisms for payment New business models: dynamic pricing permission to view content in exchange for user info (e.g., demographics) syndicating content to other web sites Other value-added service DRM: controlling and managing rights digital objects Mostly IP objects 4
  • 3. DRM Origin: Business Perspectives Super-distribution by Mori, 1983. Consumer’s further Distribution to other consumers Digital objects are freely available to public in protected manner and only authorized users are allowed to use the objects Can increase revenues by providing an opportunity to experience digital objects DRM first appeared in mid 90s for controlling distribution of consumer media 5 DRM Enforcement Tech Legally, through registration forms, license 1. agreements, and copyright laws. Legally with an audit trail, such as copyright 2. notices or watermarks (identifiers embedded permanently in the content). Technologically, using encryption and user 3. authentication to protect content and only make it accessible under strictly specified conditions. 6
  • 4. DRM Origin: Technology Perspectives (1) As part of access control discipline Since the advent of timesharing system (70’s) Multi-user OS Need to share computing resource and information resource Shift from mainframe to client-server and P2P Needs to control digital objects even after distributions Originator control policy in open environment Originator’s control at the outside of system 7 DRM Origin: Technology Perspectives (2) – by Rosenblatt et al. Software distribution Availability of cheap Floppy disks, CD-RWs, DVD- RWs Needs Protection schemes to prevent illegal copies Warning message, product ID, activation, dongles Software license admin in LAN Encrypted content distribution Simple encryption scheme: Password, zip, etc. Type fonts. Fonts are used to be expensive Encrypt files on CD-ROMs 8
  • 5. DRM Origin: Commercial History (1) – by Rosenblatt et al. Early commercial systems (beginning in 1994) IBM infoMarket All software-based Cryptolope and a set of software for web-based marketplaces Electronic Publishing Resources (EPR) later named as InterTrust Originally an entire end-to-end system with hardware- based devices (including client-side hardware devices) Later developed software-based systems Now patent-based licensing, DRM interoperability 9 DRM Origin: Commercial History (2) – by Rosenblatt et al. Xerox PARC research labs A new paradigm of DRM and Trusted Systems discussed in “letting loose the light” by Mark Stefik in essence, it should always be possible to strictly define and control who can do what to a piece of content, when, on what devices, and for how much money or other form of consideration. Based on trusted system Digital Property Rights Language (DPRL) by Mark Stefik 10
  • 6. DRM Origin: Commercial History (2) – by Rosenblatt et al. ContentGuard’s XrML Trusted Computing Smart card, music player, etc Intel LaGrande, TCG’s NGSCB Watermarking Technologies DigiMarc, ….. 11 Scenario 1 MP3 file Alice Bob Undesirable distribution Alice sent her song to Bob for review Chris Alice doesn’t want Chris to listen the song 12
  • 7. Scenario 2 Digital Book Alice Bob Desirable distribution Alice sold her e-book to Bob Chris Alice wants Bob to distribute his copy to Chris so he can read part of the book and become a potential customer (super-distribution) 13 Problems Unauthorized distribution & Use Reproduction of a digital object does not reduce its quality or value Unauthorized person can access exactly same digital objects as the original copy Commercially, unauthorized dissemination and use of digital object may cause revenue loss Unauthorized dissemination and use of sensitive information causes information leakage (e.x. intelligence community, health care) 14
  • 8. DRM in Nutshell It’s a system, a technology, a service, an application software, and a solution No concrete definition. Many interests groups, many vendors, many solutions, but no standards Little interoperability Controlling and tracking access to and usage (including dissemination) of digital information objects Securing digital object itself, not the transmission By using cryptographic, and watermarking technologies Business perspectives Not just for protections, but new business models Increased revenue 15 Variations of DRM definition Originally, to capture a set of new technologies that enables controlling use of digital contents after the contents are distributed to clients. Today, vary by different researchers and scientists unclear what should be included in DRM boundary and what DRM is capable of. 16
  • 9. DRM Definition - Rosenblatt et al. 2002 In their book, Rosenblatt et al. refers DRM as controlling and managing legal, transactional, and implicit rights to digital intellectual property. Legal: Rights that you get either automatically under law (such as inherent copyright) or by some legal procedure (such as applying for a patent) Transactional: Rights that you get or give up by buying or selling them, such as buying a book or selling a manuscript to a publisher Implicit: Rights defined by the medium that the information is in 17 DRM Definition – Robson 2003 In his article “The TEACH Act and The MPEG Rights Expression Language”, Robson defines DRM is a technology that restricts or prevents the unauthorized use of digital contents in accordance with defined rights and conditions. DRM is the process of defining, tracking and enforcing permissions and conditions through electronic means. 18
  • 10. DRM Definition – Iannella 2001 In “DRM architectures”, d-lib, Iannella tries to capture the evolution of DRM definitions by saying that DRM focused on security and encryption as a means of solving the issue of unauthorized copying, that is, lock the content and limit its distribution to only those who pay. This was the first-generation of DRM. The second-generation of DRM covers the description, identification, trading, protection, monitoring and tracking of all forms of rights usages over both tangible and intangible assets including management of rights holders relationships. 19 DRM Definition –various scopes Rosenblatt tries to include more than technologies within DRM scope (such as business and legal issues) Robson tries to include only technological issues (specifically, emphasizing both protections and tracking) within DRM definition. Iannella tries to capture wide range technologies 20
  • 11. DRM Definition - Ambiguity many researchers and scientists tried to define the meaning and scope of DRM Still ambiguous in its definition, scope, and meaning. The references in previous slides show that there is no airtight, single definition of DRM. DRM technologies vs. DRM applications 21 Basic functions of a DRM system Basic functions: Systems that content providers can use internally for defining, organizing, and managing contents and rights Systems for distributing content to consumers in a controlled way Systems for managing usage to content Systems for licensing and distributing content to other publishers in a controlled way Systems for measuring content usage Payment systems … Functions can be integrated or separated. 22
  • 12. Understanding DRM Some of DRM aspects Dissemination Scale Small, medium, and large scale Dissemination Environment Closed, federated, open, and p2p environment Payment-based vs. Payment-free Prevention vs. Detection & Tracking 23 Dissemination Scale Small Scale Dissemination 1 item 1 to 100 recipients Much less tolerance for leakage B2B Business transaction, Intelligence community Medium Scale Dissemination 1 item 103 to 105 recipients Textbook publishing, technical journals Large Scale Dissemination 1 item 106 to 108 recipients Some leakage is acceptable or even desirable Music, popular books 24
  • 13. Dissemination Environment Closed Environment Dissemination Internal distribution (commercial and Intelligence) Easy to customize client-side systems (both S/W & H/W) Federated Environment Dissemination Limited number of organizations are involved B2B, B2G and G2G dissemination Limited administrative control over recipients Open Environment Dissemination B2B and B2C dissemination Hard to customize client-side system P2P Environment Dissemination 25 Two Types of Dissemination Payment-Based Type (PBT) Payment is required in order to access digital content B2C mass distribution e-commerce system Payment-Free Type (PFT) Payment is not required Dissemination must be controlled for confidentiality or other security requirements B2B Hub System, G2G, Intelligence Community 26
  • 14. Characteristics of PBT & PFT Payment-Based A small amount of information leakage is acceptable and even desired The number of legitimate copies of a single digital item is usually greater than that of PFT The objective in PBT is to distribute as many copies as possible and extract payment Payment-Free Information leakage is not acceptable The number of legitimate copies of a single digital item is less than that of PBT It is the distribution itself which needs to be limited The security requirements are likely to be more stringent than that of PBT 27 Prevention vs. Detection Prevention Leakage “cannot” occur Detection & Tracking Leakage can occur but can be detected and tracked to re-distributor Both solutions can/must coexist 28
  • 15. Commercial Interest Prevent vs. Payment Scale Environment Detect Open Major Large Commercial Yes Federated Both Medium Interest Closed Open Less Both Medium Commercial No Federated (Prevention Small Interest emphasis) Closed 29 DRM systems overview Heterogonous requirements Many techniques Huge number of providers Comparing the Usage of Digital Rights. Management Systems 30 in the Music, Film, and Print, Fetscherin & Schmid, 2003
  • 16. DRM Overview Objectives: Mainly for technical objectives Models: access control or usage control model Architectures: Distribution architectures Enforcement architectures Other supported architectures Mechanisms: Mechanisms to control the distribution/dissemination Mechanisms to control the usage Payment mechanisms 31 DRM objectives Mainly for protection of intellectual property rights and copyrights Also detection and tracking of (unauthorized) usage Controlling and tracking usage of digital objects even after distribution Originator control in non-closed environment Broader scope includes business, legal, social issues, etc. Content creation, management, re-distribution, etc 32
  • 17. Access Control in DRM Payment based access control Authorization is based on payment Most of commercial solutions Non-payment based access control Little studies on this for DRM MAC, DAC, RBAC, ORCON Non-commercial (e.g., intelligence community, health care) UCON can be used as model for DRM systems ORCON can be viewed as the core policy for many DRM systems. UCON can support ORCON policy 33 Access Control Model in DRM Entity Model(by Iannella) Users: owner, distributor, consumer Objects: digital assets with values Security sensitive Privacy sensitive Rights: usage permissions need to be modeled Each entity should be identified and described with metadata. User attributes Object identifies Rights descriptions 34
  • 18. Access control Model in DRM Content model: (by Iannella) 35 Access Control Model in DRM Right Model (by Iannella) DRM is generally closed system 36
  • 19. Usage Rights in DRM by Stefik Render Rights View, play, print Transport Rights Copy, move, loan Derivative Work Rights Extract, edit, embed File management rights (backup, restore, etc.) Configuration rights (install, uninstall) 37 Usage Rights 38
  • 20. Usage controls in DRM Mainly payment-based (can be viewed as authorization or obligation) Paid download, pay-per-view/listen, subscription, metered payment Payment-free is possible Authorization-based (ID, role, membership-based) Obligation-based (e.g., parental control, by providing personal info, license agreement) condition-based ( e.g., location, time, security status (normal, high-alert), system load, etc. 39 Traditional Originator Control (ORCON) Digital Digital Object Object Originator Subject A Subject B ACL Access Control Control Non- Authority discretionary ACL ACLs Control Domain 40
  • 21. ORCON in Open Environment - An Example Digital Object (DO) Subject Originator A License Control Virtual Machine License Center Control Domain ACL Granting License DO Ticket License Non- ACL Subject discretionary B ACLs Control Domain 41 DRM Architecture by Rosenblatt et al. 42
  • 22. DRM Architectures by Park et al. w/o VM w/ VM MP ER Fixed CS External CS VM: Virtual Machine Embedded CS CS: Control Set MP: Message Push NC1 NC2 ER: External Repository MP ER MP ER MP ER NC1: No control architecture w/ MP FC1 FC2 EC1 EC2 XC1 XC2 NC2: No control architecture w/ ER FC1: Fixed control architecture w/ MP FC2: Fixed control architecture w/ ER EC1: Embedded control architecture w/ MP EC2: Embedded control architecture w/ ER XC1: External control architecture w/ MP XC2: External control architecture w/ ER 43 Content Distribution Darknet(Biddle et al.): Small-worlds networks (a) - “Sneaker Net” P C P C Search P C 44
  • 23. Content Distribution Central Internet Servers (b) - The World Wide Web Http Http FTP Web FTP Search http Engine PC P C PC PC P C 45 Content Distribution 1st generation P2P systems Napster, Gnutella DHT P C P C P C P C P C TCP / Napster P C Search gnutella Napster Engine Search Protocol Engine TCP/UDP P C Gnutella P C Protocol P C P C P C P C PC P C PC 46 P C
  • 24. Content Distribution 2nd P2P systems KaZaA, BitTorrent, Web page with link to .torrent Data file Web Server Tracker Site 1. Get .torrent file 3. 2. R G es et po -a ns nn e- ou pe nc er e lis t 4. Shake hand 5. Download piece Mi 47 Peer k Peer j Mechanisms: 7 Key Tech components (Fetscherin & Schmid) 48
  • 25. DRM Technology Hierarchy 49 Digital Watermarking Embedding information in information Mainly for information authenticity (tracking) and integrity Watermarking technologies are dependent on the type of digital information (e.g., text, image, audio and etc.) Minimum size of object is required Difficulty of embedding different watermark (fingerprint) in each copy of original objects in case of mass distribution 50
  • 26. Understanding Digital Watermarking (1) Visible Watermarking Watermark is visible (e.g.background logo) Can be used for sample digital objects to reduce commercial value on them Invisible Watermarking Most of Watermarking belongs here Digital Watermark can be detected by special software 51 Understanding Digital Watermarking (2) Public Watermarking Watermark information w/ publicly known key (w/o any secret key) Everyone can read watermarked information In commercial sector, customer can find copyright owner’s information Private Watermarking Only authorized users can detect the watermarks Good for tracking purpose 52
  • 27. Understanding Digital Watermarking (3) Watermark retrieval Reference-required watermark The original object or embedded watermark information is required for comparison Reference-free watermark Watermark can be retrieved without the original document or added information The mechanism detects specific properties and patterns from documents 53 Understanding Digital Watermarking (4) Different format, different watermarking text, image, audio, and video Text Watermarking (Brassil, et al.) Line-shift coding Text lines are shifted imperceptibly up and down Word-shift coding Words are shifted horizontally Original un-watermarked documents are required for extracting watermarked information Feature coding Characters are altered (vertical or horizontal) Least discernible, larger information embedded 54
  • 28. Digital watermarking in DRM Can be used to embed metadata such as owner’s info, usage rights, rules, etc. Can provide tracking capability to illicit distribution Fingerprinting for individual tracking Largely independent from security architectures 55 Watermarking vs. Encryption in DRM (1) - Rosenblatt et al. Both encryption and watermarking can be used to carry metadata for digital contents Using encryption, encapsulate digital contents together with metadata Need special rendering application (CRM) Using watermarking, embed metadata in digital contents No protection on digital contents 56
  • 29. Watermarking and Encryption in DRM (2) - Rosenblatt et al. Use both for end-to-end secure content distribution Case1: embed metadata, then encrypt watermarked contents Protect both contents and metadata Even after cracking encrypted content, metadata is still bound with the content Case2: encrypt metadata, then embed encrypted metadata into contents temper-resistant, secure watermark Digital timestamping from Surety Inc’s digital notary tech., DigiMarc’s tracking pirated contents 57 Commercial Efforts for Open- standard (XrML) XrML: Extensible Rights Markup Language What is XrML? “A language in XML for describing specifications of rights, fees and conditions for using digital contents, together with message integrity and entity authentication within these specifications” (www.xrml.org) An extension of the Xerox “Digital Property Rights Language version 2.0 (DPRL)” ContentGuardTM has developed XrML as an open specification licenced on a royalty-free basis Why XrML? In DRM, XrML can be viewed as one of potential mechanisms to express specific rights and rules. XrML is extensible, open specification with license XrML is accepted as a standard for MPEG21 58
  • 30. Top-Level Structure <XrML> <BODY> (TIME)? time interval in which this spec is valid (ISSUED)? time moment at which this spec is issued (DESCRIPTOR)? description or meta data of this spec (ISSUER)? principal who issues this spec (ISSUEDPRINCIPALS)? list of principals this spec is issued to (PRINCIPAL)+ (WORK)? work and rights this spec specifies (AUTHENTICATEDDATA)? data that provided to application </BODY> (SIGNATURE)? </XrML> "?" denotes zero or one occurrence; "+" denotes one or more occurrences; and "*" denotes zero or more occurrences 59 Digital Works & Usage Rights <WORK> OBJECT object used to identify the work DESCRIPTION description of the work CREATOR creator of the work OWNER owner of the work METADATA additional metadata of the work DIGEST digest value of the work PARTS parts of the work, each of which is a work itself CONTENTS indicator of where content of the work is COPIES number of copies of the work that are specified COMMENT Comment SKU Stock Keeping Unit, for extensibility to allow people to identify this work in their own stock. FORMAT Digital or physical manifestation of the work (RIGHTSGROUP | REFERENCEDRIGHTSGROUP )+ rights group associated with the work | reference rights group of the work 60 </WORK>
  • 31. Rights in RIGHTSGROUP Element Digital property rights Specifying times, fees and incentives Specifying access controls (licenses/certificates, security levels) Specifying territory information Specifying tracking information Specifying watermark information Bundle specifications (time limits, fees, access, and watermark info inside bundle) 61 Case Study Windows Media Digital Rights Management
  • 32. Workflow 63 Encryption of content 64
  • 33. License The key to unlock the Windows Media file The rights, or rules, that govern the use of the digital media file: How many times can a file be played Which devices a file can be played or transferred on. When the user can start playing the file and what is the expiration date. If the file can be transferred to a CD recorder (burner). If the user can back up and restore the license. What security level is required on the client to play the Windows Media file. … 65 Related Issues
  • 34. Fair Use Fair use provides an exemption on legal liability for the use of copyrighted materials. To limit copyright owner’s exclusive rights on copyrighted materials Reproduction or other means for criticism, news reporting, teaching, scholarship, and research is fair use and not an infringement of copyrights [section 107] 67 First Sale When you buy a physical book, you can do anything you want on your copy and your copy only. Read, sell, destroy, give away, etc. You buy a copy, you own the copy. However, no rights on copyrights 68
  • 35. Purchase vs. License In general, digital contents are not sold but licensed When you are licensing, you don’t buy anything but a right to use (read, listen, run, etc.) the copy By agreeing on a license, you may give up your rights for fair use and first sale. License is contract law and shouldn’t be overridden federal copyrights law. 69 Fair use and first sale in DRM DRM largely relies on licensing There exists a great fear about DRM because license agreement can give away rights on fair use and first sale Fair use is very difficult or impossible to implement in DRM because it cannot be pre- judged First sale is not likely to be allowed in licensing (e.g., MS windows OS) 70
  • 36. Digital Millennium Copyright Act (DMCA) Legislated in 1998 “anti-circumvention provision”, in Section 1201 is most controversial. Implies that copy protection technology is not perfect Abused to override copyright law such as fair use 71