Presentation is loading. Please wait.

Presentation is loading. Please wait.

DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology.

Published byJuliana Henderson Modified over 9 years ago

Similar presentations

Presentation on theme: "DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology."— Presentation transcript:

1 DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology

2 Outline  A DRM Reference Architecture  Content server  License Server  Client  DRM Technologies  Encryption  Watermarking  …

3 The DRM Reference Architecture Three major components of the DRM reference architecture Content Repository Product Information DRM Packager Rights Encryption Keys DRM License Generator Identities Content Package Content Metadata DRM Controller License Keys Rights Rendering Application Identity Content Server License Server Client

4 Content Server  Content server is the component that is most likely to locate behind the content provider’s firewall, consisting  Content repository  Actual content  Information about the products or services the content provider want to distribute  DRM packager  Functionality to prepare content for DRM-based distribution

5 Content Repository  A content provider who implements a DRM solution has a repository of content, and the repository contains  Content either in a suitable format for distribution or can be put into the correct format on demand  Metadata  Form a pragmatic viewpoint, the repository would be a file server or a database server

6 Product Info  Content provider typically have catalogs of product information for their products in physical media.  These contain metadata about products, such as  Price  Marketing information  Format  Physical dimension  … Metadata exist both in content repository and product info databases

7 DRM Packager  DRM Packager (content packager)  Functionality that preparing content for distribution through the system  The packager does its job when  Before putting the content into the repository  On-the-fly before distribution  In addition to the content, two types of metadata are especially prevalent in DRM packages  Identification  Discovery

8 DRM Packager (cont.)  Tasks of the packager  Encryption (or at least tamperproof) on the content and the metadata  Create description of the rights to the content on which the provider allow the users to exercise  Modern DRM systems separate rights information from content packages by encapsulating the former in licenses Q: Why not bundle rights in with the content package? Multiple sets of rights for a given piece of content A set of rights applied to more than one pieces of content Certain types of content reside on the server only e.g. streaming media

9 The License Server  Licenses contain information about  The identity of the user or device that want to exercise rights to content  Identification of the content to which the rights apply  Specifications of those rights An analogy to DRM licenses in the real world is tickets for plane and trains.

10 The License Server (cont.)  The license generator takes in the following components to produce the license  Rights specifications  Encryption keys  Identity From the DRM packager

11 The Client  The DRM controller does the following things:  Receives the user’s request to exercise rights on a content package  Gathers the user’s identity information and obtains a license from the license server  Authenticates the application that perform the rights exercise, such as rendering  Retrieve encryption keys from the license, decrypts the content, and releases it to the rendering application

12 DRM Events on the Client Side  The DRM controller on the client side has to check the rendering application at some time  To avoid making unauthorized copies  To check certain rights limits Content Repository Product Information DRM Packager Rights Encryption Keys DRM License Generator Identities Content Package Content Metadata DRM Controller License Keys Rights Rendering Application Identity Content Server License Server Client (1) Obtaining the content package (2) Activating the DRM controller (3) Sending info to the License Server (4) Authenticating the client’s identity (5) Look up rights info. (6) Financial transactions (7) Generating the license (8) Sending back the license (9) Decrypting the content and releasing it to the rendering application

13 Rendering Applications  Types of rendering applications  Stand-alone rendering application  Installation and training may stop common users  Distribution can cause problems  Plug-in  Users get it with more motivations and less trouble  Not as secure as one that is purpose-built  Java technology  No installation is needed  The “write once, run anywhere” promise was never delivered

14 Identifications  For Users  A piece of information that you supply, such as name, E-mail address, ID, password…etc  A piece of information inherent to you, such as a biometric  Digital certificate, network passport…  For devices  Serial numbers on components, such as IP, MAC address, or serial number on HDD  Considerations  Privacy  Dynamic or non-unique nature

15 Streaming Content  Current low-quality streaming content may not needed to be protected  Poor quality  Large volume for raw-saved file  Packet loss  With the advanced H/W performance and the improved infrastructure, the protection of streaming data will be an important issue

16 Encryption  Encryption in DRM  The most common means for copy protection  The core technology most closely associated with DRM  Everyone has heard about encryption, few people really understand it  Goals of encryption in DRM  To prevent content from being accessible in its native format all the time except when the DRM controller permits it

17 Strength of Encryption  Strength of Encryption  The length of time it would take for a cracker to break it using a brute-force attack  Key length  The algorithm’s susceptibility to various clever forms of cryptanalysis  Heuristic guesses  Patterns of random numbers  System holes  Human fallibility

18 Encryption Schemes in DRM  Public-key encryption  Too inefficient to encrypt content  E.g.  RSA  Symmetric-key encryption  Popular for content encryption  DES  AES  Magnolia

19 Temper-proofing  Hash values (digest) can be used to ensure that contents of the file is not tempered …We will meet at school on May 31, 2002… Digest Algorithms Key 71123223234 …We will meet at school on May 31, 2003… Digest Algorithms Key 12940575753

20 Digital Certificates  Certificates are important ways of establishing the identities of both users and organizations  CA-the organizations that create, store, and manage digital certificates, have business that fundamentally depend on their being trustworthy  CA will lost its business if  Allowing a user to create a certificate under false circumstances  Allowing a data inside the certificate to be tampered with  Leaking the information inside the certificate to the third party

21 Digital Signatures  Combining both certificates and digests  A digital signature ensures both the content of a message and the identity of the person who signs it  According to the Electronic Signature Act signed into law in 2000, digital signatures are now legally acceptable replacement for handwritten signatures  Usually implemented with public-key encryption

22 Watermarking  Watermarks are meant to convey some information about a document in a way that  Do not interfere with the appearance or readability of the document  Inextricably bound together with the document  Characteristics  Undetectability  Robustness  Capacity  Security  Efficiency

23 Watermarks v.s. Encryption Music Metadata Encryption DRM Packager Music Metadata DecryptionPlayer Metadata DRM Controller Music Metadata Watermark Embedding DRM Packager Music Metadata Watermark Extraction Player Metadata Watermarked File

24 Watermark and Decryption DRM Controller Music Metadata Watermark Embedding DRM Packager Music Metadata Watermark Extraction Player Metadata Watermarked File Encryption Music Metadata Decryption Music Metadata

Download ppt "DRM Building Blocks - Protecting and Tracking Content Adopted from Chapter 5, Digital Rights Management Business and Technology."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Cryptography Basic (cont)

Cryptography Basic (cont)
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Similar presentations

Ads by Google