Enforcing DRM policies across applications

Authors:
Srijith K. Nair;Andrew S. Tanenbaum;Gabriela Gheorghe;Bruno Crispo
Affiliations:
Vrije Universiteit, Amsterdam, Netherlands;Vrije Universiteit, Amsterdam, Netherlands;University of Trento, Trento, Italy;University of Trento, Trento, Italy
Venue:
Proceedings of the 8th ACM workshop on Digital rights management
Year:
2008

Citing 8
Cited 9

Fair use, DRM, and trusted computing

Communications of the ACM - Digital rights management
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
A technical architecture for enforcing usage control requirements in service-oriented architectures

Proceedings of the 2007 ACM workshop on Secure web services
Toward a Usage-Based Security Framework for Collaborative Computing Systems

ACM Transactions on Information and System Security (TISSEC)
A Virtual Machine Based Information Flow Control System for Policy Enforcement

Electronic Notes in Theoretical Computer Science (ENTCS)
Flicker: an execution infrastructure for tcb minimization

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Security Enforcement Model for Distributed Usage Control

SUTC '08 Proceedings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008)
A general obligation model and continuity: enhanced policy enforcement engine for usage control

Proceedings of the 13th ACM symposium on Access control models and technologies

Efficient license validation in MPML DRM architecture

Proceedings of the nineth ACM workshop on Digital rights management
Privacy-preserving DRM

Proceedings of the 9th Symposium on Identity and Trust on the Internet
CRePE: context-related policy enforcement for android

ISC'10 Proceedings of the 13th international conference on Information security
DRMFS: A file system layer for transparent access semantics of DRM-protected contents

Journal of Systems and Software
Constroid: data-centric access control for android

Proceedings of the 27th Annual ACM Symposium on Applied Computing
Representation-Independent data usage control

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Survey: Usage control in computer security: A survey

Computer Science Review
Kynoid: real-time enforcement of fine-grained, user-defined, and data-centric security policies for android

WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android

Information Security Tech. Report

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present Trishul-UCON (T-UCON), a DRM system based on the UCON_ABC model. T-UCON is designed to be capable of enforcing not only application-specific policies, as any existing software-based DRM solution does, but also DRM policies across applications. This is achieved by binding the DRM policy only to the content it protects with no relations to the application(s) which will use this content. Furthermore, to guarantee that the policy is continuously enforced, we designed T-UCON as a JVM-based middleware that mediates the usage requests of any Java application to the protected content. Each request is granted or denied according to the content policy. We illustrate the unique features of T-UCON by using typical examples of DRM policies such as the pay-per-use and the use only N times scenarios. Preliminary results on the overhead of our solution are also provided.