Communications of the ACM
How to Manage Persistent State in DRM Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Towards multilateral secure digital rights distribution infrastructures
Proceedings of the 5th ACM workshop on Digital rights management
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Analysis of the Intel Pentium's ability to support a secure virtual machine monitor
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Software license management with smart cards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Enabling fairer digital rights management with trusted computing
ISC'07 Proceedings of the 10th international conference on Information Security
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Secure offline superdistribution for mobile platforms
International Journal of Applied Cryptography
TruWallet: trustworthy and migratable wallet-based web authentication
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Wake up or fall asleep-value implication of trusted computing
Information Technology and Management
Securing peer-to-peer distributions for mobile devices
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Towards user-friendly credential transfer on open credential platforms
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Credential life cycle management in open credential platforms (short paper)
Proceedings of the sixth ACM workshop on Scalable trusted computing
Trusted virtual domains – design, implementation and lessons learned
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Enabling fairer digital rights management with trusted computing
ISC'07 Proceedings of the 10th international conference on Information Security
Proceedings of the 6th International Conference on Security of Information and Networks
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Today, digital content is routinely distributed over the Internet, and consumed in devices based on open platforms. However, on open platforms users can run exploits, reconfigure the underlying operating system or simply mount replay attacks since the state of any (persistent) storage can easily be reset to some prior state. Faced with this difficulty, existing approaches to Digital Rights Management (DRM) are mainly based on preventing the copying of protected content thus protecting the needs of content providers. These inflexible mechanisms are not tenable in the long term since their restrictiveness prevents reasonable usage scenarios, and even honest users may be tempted to circumvent DRM systems. In this paper we present a security architecture and the corresponding reference implementation that enables the secure usage and transfer of stateful licenses (and content) on a virtualized open platform. Our architecture allows for openness while protecting security objectives of both users (flexibility, fairer usage, and privacy) and content providers (license enforcement). In particular, it prevents replay attacks that is fundamental for secure management and distribution of stateful licenses. Our main objective is to show the feasibility of secure and fairer distribution and sharing of content and rights among different devices. Our implementation combines virtualization technology, a small security kernel, trusted computing functionality, and a legacy operating system (currently Linux).