“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

Slides:



Advertisements
Similar presentations
ContentGuard An Intellectual Property Company IPED Conference November 1, 2007 Presented By Eddie Chen CONTENTGUARD.
Advertisements

0 McLean, VA August 8, 2006 SOA, Semantics and Security.
The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
A Content Protection Scheme Using MPEG-21 Concepts and Tools Chia-Hsien Lu Feng-Cheng Chang Hsueh-Ming Hang Dept. Electronics Engineering National Chiao.
Secure Communication Architectures.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
1 MPEG-21 : Goals and Achievements Ian Burnett, Rik Van de Walle, Keith Hill, Jan Bormans and Fernando Pereira IEEE Multimedia, October-November 2003.
Architecture & Data Management of XML-Based Digital Video Library System Jacky C.K. Ma Michael R. Lyu.
Jau-Wu Huang1 Digital Rights Management for Visual Content in Mobile Applications Trimeche, M.; Chebil, F.; Nokia Research Center Control, Communications.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
MPEG-21 Multimedia Framework: Status and Directions January 8, 2003 John R. Smith Pervasive Media Management Group IBM T. J. Watson Research Center 19.
Digital Rights Management 5th Annual Wireless Java Conference January 21-23, 2004 Kevin Mowry, Motorola Chair, OMA Download and DRM group.
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
Israel Securities Authority MAGNA – Electronic filing Natan Herscovitz, CIO December 2004.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
1 Functional reference model for Digital Rights Management Systems Vural Ünlü / Prof. Dr. Thomas Hess Munich School of Management Berlin, 5. September2004.
Digital Rights Management on the Web Dr Renato Iannella IPR Systems Chief Scientist 10th World-Wide Web.
Advanced Access Content System (AACS) Industry Briefing July 14, 2004.
CPTWG Jan MacroSafe TM System A Solution for Secure Digital Media Distribution Presentation to the CPTWG Jan. 15, 2002.
Authentication and Payments 27 June 2000 Ann Terwilliger Product Director eCommerce Authentication Visa International.
Copyright © 2000 Internet Document Security Alan Weintraub Research Director March 9, 2000.
Jaeki Song ISQS6337 JAVA Lecture 16 Other Issues in Java.
An Overview of MPEG-21 Cory McKay. Introduction Built on top of MPEG-4 and MPEG-7 standards Much more than just an audiovisual standard Meant to be a.
MPEG-21 : Overview MUMT 611 Doug Van Nort. Introduction Rather than audiovisual content, purpose is set of standards to deliver multimedia in secure environment.
MPEG-21: The 21st Century Multimedia Framework Jan Bormans, Jean Gelissen, and Andrew Perkis IEEE Signal Processing Magazine, March 2003.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Rights Expression Languages in Digital Rights Management Xin Wang ContentGuard, Inc. October 19, 2006.
The Open Connected TV (OCTV) project 2011/08/28. Connected TV: dream and reality The dream Connected TV: the means to provide the much sought- after convergence.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
1 DOI for eBooks: What are we identifying? Steve Mooney Sophia-Antipolis, France 22 JAN 01.
Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications Frank Hartung and Friedhelm Ramme, Ericsson Research, IEEE.
Digital Rights Management with XML Eamonn Neylon Technology Director The YRM Group.
Copyright Frost & Sullivan Mobile Digital Rights Management: Managing Rights, Managing Revenues Interactive Analyst Briefing Allison Webb 12 March 2003.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
WP Strategic Objective Networked Audio Visual Systems and Home Platforms.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Lecture 13 Business and the Internet SFDV Principles of Information Systems.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Content Protection Platform Shih-Kun Huang Chung-Po Lin Wei-Nan Hung Institute of Information Science Academia Sinica.
What’s MPEG-21 ? (a short summary of available papers by OCCAMM)
On Requirements for Mobile Commerce By Aj.Pongthep Termsnguanwong.
ITVP Platform: delivering interactive TV services over IP networks Miroslaw Czyrnek
Kemal Baykal Rasim Ismayilov
Sociedad Digital de autores y editores Digital Media Project (DMP) Value Chain Functions, Requirements And Architecture Marc Gauvin Requirements.
Towards a Software Architecture for DRM Joint work with Kristof Verslype, Wouter Joosen, and Bart De Decker DistriNet research.
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
The overview How the open market works. Players and Bodies  The main players are –The component supplier  Document  Binary –The authorized supplier.
Electronic Commerce Semester 1 Term 1 Lecture 7. Introduction to the Web The Internet supports a variety of important tools, such as file transfer, electronic.
© 2015 Digital Rights Management in a 3G Mobile Phone and Beyond Thomas S.Messerges, Ezzat A. Dabbish ILKOO LEE.
E-Business Infrastructure PRESENTED BY IKA NOVITA DEWI, MCS.
Use Cases and Requirements
Module 8: Securing Network Traffic by Using IPSec and Certificates
EMV® 3-D Secure - High Level Overview
THE STEPS TO MANAGE THE GRID
An Overview of MPEG-21 Cory McKay.
PREPARED BY: RUMMY MIRANDA
NAAS 2.0 Features and Enhancements
Public Key Infrastructure from the Most Trusted Name in e-Security
Secure Electronic Transactions (SET)
MUMT611: Music Information Acquisition, Preservation, and Retrieval
Module 8: Securing Network Traffic by Using IPSec and Certificates
Electronic Payment Security Technologies
Distributed Digital Rights Management
Presentation transcript:

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior de Ciências do Trabalho e da Empresa, Ed. ISCTE – Av. Das Forças Armadas Lisboa – Portugal - Joaquim Marques IPCB – Instituto Politécnico de Castelo Branco Av. Pedro Alvares Cabral Nº12 – 6000 Castelo Branco - Portugal Virtual Goods – May 2004

/ DRM Platform – OpenSDRM Global Framework that is flexible and adaptive Inline with recent specification OPIMA Mpeg 4 Mpeg 21 Open - based on open standards - developed with open-source - extensible to allow new components integration Based on MPEG-4 IPMP-X model proposed by MPEG Oriented to user usage regulation Gives some flexibility on content exchange among users. Covers several major aspects of content distribution and trading: content production, preparation and registration, interactive content distribution, content negotiation and acquisition, strong components and user’s authentication and conditional content rendering.

/ Provides an integrated DRM solution, interfacing with several external actors which have their own specific role and requirements: - User wants to use content, - Content Provider (wants secure content trading), - IPMP Tools Provider (wishes to commercialize their own content security tools) - Payment Infrastructure (represents the financial environment) - Certification Authority (responsible for injecting trust on the system) DRM Platform – OpenSDRM

/ Content production and preparation (Content Preparation Server, Registration Server), Content protection ( Registration Server, License Server, Intellectual Property Management and Protection - IPMP tools server and Authentication Server), Content interactive distribution (Media Delivery Server ), Content negotiation and acquisition (Commerce Server, Payment Gateway), Strong components and users authentication (Authentication Server) Conditional visualization/rendering (Media Player, IPMP tools Server, License Server) DRM Platform – OpenSDRM Architecture The implementation followed an LAMP-based (Linux, Apache, MySQL and PHP) approach

/ DRM Platform – OpenSDRM Architecture

/ External actors Interactions DRM Platform – OpenSDRM User - The User wants to enjoy some content (may require the use of protected devices, software and licenses); IPMP Tools Provider - organization that produces tools for encryption, scrambling, watermarking and others that can be applied to content protection; Payment Infrastructure - Facilitates OpenSDRM e-commerce features by providing services for handling electronic payments; Certification Authority - The Certification Authority is responsible for receiving requests and issuing entities credentials to authenticate themselves to each other, (secure and authenticated communication channels can be established)

/ Content Preparation server - receives raw content from a specified source or sources and encodes it on a specified format, adds metadata and protects it. (If further metadata needs to be added, it is stored on the Registration Server). Commerce Server - trades the specific usage conditions to access content (user must be authenticated to this component through the Authentication server and the licenses for the content are also produced online based on this user authentication and the conditions he chose. This operation may also involve a financial transaction) Media Delivery server - Responsible for exchanging pieces of content with the client (used to register the place where the content is located and when it should be delivered to the user). Registration server - assign unique identifiers to content and to register metadata information for that specific content( DII, DOI, Internal Components & Interfaces DRM Platform – OpenSDRM

/ Authentication server - This server component is responsible for authenticating all the entities, internal and external to the DRM system (It validates the access rights of all the entities and components in the system). Cryptographic XML credentials to authenticate both components and users in order to authenticate the transactions exchanged between them. All messages between components are exchanged over a secure and authenticated channel, such as SSL/TLS. messages exchanged between components are signed and authenticated, and share a common structure Internal Components & Interfaces Two security layers DRM Platform – OpenSDRM

/ License Server - The License Server is a server component responsible for house-keeping the rules associating a user, the content and his/her corresponding access rights (accept connections from authenticated client Media Players for downloading of licenses; licenses are XML formatted using Open Digital Rights Language (ODRL) -> REL in the future) IPMP tools server - The IPMP tools server is the server component responsible for registering new IPMP tools and for receiving authenticated client Media Player requests for the downloading of a specific IPMP tool. Media Player - This component represents the software that will be used to render the content (may work with one or several IPMP tools in order to control how the content is accessed by a particular User; ) DRM Platform – OpenSDRM Internal Components & Interfaces

/ OpenSDRM and the SuperDistribution model Usage scenarios 1) User sends content to other user without the respective license UiUi UfUf LIS Player AUS COS Content License download Player Content + license 1 2 Request License production 3 Content + License

/ OpenSDRM and the SuperDistribution model Usage scenarios 2) User sends content and license to other user UiUi UfUf LIS Player AUS COS Content License’ download Player Content + license 1 2 Content + License’

/ OpenSDRM and the SuperDistribution model Conclusions - Is easy to use and convenient (in the sense consumers can share (redistribute) its own content ) ; - Content is portable across different but compatible devices (allowing sufficient level of interoperability and trust), - Provide enough value to convince a significant number of users to choose it over free exchanges ( because a network of clearinghouses providing higher quality content and more efficient distribution can negotiate personalized licenses) ; - Can give to the user a new consumer experience (pricing, sharing,...) ( contributing this way to enhancing its acceptance by encouraging users to exchange content); - Can contribute to the acceptance of new standards (content file format, player, device type, others); - It is secure and flexible enough to traders and consumers;

/ OpenSDRM and the SuperDistribution model Solution for securely distribute, trade and control the access and usage of valuable content Addresses the most fundamental issues associated with digital content distribution (content protection, usage control, usage tracking, flexible business models) Enables the transmission of content independently of direct distributor intervention opening a new usage experience