Drm digital rights managment-june2014-tarek gaber

Dr. Tarek Gaber
Faculty of Computers & Informatics
Suez Canal University , Ismailia, Egypt
and
SRGE (www.scienceegypt.net)
Email: tmgaber@gmail.com
2e CONFÉRENCE -« Cybercriminalité & confiance numérique », Port-Saïd, Egypt., 19 June 2014

Before the digital era,
one's ability to do various
things with content were
limited.
The Internet (digital age)
makes it possible to
nearly do anything with
digital content.

Digital contents, e.g. Music,
Movies, documents, are:
very easy and cheap to copy
Essentially no “resistance” from
duplication
This led to:
Loss of billion dollars a year for world
trade.

 Cryptographic
Techniques
could help but
not enough
4

Can content be protected even
after its decryption?
Copying by persistent pirate would
always be succeed.
Current technology can potentially
minimize the scale of copying:
“keeping honest people honest”
Digital Rights Management (DRM)
technologies can be help in this issue.

 It is a set of technologies (encryption,
watermarking, hash function, signature,
etc.) enabling content owners to identify
and control:
 the access to their content and
 the conditions under which this access is given.

 DRM includes:
 Persistent Protection: License to be always checked before
using a content
 Access tracking: Capability of tracking access to and
operations on content
 Rights licensing: Capability of defining specific rights to
content and making them available by contract

Government Agencies
• Interested in controlled viewing and sharing of highly secure and
confidential documents, audio and video data.
Private Corporations
• Want to limit the sharing of their proprietary information
• Track accesses and any modifications made to it.
• E.g. news agencies like Reuters
Owners of commercial content
• Content owners, artists, and publishers want to gain revenue
through sale and promotions

DRM can help to ensure companies that:
• Rights are tracked at consumption
• Access is controlled during production processes
• Protection for the content extends throughout
product lifecycles

 DRM can be integrated with content
management (collection, managing, and
publishing of information in any form or
medium) to ensure:
 Proper business practices
 Implementation of new business models
 Compliance with regulatory requirements in
industries such as financial services, healthcare,
and government

 The process of drafting a law is circulated among
committee members (e.g. judges and lawyers).
 Using DRM technology, this becomes a closed
circulation.
 Also, the drafting law is in a tamper-proof format, with
 print-only user-rights,
 limited to a pre-determined timeframe, after which the draft
is withdrawn and replaced by the final law.
 The judges and lawyers can
 withdraw, alter, or grant permissions related to the content
at any time.

 Systems should be able to update rights and usage as
needed to accommodate new distribution models,
 E.g. allowing content to be accessed by to 2, 3, or 5 devices
 Otherwise cost a lot of money and be a disincentive to
customers.
 DRM, in such case, can facilitate
 collaboration, by creating the ‘trusted environment’
 by persistently protecting critical Intellectual Property (IP).

Piracy, whether of software, music, images, or text,
costs billions of dollars each year.
It takes time and resources to detect and deter
theft.
This could lead to counterproductive to developing
new business models for digital content.
DRM could also help to provide protection
throughout the distribution and consuming of
content.

Licensing
 The process of packaging and delivering protected
bits with un-forgeable terms of usage (“digital
license”) useable only by authenticated
user/environment
Enforcement
 The process of insuring that the use of the digital
work adheres to enumerated use, privacy and
operating restrictions stated in a digital license

Content is encrypted
 So, unusable without authorization
Content license
 Specifies authentication information, DRM client and OS.
 Specifies usage/access control rules
 Contains the “sealed” key for the content.
Content License 938473
Machine 02345 Running
Program 1 (with hash 0x7af33)
Can view Document 3332 on 2014-20-01
Sealed Key: 0x445635
Signed by ACCD Company

At initialization, Trusted Program says:
1. Isolate me from other rendering programs
2. Authenticate me
After Initialization completes successfully, Bob’s PC
1. Makes Private key available for use
When consuming content, Trusted Program:
1. Retrieves license and encrypted content file
2. Authenticates license by checking digital signature
3. Checks rule compliance (e.g. out-of-date)
4. Uses private key to unseal the content key
5. Decrypts and uses content within Trusted Program
Bob’s PC
Trusted Program
Authenticating Public Key
(“Root of Trust”)
0x7af33 PK: 8374505
Bob’s PC

License Server
2) Response
Here’s your license
Content License 938473
Can view Document 3332
on 2014-20-01
Sealed Key: 0x445635
Signed ACCD Company
1) Request
I want document 2346.
Here’s my Machine License
to show you can trust my
machine
Machine License 83874
Has access to a private key
Whose public key is 0x2231
Signed Microsoft
1 2
Bob’s PC
Customer benefits
 Licenses can be used offline
 Simple management of authorization (no central authority)
 Very simple and flexible distribution (a server can distribute to “any” client)

Each “rights expression” may specify a
combination of rules such as:
 what rights are available,
 for whom,
 for how many times,
 within what time period,
 under what access conditions,
 for what fees,
 within which territory, and
 with what obligations,
 Etc.

• Mass Market Content
• Books
• Audio
• Video
• Software
• Much more flexible use and better content
management
– But there are “Fair Use” and privacy concerns which
can be mitigated … maybe

 Premium releases
 Price discrimination
 I hear it. I want it. I get it.
 Lower manufacturing costs
 More variety?
 Most popular use of DRM
 I don’t get it
 Library/archive
 Roaming
 “Active” content
Pay per view
movies
Web distributed
songs
Ring tones
E-Books

 Windows Media Player
 Apple DRM
 Macrovision
 LexMark
 Xbox
 Sony Playstation

 Break Once Break Everywhere
 Degree of isolation
 Transducer Problem
 I/O
 Privacy and Interoperability
 Flexibility (transfer, etc)
 Multiple devices
 Multiple users
 Migration
 User Control/Backup

• “Fair Use”
• Monopoly “Lock-in”
• Erosion of copyright in favor of “contracts”
• Archive
• “Information wants to be free”
• Consumer expectations
• severe licensing policies

 It is essential for DRM systems to provide
interoperable services.
 DRM could enable a big amounts of new content to
be made available in safe, open, and trusted
environments.
 DRM can be expected to be heavily used in the
future to support
 digital library collections,
 code and software development,
 distance education, and
 networked collaboration, among other applications.

Thanks

Drm digital rights managment-june2014-tarek gaber

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (20)

Similaire à Drm digital rights managment-june2014-tarek gaber

Similaire à Drm digital rights managment-june2014-tarek gaber (20)

Plus de Tarek Gaber

Plus de Tarek Gaber (15)

Dernier

Dernier (20)

Drm digital rights managment-june2014-tarek gaber