SlideShare une entreprise Scribd logo
1  sur  12
Télécharger pour lire hors ligne
Open and Secure Digital Rights Management
     Issues in security for Digital Rights Management

                   Carlos Serrão
                  carlos.serrao@iscte.pt
                carlos.j.serrao@gmail.com



        ISCTE/DCTI/ADETTI           UPC/AC/DMAG
           Lisboa, Portugal         Barcelona, Spain
OpenSDRM

    • What is OpenSDRM
     •   Distributed DRM architecture
     •   Each of the functionalities is implemented has an
         independent distributed service
     •   There can exist multiple instances of the same service
         provided by different entities




2
OpenSDRM

     •   OpenSDRM is open:
         •   open-source
         •   open specifications
         •   open interfaces
         •   open to different types of content
         •   open to support many different business models

         •   open to interoperability




3
OpenSDRM

     •   OpenSDRM is secure:
         •   relies on public and secret cryptography: RSA, AES, X.509, ...
         •   XML and X.509 certificates allow the establishment of trust
             environments between all the components
         •   client-side rights management intermediary - wallet
             •   client content rendering applications authentication and registration

             •   secure storage

             •   secure rights management intermediation with DRM platform




4
OpenSDRM
                                                   Content Management System
                                                                                                          Payment authorization
                                                                                                             and requests

                   Browse through                                                Content
                                               Commerce
                   available content                                           Production
                                              Service (COS)
                                                                              Service (CPS)                                                        Payment
                                                                                                                                                   Gateway
                                                       Content
                                    Send content
                                                                                                                                                   Service
                                                                                     Register content
                                       order                          Metadata        and metadata                                                  (PGW)
                          Content                 Media
                                                                               Registration
                                               Distribution
     End-Users
                                                                              Service (RGS)     License template
                                              Service (MDS)                                                                               Payment System
                                                                                                 production and
                                                                                                   content key
                                                                                                                             Request and download
                                                                                                     storage
      Content
                                                                                                                             content protection tools
     Rendering
    Applications                            Content protection
                                                  tools
                                                                                                                                                           Protection
                                                                                                                                                              Tools
      Wallet
                                                                                                                                                          Service (PTS)
     DRM-IMw                                                                                          License
                                                                                                    Service (LIS)

                                                   Licenses
                                                                                                                                                    Protection Tools System
    End-User
     System                                                                        License Management System


                                                         Creates and distributes
                                                           digital credentials



                                                                 Authentication                                Configuration
                                                                 Service (AUS)                                 Service (CFS)



                                                                             Authentication and Accounting
                                                                                        System

5
OpenSDRM

    • Components
          Service A                                   Service B

           Application   Application level security    Application




             SOAP                                        SOAP

            HTTP(s)                                     HTTP(s)

            SSL/TLS        Channel level security       SSL/TLS

            TCP/IP                                      TCP/IP




6
OpenSDRM

    • Wallet Rights Management interoperable Middle-
      ware
            Content       Content          Content          Content       Content
           Rendering     Rendering        Rendering        Rendering     Rendering
           Application   Application      Application      Application   Application
               A             B                C                ...            Z




                           Wallet Rights Management interoperability
                                          Middle-ware




                                       DRM platform



7
OpenSDRM
                                                                                   Content
                                                  Governed and                    Rendering     Content
                                                 Protected content                Application

                                                                 Content
                                Governed and                    Rendering           Content
                               Protected content                Application

                                                Content
              Governed and                     Rendering            Content
             Protected content                 Application




                                        Wallet Rights Management interoperability Middle-
                                                            ware



            Content from
         different providers


                                                                      Provider
         and DRM systems                                                          DRM
                                                                                 system
                                                     Provider




                                                                 DRM
                                                                system
                                    Provider




                                                DRM
                                               system




8
OpenSDRM

                                                                  CRA

                                                   1
      Protection Tools Manager                                                  Application
                                                                               Authorisation

        3                                      5                                                                 Application
                                 2
                                                                                                                 Registration
                                                                        8                              9
     MPEG-21
                                   Rights
       REL
                                                           DRM Secure
                                 Expression
                                                             Comm.
                                 Interpreter           6
      ODRL           4
                                                                                             10
                                                                                                            Application
                                                                                                           Authenticator
                                                                                                  11
                                          7
                                                                            Secure Storage
                                                                               Module

                                                                                                                  12




                                                       DRM

9
OpenSDRM
        Content       Content           Content          Content           Content
       Rendering     Rendering         Rendering        Rendering         Rendering
       Application   Application       Application      Application       Application
           A             B                 C                ...                Z

                                                                                          Common Operation
                                                                                          Language command


        Protection      Secure                        Application       Application
          Tools         Storage                      Authorisation      Registration
        Manager         Module                         Module             Module

                                                              Application
                                                             Authenticator
       MPEG-21           Rights          DRM Secure            Module
         REL           Expression          Comm.
                       Interpreter         Module
        ODRL                                                Wallet Rights Management
                                                           interoperability Middle-ware

                                                                                          Protocols and formats
                                                                                            DRM-dependent




        DRM platform                 DRM platform                    DRM platform



10
OpenSDRM

     • OpenSDRM usage cases:
      •   Until now, mostly used on R&D projects
      •   Content business scenarios
          •   Digital Music, MOSES FP5-IST project, Music-4You.com
          •   JPEG2000 digital images, HICOD2000 ESA RTD project
          •   Video-Surveillance, WCAM FP6-IST project
          •   Home Networking Digital Music, MediaNet FP6-IST project




11
OpenSDRM

     • OpenSDRM is available at:
      •   This “info” sites are still under development:
          •   http://www.opensdrm.com
          •   http://www.opensdrm.org


      •   The source-code can be fetched (SVN) from:
          •   http://sourceforge.net/projects/opensdrm/


      •   Contributions are quite welcome!


12

Contenu connexe

Similaire à OpenSDRM Panel

HP Service Delivery Platform 3.0 Launch
HP Service Delivery Platform 3.0 LaunchHP Service Delivery Platform 3.0 Launch
HP Service Delivery Platform 3.0 Launchgrahamwright
 
M2M Billing - Comarch M2M Projects
M2M Billing - Comarch M2M ProjectsM2M Billing - Comarch M2M Projects
M2M Billing - Comarch M2M ProjectsComarch
 
Tech Ed 09 - Arc302 - Analysis and Architecture
Tech Ed 09 -  Arc302  - Analysis and ArchitectureTech Ed 09 -  Arc302  - Analysis and Architecture
Tech Ed 09 - Arc302 - Analysis and Architecturemhessinger
 
Avcm content flow_080608-v2
Avcm content flow_080608-v2Avcm content flow_080608-v2
Avcm content flow_080608-v2Debjani Roy
 
2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]imec.archive
 
2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]imec.archive
 
The CORA Model Explained
The CORA Model ExplainedThe CORA Model Explained
The CORA Model Explainedtelzinga
 
Microsoft Media Platform Overview
Microsoft Media Platform OverviewMicrosoft Media Platform Overview
Microsoft Media Platform OverviewDavid Chou
 
I Minds2009 Secure And Distributed Software Prof Wouter Joosen (Ibbt Distri...
I Minds2009 Secure And Distributed Software  Prof  Wouter Joosen (Ibbt Distri...I Minds2009 Secure And Distributed Software  Prof  Wouter Joosen (Ibbt Distri...
I Minds2009 Secure And Distributed Software Prof Wouter Joosen (Ibbt Distri...imec.archive
 
Technology Disruption Brings New VAS Opportunities
Technology Disruption Brings New VAS OpportunitiesTechnology Disruption Brings New VAS Opportunities
Technology Disruption Brings New VAS OpportunitiesRadisys Corporation
 
Presentatie peter vink back to the future, TASS technology solutions
Presentatie peter vink   back to the future, TASS technology solutionsPresentatie peter vink   back to the future, TASS technology solutions
Presentatie peter vink back to the future, TASS technology solutions#devdate
 
Geospatial Community Cloud Vision
Geospatial Community Cloud VisionGeospatial Community Cloud Vision
Geospatial Community Cloud VisionDaneyon Hansen
 
Managing the Data Center with JBoss SOA-P
Managing the Data Center with JBoss SOA-PManaging the Data Center with JBoss SOA-P
Managing the Data Center with JBoss SOA-PColloquium
 
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012Verimatrix
 

Similaire à OpenSDRM Panel (20)

HP Service Delivery Platform 3.0 Launch
HP Service Delivery Platform 3.0 LaunchHP Service Delivery Platform 3.0 Launch
HP Service Delivery Platform 3.0 Launch
 
M2M Billing - Comarch M2M Projects
M2M Billing - Comarch M2M ProjectsM2M Billing - Comarch M2M Projects
M2M Billing - Comarch M2M Projects
 
ACORD Web Services
ACORD Web ServicesACORD Web Services
ACORD Web Services
 
Tech Ed 09 - Arc302 - Analysis and Architecture
Tech Ed 09 -  Arc302  - Analysis and ArchitectureTech Ed 09 -  Arc302  - Analysis and Architecture
Tech Ed 09 - Arc302 - Analysis and Architecture
 
Avcm content flow_080608-v2
Avcm content flow_080608-v2Avcm content flow_080608-v2
Avcm content flow_080608-v2
 
2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]
 
2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]2008 brokerage distributed software-service management [compatibility mode]
2008 brokerage distributed software-service management [compatibility mode]
 
Session10part2 Servers Detailed
Session10part2  Servers DetailedSession10part2  Servers Detailed
Session10part2 Servers Detailed
 
Session9part2 Servers Detailed
Session9part2  Servers DetailedSession9part2  Servers Detailed
Session9part2 Servers Detailed
 
The CORA Model Explained
The CORA Model ExplainedThe CORA Model Explained
The CORA Model Explained
 
Microsoft Media Platform Overview
Microsoft Media Platform OverviewMicrosoft Media Platform Overview
Microsoft Media Platform Overview
 
I Minds2009 Secure And Distributed Software Prof Wouter Joosen (Ibbt Distri...
I Minds2009 Secure And Distributed Software  Prof  Wouter Joosen (Ibbt Distri...I Minds2009 Secure And Distributed Software  Prof  Wouter Joosen (Ibbt Distri...
I Minds2009 Secure And Distributed Software Prof Wouter Joosen (Ibbt Distri...
 
ONTOCOM SemTech
ONTOCOM SemTechONTOCOM SemTech
ONTOCOM SemTech
 
Eska cds
Eska cdsEska cds
Eska cds
 
Technology Disruption Brings New VAS Opportunities
Technology Disruption Brings New VAS OpportunitiesTechnology Disruption Brings New VAS Opportunities
Technology Disruption Brings New VAS Opportunities
 
OpenStack Security
OpenStack SecurityOpenStack Security
OpenStack Security
 
Presentatie peter vink back to the future, TASS technology solutions
Presentatie peter vink   back to the future, TASS technology solutionsPresentatie peter vink   back to the future, TASS technology solutions
Presentatie peter vink back to the future, TASS technology solutions
 
Geospatial Community Cloud Vision
Geospatial Community Cloud VisionGeospatial Community Cloud Vision
Geospatial Community Cloud Vision
 
Managing the Data Center with JBoss SOA-P
Managing the Data Center with JBoss SOA-PManaging the Data Center with JBoss SOA-P
Managing the Data Center with JBoss SOA-P
 
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012
Verimatrix-Multi-network Solutions in the Real World - NexTV Mexico 2012
 

Plus de Carlos Serrao

Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Carlos Serrao
 
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...Carlos Serrao
 
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Carlos Serrao
 
A OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebA OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
OWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebOWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebCarlos Serrao
 
Principios básicos de segurança on-line
Principios básicos de segurança on-linePrincipios básicos de segurança on-line
Principios básicos de segurança on-lineCarlos Serrao
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?Carlos Serrao
 
OWASP presentation on FISTA2011
OWASP presentation on FISTA2011OWASP presentation on FISTA2011
OWASP presentation on FISTA2011Carlos Serrao
 
Análise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalAnálise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalCarlos Serrao
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisCarlos Serrao
 
OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.Carlos Serrao
 
Owasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesOwasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesCarlos Serrao
 
OWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPOWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPCarlos Serrao
 
OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010Carlos Serrao
 
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)Carlos Serrao
 
OWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPOWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPCarlos Serrao
 

Plus de Carlos Serrao (20)

Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
Prevenir o "ransomware" - Guia da OWASP para prevenção do "ransomware"
 
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
OWASP Mobile Top 10 - Principais Riscos no Desenvolvimento Seguro de Aplicaçõ...
 
OWASP Mobile Top 10
OWASP Mobile Top 10OWASP Mobile Top 10
OWASP Mobile Top 10
 
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
Vamos tirar uma selfie? [... como a privacidade morreu e ninguém nos avisou]
 
A OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a WebA OWASP e a Segurança Aplicacional para a Web
A OWASP e a Segurança Aplicacional para a Web
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
OWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a WebOWASP e o desenvolvimento seguro de aplicações para a Web
OWASP e o desenvolvimento seguro de aplicações para a Web
 
Principios básicos de segurança on-line
Principios básicos de segurança on-linePrincipios básicos de segurança on-line
Principios básicos de segurança on-line
 
To DRM or not to DRM?
To DRM or not to DRM?To DRM or not to DRM?
To DRM or not to DRM?
 
OWASP presentation on FISTA2011
OWASP presentation on FISTA2011OWASP presentation on FISTA2011
OWASP presentation on FISTA2011
 
Análise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web NacionalAnálise de Vulnerabilidades em Aplicações na Web Nacional
Análise de Vulnerabilidades em Aplicações na Web Nacional
 
Segurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes SociaisSegurança e Privacidade em Redes Sociais
Segurança e Privacidade em Redes Sociais
 
OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.OWASP, PT.OWASP, IBWAS'10 & Cia.
OWASP, PT.OWASP, IBWAS'10 & Cia.
 
Is the Web at Risk?
Is the Web at Risk?Is the Web at Risk?
Is the Web at Risk?
 
Owasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidadesOwasp@iscte iul ferramentas-analise_vulnerabilidades
Owasp@iscte iul ferramentas-analise_vulnerabilidades
 
OWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHPOWASP@ ISCTE-IUL, Segurança em PHP
OWASP@ ISCTE-IUL, Segurança em PHP
 
OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010OWASP @ ISCTE-IUL, OWASP Top 10 2010
OWASP @ ISCTE-IUL, OWASP Top 10 2010
 
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
OWASP @ ISCTE-IUL - OWASP Top 10 (v2010)
 
OWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHPOWASP @ ISCTE-IUL, Criptografia em PHP
OWASP @ ISCTE-IUL, Criptografia em PHP
 

Dernier

Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Lviv Startup Club
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentationbaron83
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGlokeshwarmaha
 
Tata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakTata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakEditores1
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfTalent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfCharles Cotter, PhD
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsIntellect Design Arena Ltd
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examplesamberjiles31
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBBPMedia1
 
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfChicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfSourav Sikder
 
A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.mcshagufta46
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfAnhNguyen97152
 
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfPDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfHajeJanKamps
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003believeminhh
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...Brian Solis
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...IMARC Group
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023Steve Rader
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursKaiNexus
 

Dernier (20)

Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)
 
MoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor PresentationMoneyBridge Pitch Deck - Investor Presentation
MoneyBridge Pitch Deck - Investor Presentation
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
 
Tata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerakTata Kelola Bisnis perushaan yang bergerak
Tata Kelola Bisnis perushaan yang bergerak
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfTalent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
 
WAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdfWAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdf
 
Upgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking ApplicationsUpgrade Your Banking Experience with Advanced Core Banking Applications
Upgrade Your Banking Experience with Advanced Core Banking Applications
 
Intellectual Property Licensing Examples
Intellectual Property Licensing ExamplesIntellectual Property Licensing Examples
Intellectual Property Licensing Examples
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
 
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdfChicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
Chicago Medical Malpractice Lawyer Chicago Medical Malpractice Lawyer.pdf
 
A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.A flour, rice and Suji company in Jhang.
A flour, rice and Suji company in Jhang.
 
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdfGraham and Doddsville - Issue 1 - Winter 2006 (1).pdf
Graham and Doddsville - Issue 1 - Winter 2006 (1).pdf
 
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdfPDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdf
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
 
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
The End of Business as Usual: Rewire the Way You Work to Succeed in the Consu...
 
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
Boat Trailers Market PPT: Growth, Outlook, Demand, Keyplayer Analysis and Opp...
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, Ours
 

OpenSDRM Panel

  • 1. Open and Secure Digital Rights Management Issues in security for Digital Rights Management Carlos Serrão carlos.serrao@iscte.pt carlos.j.serrao@gmail.com ISCTE/DCTI/ADETTI UPC/AC/DMAG Lisboa, Portugal Barcelona, Spain
  • 2. OpenSDRM • What is OpenSDRM • Distributed DRM architecture • Each of the functionalities is implemented has an independent distributed service • There can exist multiple instances of the same service provided by different entities 2
  • 3. OpenSDRM • OpenSDRM is open: • open-source • open specifications • open interfaces • open to different types of content • open to support many different business models • open to interoperability 3
  • 4. OpenSDRM • OpenSDRM is secure: • relies on public and secret cryptography: RSA, AES, X.509, ... • XML and X.509 certificates allow the establishment of trust environments between all the components • client-side rights management intermediary - wallet • client content rendering applications authentication and registration • secure storage • secure rights management intermediation with DRM platform 4
  • 5. OpenSDRM Content Management System Payment authorization and requests Browse through Content Commerce available content Production Service (COS) Service (CPS) Payment Gateway Content Send content Service Register content order Metadata and metadata (PGW) Content Media Registration Distribution End-Users Service (RGS) License template Service (MDS) Payment System production and content key Request and download storage Content content protection tools Rendering Applications Content protection tools Protection Tools Wallet Service (PTS) DRM-IMw License Service (LIS) Licenses Protection Tools System End-User System License Management System Creates and distributes digital credentials Authentication Configuration Service (AUS) Service (CFS) Authentication and Accounting System 5
  • 6. OpenSDRM • Components Service A Service B Application Application level security Application SOAP SOAP HTTP(s) HTTP(s) SSL/TLS Channel level security SSL/TLS TCP/IP TCP/IP 6
  • 7. OpenSDRM • Wallet Rights Management interoperable Middle- ware Content Content Content Content Content Rendering Rendering Rendering Rendering Rendering Application Application Application Application Application A B C ... Z Wallet Rights Management interoperability Middle-ware DRM platform 7
  • 8. OpenSDRM Content Governed and Rendering Content Protected content Application Content Governed and Rendering Content Protected content Application Content Governed and Rendering Content Protected content Application Wallet Rights Management interoperability Middle- ware Content from different providers Provider and DRM systems DRM system Provider DRM system Provider DRM system 8
  • 9. OpenSDRM CRA 1 Protection Tools Manager Application Authorisation 3 5 Application 2 Registration 8 9 MPEG-21 Rights REL DRM Secure Expression Comm. Interpreter 6 ODRL 4 10 Application Authenticator 11 7 Secure Storage Module 12 DRM 9
  • 10. OpenSDRM Content Content Content Content Content Rendering Rendering Rendering Rendering Rendering Application Application Application Application Application A B C ... Z Common Operation Language command Protection Secure Application Application Tools Storage Authorisation Registration Manager Module Module Module Application Authenticator MPEG-21 Rights DRM Secure Module REL Expression Comm. Interpreter Module ODRL Wallet Rights Management interoperability Middle-ware Protocols and formats DRM-dependent DRM platform DRM platform DRM platform 10
  • 11. OpenSDRM • OpenSDRM usage cases: • Until now, mostly used on R&D projects • Content business scenarios • Digital Music, MOSES FP5-IST project, Music-4You.com • JPEG2000 digital images, HICOD2000 ESA RTD project • Video-Surveillance, WCAM FP6-IST project • Home Networking Digital Music, MediaNet FP6-IST project 11
  • 12. OpenSDRM • OpenSDRM is available at: • This “info” sites are still under development: • http://www.opensdrm.com • http://www.opensdrm.org • The source-code can be fetched (SVN) from: • http://sourceforge.net/projects/opensdrm/ • Contributions are quite welcome! 12