Towards multilateral-secure DRM platforms

  • Authors:

  • Ahmad-Reza Sadeghi;Christian Stüble

  • Affiliations:

  • Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany

  • Venue:
  • ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

Digital Rights Management (DRM) systems aim at providing the appropriate environment for trading digital content while protecting the rights of authors and copyright holders. Existing DRM systems still suffer from a variety of problems that hamper their deployment: they (i) cannot guarantee policy enforcement on open platforms such as today's PCs, (ii) offer only unilateral security, i.e., focus mainly on requirements of the content owners/providers and not on those of consumers such as privacy, and (iii) restrict users regarding many legally authorized uses (fair use), e.g., disallow consumers to make backups. In this paper we present a security architecture for computing platforms that, in the sense of multilateral security, is capable of enforcing policies defined by end-users and content providers. Our model provides methods and principles to practitioners to model and construct such systems based on a small set of assumptions. Further, we show how such a platform can be implemented based on a microkernel, existing operating system technology, and trusted computing hardware available today. Moreover, the platform's functionality can be extended with a mechanism called property-based attestation to prevent discrimination of open-source software and to protect the consumers' privacy.