SlideShare una empresa de Scribd logo

Iadis Tns2007 Presentation

Carlos Serrao
Carlos Serrao

Presentation given in the IADIS conference - Telecommunication, Networks and Security 2007, Lisbon

Economía y finanzasTecnología
1 de 20
Descargar para leer sin conexión
PKI as a way to leverage DRM interoperability *Carlos Serrão, *Miguel Dias and **Jaime Delgado carlos.serrao, miguel.dias {@iscte.pt}, jaime.delgado@ac.upc.edu *ISCTE/DCTI/ADETTI **UPC/AC/DMAG Lisboa, Portugal Barcelona, Spain
Summa ry (DRM)Interoperability ● PKI and the PKIX model ● PKIX and DRM interoperability ● Conclusions ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
Digital Rights Management DRM involves the: ● description, layering, analysis, valuation, trading and – monitoring of the rights over an individual or organization's assets, in digital format; DRM is: ● the chain of hardware and software services and technologies – governing the authorized use of digital objects and managing any consequences of that use throughout the entire life cycle of the object. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
Digital Rights Management From a security point of view, two major aspects need to ● be considered in any DRM solution: the digital object protection, in which the digital object is – packaged in a specific container that is locked, preventing non- authorized copies or modifications, making usage of strong cryptographic algorithms. and the fact that through the entire object life cycle a – trustworthy environment must be established between the different actors, devices and software components. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
Digital Rights Management Trust Environment ● In a common DRM system, trust must be established between – the different elements The way this trust environment is accomplished differs from – DRM implementation to implementation There is no common trust system – This creates interoperability problems – IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
DRM and int eroper ability Users Users Users Users Content Content Content Content DRM A DRM B DRM C DRM D Trust Trust Trust Trust Mechanism A Mechanism B Mechanism C Mechanism D Non-Interoperability points IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
DRM and int eroper ability Public-Key Infrastructures (PKI) are important for trust ● environment establishment PKIX (PKI for X.509) is currently one of the most ● deployed PKI technologies, present in many security solutions PKI offers functions/services that are crucial to the ● establishment of trust environments: Certification Authority – Registration Authority – Repository – Archive – IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
DRM and int eroper ability PKIX supports most of the security and trust functions ● that DRM needs DRM systems can “deliver” their security and trust ● requirements “in the hands” of an underlying PKIX system This would simplify the task of DRM interoperability ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability Two approaches for DRM interoperability through PKI: ● Use a single PKI service shared by all DRM systems; – Each DRM use their own PKI service, and brokering – mechanisms are used between them They both have their points, but... ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability All the different DRM systems use the same PKI solution, to establish the necessary trust environment between the different actors, devices or software components. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability The different DRM systems have their own PKI, and a PKI broker is used to build interoperable trust environments between the different actors, devices and software components of the different DRM systems. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability 1st Scenario ● The same PKI offers to the different DRM components, trust – credentials, that can be immediately trusted between different DRM systems This is however a low probability scenario. DRM systems will – adopt their own PKI solutions IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability 2nd Scenario ● Reflects what is happening now – each DRM chooses its own – PKI solution “Local” and “External” interoperability – “Local” - the internal components of a DRM system rely on the trust ● provided by their own PKI “External” - the components of different DRM systems, have to build ● trust relationships using a PKI broker IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability 2nd Scenario ● DRM A DRM B “Local” PKI “Local” PKI PKI broker IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability Assumptions: ● 1.DRM1 Device has a key pair: KpubDevice, KprivDevice; 2.DRM2 License Issuer has a key pair: KpubLicIssuer, KprivLicIssuer ; 3.DRM1 Device has a certificate issued by the DRM1 PKI: CertDRM1PKI(KpubDevice); 4.DRM2 License Issuer has a certificate issued by the DRM2 PKI: CertDRM2PKI(KpubLicIssuer); 5.All the PKI are PKIX-based and use X.509 digital certificates; 6.PKI Broker has a key pair: KpubPKIBroker, KprivPKIBroker; 7.DRM1 PKI and DRM2 PKI are registered at the PKI Broker; 8.DRM1 PKI has to have a certificate from the PKI Broker: CertDRMBroker(KpubDRM1PKI); 9.DRM2 PKI has to have a certificate from the PKI Broker: CertDRMBroker(KpubDRM2PKI). IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability Protocol ● 1.The DRM1 Device has acquired some digital object which is not governed by the same DRM; 2.DRM1 Device sends a message to DRM2 License Issuer to download the license for the digital object and their credentials: licenseDownload(contentID, CertDRM1PKI(KpubDevice)); 3.DRM2 License Issuer sends the DRM1 Device credentials to the DRM2 PKI for validation; 4.DRM2 PKI has no way to validate the request, because the credential has been issued by other PKI. Therefore the DRM2 PKI asks to the DRM Broker to try to validate the credential: validateCredentials(CertDRMBroker(KpubDRM2PKI), CertDRM1PKI(KpubDevice)); IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability Protocol ● 5.The DRM Broker validates the requesting PKI credentials, and checks the credentials sent by the device, checking the issuer PKI. It resolves the location of this PKI (DRM1 PKI) and sends it a validation request: validateRequest(CertDRM1PKI(KpubDevice)); 6.DRM1 PKI receives the request and then validates it, returning an answer to the PKI Broker; 7.PKI Broker receives the answer and sends the result to the requesting PKI (DRM2 PKI); 8.DRM2 PKI receives the answer from the PKI Broker asserting that DRM1 Device can be trusted; 9.DRM2 License Issuer generates the license and returns it to the DRM1 Device. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
PKIX and DRM inter oper ability Interoperable scenario (license production) ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
Conc lus ions PKI is an important part of DRM (fulfil DRM ● requirements) Currently, most of the DRM solutions do not rely on ● already existing PKI services or vendors, implementing their own mechanisms – interoperability problems Two approaches for DRM interoperability based on PKI ● services An approach based on a broker is more viable ● DRM interoperability problems are not entirely solver by ● this – this is just the tip of the iceberg!!! IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
Ques tions Thank you! ● Any question? ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems

Recomendados

Icete Secrypt2007 Presentation
Icete Secrypt2007 PresentationIcete Secrypt2007 Presentation
Icete Secrypt2007 PresentationCarlos Serrao
 
Paper id 2120145
Paper id 2120145Paper id 2120145
Paper id 2120145IJRAT
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Wifi
WifiWifi
Wifinil65
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft Private Cloud
 
Ppt
PptPpt
PptNidhi Bansal
 
Introduction of a New Non-Repudiation Service to Protect Sensitive Private Data
Introduction of a New Non-Repudiation Service to Protect Sensitive Private DataIntroduction of a New Non-Repudiation Service to Protect Sensitive Private Data
Introduction of a New Non-Repudiation Service to Protect Sensitive Private DataIDES Editor
 
GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014Ravindran Vasu
 

Recomendados

Icete Secrypt2007 Presentation
Icete Secrypt2007 PresentationIcete Secrypt2007 Presentation
Icete Secrypt2007 PresentationCarlos Serrao
 
Paper id 2120145
Paper id 2120145Paper id 2120145
Paper id 2120145IJRAT
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Wifi
WifiWifi
Wifinil65
 
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...
Microsoft India - Forefront Value Of Identity And Security Offerings Presenta...Microsoft Private Cloud
 
Ppt
PptPpt
PptNidhi Bansal
 
Introduction of a New Non-Repudiation Service to Protect Sensitive Private Data
Introduction of a New Non-Repudiation Service to Protect Sensitive Private DataIntroduction of a New Non-Repudiation Service to Protect Sensitive Private Data
Introduction of a New Non-Repudiation Service to Protect Sensitive Private DataIDES Editor
 
GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014Ravindran Vasu
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.comIJERD Editor
 
General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09tverbeck
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance 1CloudRoad.com
 
Gtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment OverviewGtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment Overviewgtbsalesindia
 
Whitepaper: Secure By Design
Whitepaper: Secure By DesignWhitepaper: Secure By Design
Whitepaper: Secure By DesignDocuSign
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Mukesh Chinta
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDigicomp Academy AG
 
Easy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplementEasy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplementSpinoza77
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Ulf Mattsson
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteVCW Security Ltd
 
PKI: Is it worth something, or what?
PKI: Is it worth something, or what?PKI: Is it worth something, or what?
PKI: Is it worth something, or what?John ILIADIS
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutionsfrontone
 
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Editor IJMTER
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010Ulf Mattsson
 
Thought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking ApplicationsThought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking ApplicationsInfosys Finacle
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 
The MPEG Extensible Middleware Vision
The MPEG Extensible Middleware VisionThe MPEG Extensible Middleware Vision
The MPEG Extensible Middleware VisionAlpen-Adria-Universität
 
DRM_Interoperability_Final
DRM_Interoperability_FinalDRM_Interoperability_Final
DRM_Interoperability_FinalSanjeev Verma, PhD
 

Más contenido relacionado

La actualidad más candente

International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09tverbeck
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10ismaelhaider
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance 1CloudRoad.com
 
Gtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment OverviewGtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment Overviewgtbsalesindia
 
Whitepaper: Secure By Design
Whitepaper: Secure By DesignWhitepaper: Secure By Design
Whitepaper: Secure By DesignDocuSign
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Mukesh Chinta
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDigicomp Academy AG
 
Easy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplementEasy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplementSpinoza77
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Ulf Mattsson
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteVCW Security Ltd
 
PKI: Is it worth something, or what?
PKI: Is it worth something, or what?PKI: Is it worth something, or what?
PKI: Is it worth something, or what?John ILIADIS
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutionsfrontone
 
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Editor IJMTER
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010Ulf Mattsson
 
Thought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking ApplicationsThought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking ApplicationsInfosys Finacle
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data securityUlf Mattsson
 

La actualidad más candente (20)

International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
 
General Version 9 21 09
General Version 9 21 09General Version 9 21 09
General Version 9 21 09
 
Data+security+sp10
Data+security+sp10Data+security+sp10
Data+security+sp10
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance
 
Gtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment OverviewGtb Dlp & Irm Solution Product And Deployment Overview
Gtb Dlp & Irm Solution Product And Deployment Overview
 
Whitepaper: Secure By Design
Whitepaper: Secure By DesignWhitepaper: Secure By Design
Whitepaper: Secure By Design
 
Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4Cisco cybersecurity essentials chapter 4
Cisco cybersecurity essentials chapter 4
 
Daniel künzli cloudgateway.next
Daniel künzli cloudgateway.nextDaniel künzli cloudgateway.next
Daniel künzli cloudgateway.next
 
Easy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplementEasy signature 21 cfr part 11 supplement
Easy signature 21 cfr part 11 supplement
 
Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011Issa chicago next generation tokenization ulf mattsson apr 2011
Issa chicago next generation tokenization ulf mattsson apr 2011
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking Services
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
GTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security SuiteGTB DLP - Content Aware Security Suite
GTB DLP - Content Aware Security Suite
 
PKI: Is it worth something, or what?
PKI: Is it worth something, or what?PKI: Is it worth something, or what?
PKI: Is it worth something, or what?
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutions
 
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
Authentication Mechanisms For Signature Based Cryptography By Using Hierarchi...
 
ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010ISACA Houston Texas Chapter 2010
ISACA Houston Texas Chapter 2010
 
Thought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking ApplicationsThought Paper: Overview of Banking Applications
Thought Paper: Overview of Banking Applications
 
ISSA: Cloud data security
ISSA: Cloud data securityISSA: Cloud data security
ISSA: Cloud data security
 

Similar a Iadis Tns2007 Presentation

IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud Systems
IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud SystemsIRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud Systems
IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud SystemsIRJET Journal
 
Define PKI (Public Key Infrastructure) and list and discuss the type.pdf
Define PKI (Public Key Infrastructure) and list and discuss the type.pdfDefine PKI (Public Key Infrastructure) and list and discuss the type.pdf
Define PKI (Public Key Infrastructure) and list and discuss the type.pdfxlynettalampleyxc
 
Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...IJECEIAES
 
Digital rights management an essential feature in the digital era
Digital rights management an essential feature in the digital eraDigital rights management an essential feature in the digital era
Digital rights management an essential feature in the digital eraKishor Satpathy
 
Meeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security ChallengesMeeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security ChallengesSymantec
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Floyd DCosta
 
Digital Right Management
Digital Right ManagementDigital Right Management
Digital Right ManagementRatul Alahy
 
Hardware based cryptography: technological advances for applications in Colom...
Hardware based cryptography: technological advances for applications in Colom...Hardware based cryptography: technological advances for applications in Colom...
Hardware based cryptography: technological advances for applications in Colom...IJECEIAES
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfssuser57b3e5
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd Iaetsd
 
What i learned at gartner summit 2019
What i learned at gartner summit 2019What i learned at gartner summit 2019
What i learned at gartner summit 2019Ulf Mattsson
 
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...IRJET Journal
 

Similar a Iadis Tns2007 Presentation (20)

The MPEG Extensible Middleware Vision
The MPEG Extensible Middleware VisionThe MPEG Extensible Middleware Vision
The MPEG Extensible Middleware Vision
 
DRM_Interoperability_Final
DRM_Interoperability_FinalDRM_Interoperability_Final
DRM_Interoperability_Final
 
Cloud Security Mechanisms
Cloud Security MechanismsCloud Security Mechanisms
Cloud Security Mechanisms
 
IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud Systems
IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud SystemsIRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud Systems
IRJET- Secure and Efficient File Sharing and Shared Ownership in Cloud Systems
 
Define PKI (Public Key Infrastructure) and list and discuss the type.pdf
Define PKI (Public Key Infrastructure) and list and discuss the type.pdfDefine PKI (Public Key Infrastructure) and list and discuss the type.pdf
Define PKI (Public Key Infrastructure) and list and discuss the type.pdf
 
Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...Mutual query data sharing protocol for public key encryption through chosen-c...
Mutual query data sharing protocol for public key encryption through chosen-c...
 
Digital rights management an essential feature in the digital era
Digital rights management an essential feature in the digital eraDigital rights management an essential feature in the digital era
Digital rights management an essential feature in the digital era
 
489 493
489 493489 493
489 493
 
Cyber security
Cyber securityCyber security
Cyber security
 
BO2K Byline
BO2K BylineBO2K Byline
BO2K Byline
 
Meeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security ChallengesMeeting Mobile and BYOD Security Challenges
Meeting Mobile and BYOD Security Challenges
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
 
Digital Right Management
Digital Right ManagementDigital Right Management
Digital Right Management
 
Hardware based cryptography: technological advances for applications in Colom...
Hardware based cryptography: technological advances for applications in Colom...Hardware based cryptography: technological advances for applications in Colom...
Hardware based cryptography: technological advances for applications in Colom...
 
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdfNXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
NXP'S-PORTFOLIO-FOR-ADDRESSING-IOT-SECURITY.pdf
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
 
What i learned at gartner summit 2019
What i learned at gartner summit 2019What i learned at gartner summit 2019
What i learned at gartner summit 2019
 
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...
IRJET- Survey of Cryptographic Techniques to Certify Sharing of Informati...
 
Presentazione
PresentazionePresentazione
Presentazione
 

Más de Carlos Serrao

Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Carlos Serrao
 
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...Carlos Serrao
 
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Carlos Serrao
 
A OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebA OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
OWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebOWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebCarlos Serrao
 
Principios básicos de segurança on-line
Principios básicos de segurança on-linePrincipios básicos de segurança on-line
Principios básicos de segurança on-lineCarlos Serrao
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?Carlos Serrao
 
OWASP presentation on FISTA2011
OWASP presentation on FISTA2011OWASP presentation on FISTA2011
OWASP presentation on FISTA2011Carlos Serrao
 
Análise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalAnálise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.Carlos Serrao
 
Owasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesOwasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesCarlos Serrao
 
OWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPOWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPCarlos Serrao
 
OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010Carlos Serrao
 
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)Carlos Serrao
 
OWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPOWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPCarlos Serrao
 

Más de Carlos Serrao (20)

Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
 
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
 
A OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebA OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a Web
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
OWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebOWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a Web
 
Principios básicos de segurança on-line
Principios básicos de segurança on-linePrincipios básicos de segurança on-line
Principios básicos de segurança on-line
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?
 
OWASP presentation on FISTA2011
OWASP presentation on FISTA2011OWASP presentation on FISTA2011
OWASP presentation on FISTA2011
 
Análise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalAnálise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web Nacional
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.
 
Is the Web at Risk?
Is the Web at Risk?Is the Web at Risk?
Is the Web at Risk?
 
Owasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesOwasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidades
 
OWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPOWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHP
 
OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010
 
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
 
OWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPOWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHP
 

Último

Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Sonam Pathan
 
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...Amil baba
 
government_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfgovernment_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfshaunmashale756
 
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证jdkhjh
 
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
SBP-Market-Operations and market managment
SBP-Market-Operations and market managmentSBP-Market-Operations and market managment
SBP-Market-Operations and market managmentfactical
 
Call Girls Near Me WhatsApp:+91-9833363713
Call Girls Near Me WhatsApp:+91-9833363713Call Girls Near Me WhatsApp:+91-9833363713
Call Girls Near Me WhatsApp:+91-9833363713Sonam Pathan
 
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfmagnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfHenry Tapper
 
Governor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintGovernor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintSuomen Pankki
 
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyInterimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyTyöeläkeyhtiö Elo
 
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证rjrjkk
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex
 
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一(办理学位证)加拿大萨省大学毕业证成绩单原版一比一
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一S SDS
 
Stock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfStock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfMichael Silva
 
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Sonam Pathan
 
Vp Girls near me Delhi Call Now or WhatsApp
Vp Girls near me Delhi Call Now or WhatsAppVp Girls near me Delhi Call Now or WhatsApp
Vp Girls near me Delhi Call Now or WhatsAppmiss dipika
 
fca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdffca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdfHenry Tapper
 
Stock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfStock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfMichael Silva
 

Último (20)

Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
 
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...
NO1 WorldWide Love marriage specialist baba ji Amil Baba Kala ilam powerful v...
 
government_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdfgovernment_intervention_in_business_ownership[1].pdf
government_intervention_in_business_ownership[1].pdf
 
Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024
 
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证
原版1:1复刻堪萨斯大学毕业证KU毕业证留信学历认证
 
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Nand Nagri (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
SBP-Market-Operations and market managment
SBP-Market-Operations and market managmentSBP-Market-Operations and market managment
SBP-Market-Operations and market managment
 
Call Girls Near Me WhatsApp:+91-9833363713
Call Girls Near Me WhatsApp:+91-9833363713Call Girls Near Me WhatsApp:+91-9833363713
Call Girls Near Me WhatsApp:+91-9833363713
 
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfmagnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
 
Governor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintGovernor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraint
 
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyInterimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
 
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
 
Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024Bladex Earnings Call Presentation 1Q2024
Bladex Earnings Call Presentation 1Q2024
 
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一(办理学位证)加拿大萨省大学毕业证成绩单原版一比一
(办理学位证)加拿大萨省大学毕业证成绩单原版一比一
 
Stock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdfStock Market Brief Deck FOR 4/17 video.pdf
Stock Market Brief Deck FOR 4/17 video.pdf
 
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
 
Vp Girls near me Delhi Call Now or WhatsApp
Vp Girls near me Delhi Call Now or WhatsAppVp Girls near me Delhi Call Now or WhatsApp
Vp Girls near me Delhi Call Now or WhatsApp
 
fca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdffca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdf
 
🔝+919953056974 🔝young Delhi Escort service Pusa Road
🔝+919953056974 🔝young Delhi Escort service Pusa Road🔝+919953056974 🔝young Delhi Escort service Pusa Road
🔝+919953056974 🔝young Delhi Escort service Pusa Road
 
Stock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfStock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdf
 

Iadis Tns2007 Presentation

  • 1. PKI as a way to leverage DRM interoperability *Carlos Serrão, *Miguel Dias and **Jaime Delgado carlos.serrao, miguel.dias {@iscte.pt}, jaime.delgado@ac.upc.edu *ISCTE/DCTI/ADETTI **UPC/AC/DMAG Lisboa, Portugal Barcelona, Spain
  • 2. Summa ry (DRM)Interoperability ● PKI and the PKIX model ● PKIX and DRM interoperability ● Conclusions ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 3. Digital Rights Management DRM involves the: ● description, layering, analysis, valuation, trading and – monitoring of the rights over an individual or organization's assets, in digital format; DRM is: ● the chain of hardware and software services and technologies – governing the authorized use of digital objects and managing any consequences of that use throughout the entire life cycle of the object. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 4. Digital Rights Management From a security point of view, two major aspects need to ● be considered in any DRM solution: the digital object protection, in which the digital object is – packaged in a specific container that is locked, preventing non- authorized copies or modifications, making usage of strong cryptographic algorithms. and the fact that through the entire object life cycle a – trustworthy environment must be established between the different actors, devices and software components. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 5. Digital Rights Management Trust Environment ● In a common DRM system, trust must be established between – the different elements The way this trust environment is accomplished differs from – DRM implementation to implementation There is no common trust system – This creates interoperability problems – IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 6. DRM and int eroper ability Users Users Users Users Content Content Content Content DRM A DRM B DRM C DRM D Trust Trust Trust Trust Mechanism A Mechanism B Mechanism C Mechanism D Non-Interoperability points IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 7. DRM and int eroper ability Public-Key Infrastructures (PKI) are important for trust ● environment establishment PKIX (PKI for X.509) is currently one of the most ● deployed PKI technologies, present in many security solutions PKI offers functions/services that are crucial to the ● establishment of trust environments: Certification Authority – Registration Authority – Repository – Archive – IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 8. DRM and int eroper ability PKIX supports most of the security and trust functions ● that DRM needs DRM systems can “deliver” their security and trust ● requirements “in the hands” of an underlying PKIX system This would simplify the task of DRM interoperability ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 9. PKIX and DRM inter oper ability Two approaches for DRM interoperability through PKI: ● Use a single PKI service shared by all DRM systems; – Each DRM use their own PKI service, and brokering – mechanisms are used between them They both have their points, but... ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 10. PKIX and DRM inter oper ability All the different DRM systems use the same PKI solution, to establish the necessary trust environment between the different actors, devices or software components. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 11. PKIX and DRM inter oper ability The different DRM systems have their own PKI, and a PKI broker is used to build interoperable trust environments between the different actors, devices and software components of the different DRM systems. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 12. PKIX and DRM inter oper ability 1st Scenario ● The same PKI offers to the different DRM components, trust – credentials, that can be immediately trusted between different DRM systems This is however a low probability scenario. DRM systems will – adopt their own PKI solutions IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 13. PKIX and DRM inter oper ability 2nd Scenario ● Reflects what is happening now – each DRM chooses its own – PKI solution “Local” and “External” interoperability – “Local” - the internal components of a DRM system rely on the trust ● provided by their own PKI “External” - the components of different DRM systems, have to build ● trust relationships using a PKI broker IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 14. PKIX and DRM inter oper ability 2nd Scenario ● DRM A DRM B “Local” PKI “Local” PKI PKI broker IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 15. PKIX and DRM inter oper ability Assumptions: ● 1.DRM1 Device has a key pair: KpubDevice, KprivDevice; 2.DRM2 License Issuer has a key pair: KpubLicIssuer, KprivLicIssuer ; 3.DRM1 Device has a certificate issued by the DRM1 PKI: CertDRM1PKI(KpubDevice); 4.DRM2 License Issuer has a certificate issued by the DRM2 PKI: CertDRM2PKI(KpubLicIssuer); 5.All the PKI are PKIX-based and use X.509 digital certificates; 6.PKI Broker has a key pair: KpubPKIBroker, KprivPKIBroker; 7.DRM1 PKI and DRM2 PKI are registered at the PKI Broker; 8.DRM1 PKI has to have a certificate from the PKI Broker: CertDRMBroker(KpubDRM1PKI); 9.DRM2 PKI has to have a certificate from the PKI Broker: CertDRMBroker(KpubDRM2PKI). IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 16. PKIX and DRM inter oper ability Protocol ● 1.The DRM1 Device has acquired some digital object which is not governed by the same DRM; 2.DRM1 Device sends a message to DRM2 License Issuer to download the license for the digital object and their credentials: licenseDownload(contentID, CertDRM1PKI(KpubDevice)); 3.DRM2 License Issuer sends the DRM1 Device credentials to the DRM2 PKI for validation; 4.DRM2 PKI has no way to validate the request, because the credential has been issued by other PKI. Therefore the DRM2 PKI asks to the DRM Broker to try to validate the credential: validateCredentials(CertDRMBroker(KpubDRM2PKI), CertDRM1PKI(KpubDevice)); IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 17. PKIX and DRM inter oper ability Protocol ● 5.The DRM Broker validates the requesting PKI credentials, and checks the credentials sent by the device, checking the issuer PKI. It resolves the location of this PKI (DRM1 PKI) and sends it a validation request: validateRequest(CertDRM1PKI(KpubDevice)); 6.DRM1 PKI receives the request and then validates it, returning an answer to the PKI Broker; 7.PKI Broker receives the answer and sends the result to the requesting PKI (DRM2 PKI); 8.DRM2 PKI receives the answer from the PKI Broker asserting that DRM1 Device can be trusted; 9.DRM2 License Issuer generates the license and returns it to the DRM1 Device. IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 18. PKIX and DRM inter oper ability Interoperable scenario (license production) ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 19. Conc lus ions PKI is an important part of DRM (fulfil DRM ● requirements) Currently, most of the DRM solutions do not rely on ● already existing PKI services or vendors, implementing their own mechanisms – interoperability problems Two approaches for DRM interoperability based on PKI ● services An approach based on a broker is more viable ● DRM interoperability problems are not entirely solver by ● this – this is just the tip of the iceberg!!! IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems
  • 20. Ques tions Thank you! ● Any question? ● IADIS Multi Conference on Computer Science and Information Systems 2007 – Telecommunications, Networks and Systems