University of Kaiserslautern Department of Computer Science Integrated Communication Systems ICSY License4Grid: Adopting DRM for Licensed.

Slides:



Advertisements
Similar presentations
ContentGuard An Intellectual Property Company IPED Conference November 1, 2007 Presented By Eddie Chen CONTENTGUARD.
Advertisements

Open Grid Forum 19 January 31, 2007 Chapel Hill, NC Stephen Langella Ohio State University Grid Authentication and Authorization with.
Enabling Secure Internet Access with ISA Server
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
University of Southampton Electronics and Computer Science M-grid: Using Ubiquitous Web Technologies to create a Computational Grid Robert John Walters.
1 On Death, Taxes, & the Convergence of Peer-to-Peer & Grid Computing Adriana Iamnitchi Duke University “Our Constitution is in actual operation; everything.
GridFTP: File Transfer Protocol in Grid Computing Networks
Grid Security. Typical Grid Scenario Users Resources.
E-science grid facility for Europe and Latin America A Data Access Policy based on VOMS attributes in the Secure Storage Service Diego Scardaci.
The Community Authorisation Service – CAS Dr Steven Newhouse Technical Director London e-Science Centre Department of Computing, Imperial College London.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
1 31 August, 2007 ICSY Lab, University of Kaiserslautern, Germany A File System Service for the Venice Service Grid 33 rd Euromicro 28-31August 2007 Lübeck,
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
8.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © Chapter 1, pp For educational use only.
1-2.1 Grid computing infrastructure software Brief introduction to Globus © 2010 B. Wilkinson/Clayton Ferner. Spring 2010 Grid computing course. Modification.
UMIACS PAWN, LPE, and GRASP data grids Mike Smorul.
1 Exploring Data Reliability Tradeoffs in Replicated Storage Systems NetSysLab The University of British Columbia Abdullah Gharaibeh Matei Ripeanu.
Globus Computing Infrustructure Software Globus Toolkit 11-2.
Digital Rights Management 5th Annual Wireless Java Conference January 21-23, 2004 Kevin Mowry, Motorola Chair, OMA Download and DRM group.
International Services and Tools for Content, Metadata and IPR Management Wen Gao Department of Computer Science 10/24/2013.
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
1 Exploring Data Reliability Tradeoffs in Replicated Storage Systems NetSysLab The University of British Columbia Abdullah Gharaibeh Advisor: Professor.
B2C Extended Packaging Bar Code Standard
Rights / Business Models in the NSDL Columbia University David Millman April, 2001.
Cardea Requirements, Authorization Model, Standards and Approach Globus World Security Workshop January 23, 2004 Rebekah Lepro Metz
 Cloud computing  Workflow  Workflow lifecycle  Workflow design  Workflow tools : xcp, eucalyptus, open nebula.
File: 05_RETS_Implementation_Best_Practices.PPT 1 RETS Implementation Practices RETS Implementation Best Practices Business Case Project Start-up Resource.
1 Dr. Markus Hillenbrand, ICSY Lab, University of Kaiserslautern, Germany A Generic Database Web Service for the Venice Service Grid Michael Koch, Markus.
ChemStation Integration with ECM November 7, 2006 Integration of ChemStation with OpenLAB ECM Life Sciences Solutions Unit Susanne Kramer, Application.
Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.
An XMPP (Extensible Message and Presence Protocol) based implementation for NHIN Direct 1.
An Overview of MPEG-21 Cory McKay. Introduction Built on top of MPEG-4 and MPEG-7 standards Much more than just an audiovisual standard Meant to be a.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
GT Components. Globus Toolkit A “toolkit” of services and packages for creating the basic grid computing infrastructure Higher level tools added to this.
INFSO-RI Enabling Grids for E-sciencE The US Federation Miron Livny Computer Sciences Department University of Wisconsin – Madison.
Cryptography, Authentication and Digital Signatures
University of Kaiserslautern Department of Computer Science Integrated Communication Systems ICSY Nathan Kerr Pictures and Research.
Grid Resource Allocation and Management (GRAM) Execution management Execution management –Deployment, scheduling and monitoring Community Scheduler Framework.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.
Cascading Payment Content Exchange (CasPaCE) Framework for P2P Networks Gurleen Arora Supervisors: Dr. M. Hanneghan & Prof. M. Merabti Networked Appliances.
Engineering Essential Characteristics Security Engineering Process Overview.
Communicating Security Assertions over the GridFTP Control Channel Rajkumar Kettimuthu 1,2, Liu Wantao 3,4, Frank Siebenlist 1,2 and Ian Foster 1,2,3 1.
OSG PKI Contingency and Recovery Plans Mine Altunay, Von Welch October 16, 2012.
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
National Computational Science National Center for Supercomputing Applications National Computational Science GSI Online Credential Retrieval Requirements.
Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]
26/05/2005 Research Infrastructures - 'eInfrastructure: Grid initiatives‘ FP INFRASTRUCTURES-71 DIMMI Project a DI gital M ulti M edia I nfrastructure.
When DRM Meets Restricted Multicast A Content Encryption Key Scheme for Restricted Multicast and DRM Min FENG and Bin ZHU Microsoft Research Asia.
eSciDoc Community Model Draft eSciDoc Community Model Overview 1.Introduction 2.Requirements on the Community Model 3.Organizational.
E-Science Security Roadmap Grid Security Task Force From original presentation by Howard Chivers, University of York Brief content:  Seek feedback on.
The overview How the open market works. Players and Bodies  The main players are –The component supplier  Document  Binary –The authorized supplier.
Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()
PARALLEL AND DISTRIBUTED PROGRAMMING MODELS U. Jhashuva 1 Asst. Prof Dept. of CSE om.
Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.
CSRP: Post-bind Submission (PbS) On-line Submission Portal High Level Design July 2015.
System Software Laboratory Databases and the Grid by Paul Watson University of Newcastle Grid Computing: Making the Global Infrastructure a Reality June.
Authentication, Authorisation and Security
Grid Security.
Study course: “Computing clusters, grids and clouds” Andrey Y. Shevel
THE STEPS TO MANAGE THE GRID
Grid Computing Software Interface
Presentation transcript:

University of Kaiserslautern Department of Computer Science Integrated Communication Systems ICSY License4Grid: Adopting DRM for Licensed Content in Grid Environments Joachim Götze, Simon Schwantzer, Tino Fleuren & Paul Müller 8 th IEEE European Conference on Web Services Joachim Götze

2 Joachim Götze, University of Kaiserslautern Overview  Motivation  Application scenario  Open issues  Digital Rights Management  Distribution approaches  License4Grid  Participants  Requirements  Usage scenarios

3 Joachim Götze, University of Kaiserslautern Complex scientific applications  Goals of many scientific applications  Complex scenarios  Processing of large amounts of data  Common requirements  Utilize high performance computing capabilities  Handle licensed content

4 Joachim Götze, University of Kaiserslautern Flood Simulation  European Commission passed the “Flood Directive” (2007)  Identification of inundated areas  Creation of flood risk maps  Flood forecasting models are used to determine the extent of a flooding  Authorities require an estimation of the possible damages  Facilitate effective early warning measures for residents  In urban regions, the model becomes much more complex  Underlying terrain has to be taken in account  But also a detailed 3D city model  For an accurate simulation these data sets are needed in a very high spatial resolution  Increasing the amount of data to be processed exponentially.

5 Joachim Götze, University of Kaiserslautern Current solutions  Getting terrain and city models  Typically available via HTTP(S)  Content protection Access restricted by IP addresses Every user needs a personal account  Scientific community is one of the foremost users  Worries about losing data is not predominant  How to protect content with this solution?  There is no license attached

 Aspects of licensed content  Basics of digital rights management  Distribution of licensed content Digital Rights Management

7 Joachim Götze, University of Kaiserslautern Licensed content  Terms focusing on different aspects of content  Intangible assets Copyright  Information goods Content exchange  Paid content Payment process  Licensed content here  Arbitrary content Not Software!  Technical focus Provisioning and protection of content Maintaining the association between license and data

8 Joachim Götze, University of Kaiserslautern Digital Rights Management  Aspects of DRM  Management of digital rights Identification of data Metadata creation Mapping to a license  Digital management of rights Content protection Distribution Control mechanisms Distribution tracing

9 Joachim Götze, University of Kaiserslautern Structure of Licensed Content  Content Object  The whole data package  Containing multiple content elements  Rights Object  Identification  License Information  Content Element  A specific element, e.g., file Content Object Rights Object Content Element

10 Joachim Götze, University of Kaiserslautern External Distribution Approach  Distribution node NOT part of the observed environment  Gaining flexibility for design and implementation  Total loss of data control after distribution

11 Joachim Götze, University of Kaiserslautern External Distribution Approach  Distribution node NOT part of the observed environment  Gaining flexibility for design and implementation  Total loss of data control after distribution

12 Joachim Götze, University of Kaiserslautern External Distribution Approach  Distribution node NOT part of the observed environment  Gaining flexibility for design and implementation  Total loss of data control after distribution

13 Joachim Götze, University of Kaiserslautern Internal Distribution Approach  Distribution node part of the observed environment  Allowing the use of existing functionality within the environment  Security  Data management  User management  Binding the distributor to the technical environment  Currently, all distribution approaches in Grid environments are external!

 Participants and interest domains  Usage scenarios  Minimal requirements  Example communication workflows  Implementation overview License4Grid

15 Joachim Götze, University of Kaiserslautern Internal distribution within a Grid environment  Course of events  Preparation The licenser creates data packages at a distributor  Obtaining a license The licensee selects a data package and acquires a license  Using a computing resource A Grid service is utilizing the required data package in order to execute the desired function on a computing resource User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

16 Joachim Götze, University of Kaiserslautern Access and Content Protection  Two scenarios for an internal distribution approach  Without content protection Maintaining the mapping between license and content  With content protection Encrypting the content  Two options for accessing content  Direct access Content can be accessed directly by the user  Indirect access Content can only be accessed through a trusted service

17 Joachim Götze, University of Kaiserslautern Combining scenarios and options  Four scenarios  1a: Direct access without content protection  1b: Direct access with content protection  2a: Indirect access without content protection  2b: Indirect access with content protection

18 Joachim Götze, University of Kaiserslautern Minimal requirements for content distribution  Non-protected content distribution  Mutual authentication of participating users and services  Restricted data access to the distribution service  Creation of a container for combining data and license information  Support for maintaining this container  Possibility for data extraction at the computing resource  Additional requirements for distribution of protected content  Data encryption at the distribution service  A preparation phase including license validation

19 Joachim Götze, University of Kaiserslautern Interest domains User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

20 Joachim Götze, University of Kaiserslautern Content/License owner Service owner Resource owner Interest domains User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

21 Joachim Götze, University of Kaiserslautern Preparation Phase  Create metadata  Upload content to distribution service  Create content package  Optionally: encrypt and deliver decryption key Licenser Service Distribution Service Distribution Service

22 Joachim Götze, University of Kaiserslautern Direct Access without Content Protection  Prerequisite: License already acquired  Retrieve content (if license is valid)  Invoke service and send content  Execution requires a valid license  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

23 Joachim Götze, University of Kaiserslautern Direct Access without Content Protection  Prerequisite: License already acquired  Retrieve content (if license is valid)  Invoke service and send content  Execution requires a valid license  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

24 Joachim Götze, University of Kaiserslautern Direct Access without Content Protection  Prerequisite: License already acquired  Retrieve content (if license is valid)  Invoke service and send content  Execution requires a valid license  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

25 Joachim Götze, University of Kaiserslautern Direct Access without Content Protection  Prerequisite: License already acquired  Retrieve content (if license is valid)  Invoke service and send content  Execution requires a valid license  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

26 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection  Prerequisite: License already acquired  Invoke service and send license identifier  Retrieve content (if license is valid and service is trusted)  Execution requires a decryption key  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

27 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection  Prerequisite: License already acquired  Invoke service and send license identifier  Retrieve content (if license is valid and service is trusted)  Execution requires a decryption key  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

28 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection  Prerequisite: License already acquired  Invoke service and send license identifier  Retrieve content (if license is valid and service is trusted)  Execution requires a decryption key  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

29 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection  Prerequisite: License already acquired  Invoke service and send license identifier  Retrieve content (if license is valid and service is trusted)  Execution requires a decryption key  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

30 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection  Prerequisite: License already acquired  Invoke service and send license identifier  Retrieve content (if license is valid and service is trusted)  Execution requires a decryption key  Retrieve results User Computing Service Computing Service Computing Resource Computing Resource Licenser Service Distribution Service Distribution Service

31 Joachim Götze, University of Kaiserslautern Implementation  Technical details  Implemented as Grid services for Globus Toolkit  Advantages of the implementation environment  Existing functionalities and services Security by use of the Grid Security Infrastructure (GSI)  Authentication by certificates  Encryption of communication channels Data Management provided by GridFTP and OGSA-DAI  High-performance data transfer  Security based on GSI

32 Joachim Götze, University of Kaiserslautern Summary  Current situation  Scientific computation is making use of licensed content  Licensed content is introduced manually  Licenser is losing control of the provided content  An internal distribution approach for Grid environments is missing  Solution: License4Grid  Internal distribution Supporting multiple scenarios  Ensuring an intact DRM chain  Making use of existing functionality in Grids User management and security Data management

Integrated Communication Systems ICSY University of Kaiserslautern Department of Computer Science P.O. Box 3049 D Kaiserslautern Dipl.-Inform. Joachim Götze Phone:+49 (0) Fax:+49 (0) Internet:

34 Joachim Götze, University of Kaiserslautern Direct Access without Content Protection

35 Joachim Götze, University of Kaiserslautern Indirect Access with Content Protection

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.