A Credential Based Approach to Managing Exceptions in Digital Rights Management Systems Jean-Henry Morin University of Geneva – CUI.

Slides:



Advertisements
Similar presentations
The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Advertisements

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
ITU WORKSHOP ON STANDARDS AND INTELLECTUAL PROPERTY RIGHTS (IPR) ISSUES Session 5: Software copyright issues Dirk Weiler, Chairman of ETSI General Assembly.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Cobalt: Separating content distribution from authorization in distributed file systems Kaushik Veeraraghavan Andrew Myrick Jason Flinn University of Michigan.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
Copyright, 2010 Maryland’s New Power of Attorney Law Presented September 1, 2010 by Marjorie A. Corwin and Carla Stone Witzel Gordon, Feinblatt, Rothman,
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Report on Attribute Certificates By Ganesh Godavari.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Confidential 1 Electronic Prescribing of Controlled Substances (EPCS) Part 1 of a 3 Part Series Chuck Klein, Ph.D. GM/Director, Medication Management.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
May 18, 2004SCORM/NSDL Technical Meeting SCORM/NSDL Technical Meeting Alexandria, Virginia May 18, 2004 Reusability & Persistence: Talking Points -Robby.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
1 Are “Trusted Systems” Useful for Privacy Protection? Joan Feigenbaum PORTIA Workshop Stanford Univ., July 8-9, 2004.
PRIVACY, TRUST, and SECURITY Bharat Bhargava (moderator)
INTRODUCTIONDEFINITIONSAPPLICATIONSCONCLUSION Copyright © KATZAROV S.A.24/01/2007 Digital Rights Management (DRM) and Software Products Olivier Sacroug.
National Smartcard Project Work Package 8 – Security Issues Report.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Copyright Principles for Authors and Publishers CCM 800 Instructor: Lesley Ellen Harris, Copyrightlaws.com SLA Click University Certificate in Copyright.
CNRI Handle System and its Applications
WIPO Copyright Sector 1.  Fundamental or constitutional rights or public interest: freedom of speech, access to information, right for education, enjoyment.
Functional Model Workstream 1: Functional Element Development.
Report from Breakout Session 1.2 Secure Consumerization: the Genuine Trustworthiness Revolution Chair: Craig Lee Rapporteur: Paolo Mazzetti.
Advanced Access Content System (AACS) Industry Briefing July 14, 2004.
Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK InfraSec 2002 InfraSec 2002 Bristol, October 2002 Marco Casassa Mont Richard.
MITREMITRE Coalition Security Policy Language Project 11 December 2000.
TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.
MPEG-21 : Overview MUMT 611 Doug Van Nort. Introduction Rather than audiovisual content, purpose is set of standards to deliver multimedia in secure environment.
Web Services Security Standards Overview for the Non-Specialist Hal Lockhart Office of the CTO BEA Systems.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Rights Expression Languages in Digital Rights Management Xin Wang ContentGuard, Inc. October 19, 2006.
SmartRight™ 1 THOMSON multimedia 2001 ©28 November 2001 Copy Protection System for Digital Home Networks Deployment process CPTWG – November 28, 2001.
SmartRight™ 1 THOMSON multimedia 2001 ©11 july 2001 Copy Protection System for Digital Home Networks CPTWG – July 11, 2001.
DEP350 Windows ® Rights Management (Part 1): Introduction, Concepts, And Technology Marco DeMello Group Program Manager Windows Trusted Platforms & Infrastructure.
University of Toronto Department of Computer Science © Steve Easterbrook. This presentation is available free for non-commercial use with attribution.
Rights, exceptions, usages…1 Rights, exceptions, usages… But no expectations, please! Leonardo Chiariglione, Martin Springer 3 rd DRM Conference Berlin.
HEPKI-PAG Policy Activities Group David L. Wasley University of California.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
Attribute Certificate By Ganesh Godavari. Talk About An Internet Attribute Certificate for Authorization -- RFC 3281.
Identity in the Virtual World: Creating Virtual Certainty David L. Wasley Information Resources & Communications UC Office of the President.
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Higher Education PKI Summit Meeting August 8, 2001 The ABA PAG Rodney J. Petersen, J.D. Director, Policy and Planning Office of Information Technology.
A Context Model based on Ontological Languages: a Proposal for Information Visualization School of Informatics Castilla-La Mancha University Ramón Hervás.
Delegation and Proxy Services in Digital Credential Environments Carlisle Adams School of Information Technology and Engineering University of Ottawa.
“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.
Panel Session: Dependability and Security in Complex and Critical Information Systems Department of Communications and Information Engineering University.
CPTWG Jan05© Copyright SVP1 Secure Video Processor Eli Hibshoosh Open Platform for Content Protection.
An Ontology-based Approach to Context Modeling and Reasoning in Pervasive Computing Dejene Ejigu, Marian Scuturici, Lionel Brunie Laboratoire INSA de Lyon,
Institutional Repositories July 2007 Intellectual property management : the DISA experience Dr D Peters DISA: Digital Innovation South Africa.
The Section 1201 Rulemaking Jonathan Band Jonathan Band PLLC
A Semantic Model for the Authorisation of Context-Aware Content Adaptation December, 4 th, 2008 Koblenz, Germany Víctor Rodríguez Doncel, Anna Carreras,
Wisconsin Department of Health Services Purchase of Services Contract Guide Julie Anstett and Lucinda Champion Friday, May 6, 2016 Wisconsin Department.
© 2015 Digital Rights Management in a 3G Mobile Phone and Beyond Thomas S.Messerges, Ezzat A. Dabbish ILKOO LEE.
A Context Framework for Ambient Intelligence
A secure and traceable E-DRM system based on mobile device
Legal aspects of copying audiovisual work onto portable media devices
Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop
Examining Digital Rights Management
Copyright law 101 Nicole Finkbeiner
Appropriate Access InCommon Identity Assurance Profiles
The Attribute and the ecosystem
Access Control What’s New?
Presentation transcript:

A Credential Based Approach to Managing Exceptions in Digital Rights Management Systems Jean-Henry Morin University of Geneva – CUI CCNC’05, DRM Workshop, 6 Jan, 2005

1/6/2005CCNC'05 DRM Workshop2 Outline Motivation & Background Usage Scenarios Expressing Exceptions as Credentials The proposed approach : Attribute Certificates Resulting Scenario Conclusion & Discussion

1/6/2005CCNC'05 DRM Workshop3 Motivation & Background Problem Statement Managing Exceptions in DRM enabled systems Hard problem, given little attention Exceptions in the context of DRM Particular situation unanticipated by the legitimate content « right holder » where : Rights or policy should be waived or dynamically adapted While maintaining a required persistent protection level and governed usage control Rational for considering Exceptions Conflicting national and international legal frameworks Cannot reasonably anticipate and formalize all situations…

1/6/2005CCNC'05 DRM Workshop4 Motivation & Background (cont.) Unrealistic, impossible nor desirable Limited resource devices Cell phones, PDAs, sensors, etc. 100 kb 1 Mb Content Rules & Policies 

1/6/2005CCNC'05 DRM Workshop5 Usage Scenarios Fair use policies E.g., Academics, scholars, etc. Copyright law and national provisions E.g., Blind and visually impaired (Spain, Portugal, Scandinavia) Communities and affiliations E.g., national and local chapters of professional associations Etc.

1/6/2005CCNC'05 DRM Workshop6 Expressing Exceptions as Credentials Based on « real world » credential patterns Locally managed and held (credential store) Short lived or fixed life time Revocable Late binding (enforcement point)

1/6/2005CCNC'05 DRM Workshop7 The proposed approach : Attribute Certificates X.509 Attribute Certificates (AC): digitally signed (certified) identity and set of attributes PKC bind PK to identity (passport analogy) AC bind attributes to identity (no PK, visa analogy) Short lived Delegation model separating identity from authorization ACA AC Authority (ACA) Holder identity Validity Period Attributes AC Serial # Etc.

1/6/2005CCNC'05 DRM Workshop8 Resulting Scenario AC Credentials delivered by local ACA together with other administrative tokens Requires provisioning DRM systems for checking locally held credentials for applicability and precedence (Enforcement point) prior to rendering / exception license acquisition Exception licenses granted for short time periods Logging and audit trails of granted exceptions for ACA reputation management and reporting purposes

1/6/2005CCNC'05 DRM Workshop9 Conclusion & Discussion Future Work and Leads : Feasibility, formal specification and design, proof of concept prototype Interoperability and Semantics of Exceptions (Exception Data Dictionary) Format and Media independent descriptor for content assets Generic Renewable Space shifting for portability Rights, Policies expressed as attributes (AC)

1/6/2005CCNC'05 DRM Workshop10 Questions… … & Discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.