Beyond separation of duty: An algebra for specifying high-level security policies
Journal of the ACM (JACM)
A formal conceptual model for rights
Proceedings of the 8th ACM workshop on Digital rights management
On the operational semantics of rights expression languages
Proceedings of the nineth ACM workshop on Digital rights management
An interoperable usage management framework
Proceedings of the tenth annual ACM workshop on Digital rights management
A domain specific language for usage management
Proceedings of the 11th annual ACM workshop on Digital rights management
A proof-carrying file system with revocable and use-once certificates
STM'11 Proceedings of the 7th international conference on Security and Trust Management
| Hi-index | 0.00 |
Digital music players protect songs by enforcing licenses that convey specific rights for individual songs or groups of songs. For licenses specified in industry, we show that deciding whether a license authorizes a sequence of actions is NP-complete, with a restricted version of the problem solvable efficiently using a reduction to maximum network flow. The authorization algorithm used in industry is online, deciding which rights to exercise as actions occur, but we show that all online algorithms are necessarily non-monotonic: each allows actions under one license that it does not allow under a more flexible license. In one approach to achieving monotonicity, we exhibit the unique maximal set of licenses on which there exists a monotonic online algorithm. This set of well-behaved licenses induces an approximation algorithm by replacing each license with a well-behaved license. In a second approach, we consider allowing the player to revise its past decisions about which rights to exercise while still ensuring compliance with the license. We propose an efficient algorithm based on Linear Logic, with linear negation used to revise past decisions. We prove our algorithm monotonic, live, and sound with respect to the semantics of licenses.