SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Communications of the ACM
Digital Rights Management: Business and Technology
Digital Rights Management: Business and Technology
Communications of the ACM - Digital rights management
Fair use, DRM, and trusted computing
Communications of the ACM - Digital rights management
Communications of the ACM - Digital rights management
Encouraging recognition of fair uses in DRM systems
Communications of the ACM - Digital rights management
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Implications of Digital Rights Management for Online Music - A Business Perspective
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Secure object identification: or: solving the Chess Grandmaster Problem
Proceedings of the 2003 workshop on New security paradigms
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Hi-index | 0.00 |
Digital Rights Management (DRM) systems aim at providing the appropriate environment for trading digital content while protecting the rights of authors and copyright holders. Existing DRM systems still suffer from a variety of problems that hamper their deployment: they (i) cannot guarantee policy enforcement on open platforms such as today's PCs, (ii) offer only unilateral security, i.e., focus mainly on requirements of the content owners/providers and not on those of consumers such as privacy, and (iii) restrict users regarding many legally authorized uses (fair use), e.g., disallow consumers to make backups. In this paper we present a security architecture for computing platforms that, in the sense of multilateral security, is capable of enforcing policies defined by end-users and content providers. Our model provides methods and principles to practitioners to model and construct such systems based on a small set of assumptions. Further, we show how such a platform can be implemented based on a microkernel, existing operating system technology, and trusted computing hardware available today. Moreover, the platform's functionality can be extended with a mechanism called property-based attestation to prevent discrimination of open-source software and to protect the consumers' privacy.