Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM’s Cryptolopes

Published byKelley Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "IBM’s Cryptolopes"— Presentation transcript:

1 IBM’s Cryptolopes http://www-4.ibm.com/software/security/cryptolope/

2 Overview A technology for securing intellectual property rights in a distributed environment Emphasizes security at the document level, not the channel level Developed for e-commerce settings, IBM has tuned cryptolopes for the digital library market

3 History Developers Developed at IBM. Proposed by Jeff Crigler and Marc Kaplan [Benton 1996] Implemented by Kaplan, Josh Auerbach and Chee-Seng Chow Pursued by Ulrich Kohl, Jeffrey Lotspiech, and Marc A. Kaplan [Kohl et al. 1997]

4 History Time line 1994) Crigler proposes cryptolopes in the context of IBM’s InfoMarket service (now defunct?). i.e. e-commerce origins: The infoMarket service is using Cryptolopes to obtain both service revenue, through reselling a wide range of premium business information by the document, and licensing revenue, from companies that set up Cryptolope clearinghouses for defined uses. [Benton 1996] 1995) Kaplan delivers initial prototype 1996?) IBM licenses Xerox PARC’s Digital Property Rights Language (DPRL) for use in Cryptolopes 1997-98) “Safeguarding Digital Content” series appears in Dlib magazine, describing the motivation and architecture of cryptolopes. Current) Cryptolopes have been integrated into IBM’s digital library management software.

5 Motivation Superdistribution Since distributing info is cheap, we should be able to broadcast it in bulk. i.e. Give information away, then charge for the rights to use it. e.g. Partially functional software downloads The idea of superdistribution is due to Ryoichi Mori. See Kaplan, Cox [1994].

6 Motivation 4 goals of rights management for digital content –Authentication of both provider & reader –Authentication of content –Reader privacy –Superdistribution [Kohl et al. (1997)]

7 Motivation Secure documents, open channels Traditional intellectual property protection invovles secure channels (SSL/SHHTP) This is fine for purposes of transmission But doesn’t protect against illegal copying after legal transmission

8 Motivation Secure documents, open channels Instead of protecting the channel, Cryptolopes protect at the document level. Getting the document is free, but getting access to the document costs. So give the documents away! i.e. superdistribution!

9 Motivation CustomizabilitySuccessful rights management depends on the context in which transactions take place. Content protection must be easily customizable. Rights management must be automated, and must scale well.

10 Motivation Parties involved in content distribution from http://www.dlib.org/dlib/may97/ibm/05gladney.htmlhttp://www.dlib.org/dlib/may97/ibm/05gladney.html

11 Analysis Basic idea of a cryptolope (cryptographic envelope): –Digital content is encrypted by the creator –Encrypted content is bundled into a cryptolope with non-encrypted (clear) metadata and associated authentication material –Encrypted content is freely distributed –Using clear metadata, users decide if they want to “license” the material –If so, users “purchase” decryption key from publisher

12 Architecture 3-tiersKohl et al. (1997) and Gladney et al. (1997) describe rights management software utilizing 3 parties Creator Publisher Customer

13 Architecture 3-tiered distribution of digital content from http://www.dlib.org/dlib/september97/ibm/09lotspiech.htmlhttp://www.dlib.org/dlib/september97/ibm/09lotspiech.html

14 Architecture IBM (infoMarket) acts as a potential clearing house Creators may set up their own clearing house servers [Kohl, et al. (1997)] casts digital libraries as the clearing houses for publishers’ cryptolopes

15 Architecture Structure of a cryptolope from http://www.dlib.org/dlib/september97/ibm/09lotspiech.htmlhttp://www.dlib.org/dlib/september97/ibm/09lotspiech.html

16 Architecture Cryptolope structure: important points –Cryptolope contains the keys to its own content –These keys are themselves encoded –Users buy keys for these keys from clearing house –i.e. clearing house only maintains keys for keys, not keys for content –Checksums assure authenticity of content

17 How does this work? If a user satisfies T/Cs, he is given the key Content is decrypted, shown in “special viewer” Content is authenticated using digital watermark Content is stamped with a user-specific digital fingerprint

18 Technical Details A cryptolope is a *.jar file Authentication via “X.509” certificates, a la Verisign…or you can create your own “lightweight certificates. Emphasis on providing just enough security for the distribution context. [See http://www-4.ibm.com/software/security/cryptolope/about.html for description]http://www-4.ibm.com/software/security/cryptolope/about.html

19 System Requirements Cryptolope viewer application is available for Win32 (only successful under NT) The IBM Digital Library software runs under AIX, MacOS, and Win32. Presumably cryptolope server software does, too…but no mention in IBM docs IBM InfoMarket appears to be defunct (i.e. no readymade clearing house)

20 Summary StrengthsRights management that is flexible regarding: –Level of security –Terms and conditions Protecting at the document level allows liberal distribution

21 Summary WeaknessesProprietary viewing software Reliance on long-term viability of clearing houses Lack of IBM support

22 References Benton, P. (1996). “Packaging Information for Superdistribution” IBM Research Magazine. http://www.research.ibm.com/resources/magazine/1996/issue_3/packinginfo396.html http://www.research.ibm.com/resources/magazine/1996/issue_3/packinginfo396.html Cox, Brad. (1994). “Superdistribution.” Wired. http://www.wired.com/wired/archive/2.09/superdis.htmlhttp://www.wired.com/wired/archive/2.09/superdis.html Gladney, H. M. and Lotspiech, J. B. “Safeguarding Digital Library Contents and Users: Assuring Convenient Security and Data Quality.” In D-Lib Magazine, May 1997. http://www.dlib.org/dlib/may97/ibm/05gladney.html Kaplan, Marc A. IBM Cryptolopes, Superdistribution and Digital Rights Management. http://www.research.ibm.com/people/k/kaplan/cryptolope-docs/crypap.html http://www.research.ibm.com/people/k/kaplan/cryptolope-docs/crypap.html Ulrich Kohl, Jeffrey Lotspiech, and Marc A. Kaplan, "Safeguarding Digital Library Contents and Users: Protecting Documents Rather Than Channels", in D-lib Magazine, September, 1997. http://www.dlib.org/dlib/september97/ibm/09lotspiech.html

Download ppt "IBM’s Cryptolopes"

Similar presentations

Rob Farraher Ken Pickering Lim Vu

Rob Farraher Ken Pickering Lim Vu
Digital Rights Management (DRM) Goal: Provide access control to digital content in order to support a variety of business models. Technical Challenge:

Digital Rights Management (DRM) Goal: Provide access control to digital content in order to support a variety of business models. Technical Challenge:
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Safeguarding and Charging for Information on the Internet Hector Garcia-Molina, Steven P. Ketchpel, Narayanan Shivakumar Stanford University Presented.

Safeguarding and Charging for Information on the Internet Hector Garcia-Molina, Steven P. Ketchpel, Narayanan Shivakumar Stanford University Presented.
Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.

Persistent Protection Using E-DRM Technology Jason Fasoo 06/18/2008.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Protecting Digital Content - The Challenge Andy Barlow CTO – Phocis.

Protecting Digital Content - The Challenge Andy Barlow CTO – Phocis.
Quicktime Howell Istance School of Computing De Montfort University.

Quicktime Howell Istance School of Computing De Montfort University.
1 CS 502: Computing Methods for Digital Libraries Lecture 26 Techniques of Access Management.

1 CS 502: Computing Methods for Digital Libraries Lecture 26 Techniques of Access Management.
1 Planning And Electronic Records Issues For Electronically Enhanced Courses Jeremy Rowe Nancy Tribbensee

1 Planning And Electronic Records Issues For Electronically Enhanced Courses Jeremy Rowe Nancy Tribbensee
Internet Resources Discovery (IRD) IBM DB2 Digital Library Thanks to Zvika Michnik and Avital Greenberg.

Internet Resources Discovery (IRD) IBM DB2 Digital Library Thanks to Zvika Michnik and Avital Greenberg.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 2.1.

Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall 2.1.
1 Copyright and Intellectual Property Design Issues by Jeremy Rowe

1 Copyright and Intellectual Property Design Issues by Jeremy Rowe
Development of Japanese GIS Tool for use in the Humanities ○ Masatoshi ISHIKAWA †, Yoichi KAWANISHI ††, Hidefumi OKUMURA †††, Shoichiro HARA †††† † University.

Development of Japanese GIS Tool for use in the Humanities ○ Masatoshi ISHIKAWA †, Yoichi KAWANISHI ††, Hidefumi OKUMURA †††, Shoichiro HARA †††† † University.
Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © 2005. Aladdin Knowledge Systems.

Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © Aladdin Knowledge Systems.
1 Functional reference model for Digital Rights Management Systems Vural Ünlü / Prof. Dr. Thomas Hess Munich School of Management Berlin, 5. September2004.

1 Functional reference model for Digital Rights Management Systems Vural Ünlü / Prof. Dr. Thomas Hess Munich School of Management Berlin, 5. September2004.
Internet Trust Defined. Delivered. Electronic Business the Way It Was Meant to Be.

Internet Trust Defined. Delivered. Electronic Business the Way It Was Meant to Be.

Similar presentations

Ads by Google