Security Aspects of Drm Systems
نویسندگان
چکیده
Acquiring digital media over the Internet has become commonplace in recent years. Companies are looking into ways to sell their content (music, movies, etc.) over the Internet without the buyer being able to further distribute the work. Digital Rights Management (DRM) systems address this; their main goal is to enable authorised users to access a version of digital content on the terms for which they are authorised whilst preventing all other access to digital content. This is of course not always possible, therefore the field of DRM is also interested in practical security, i.e. security that may theoretically be breakable, but in practice will not be (because the costs outweigh the benefits). So DRM systems aim to achieve a security goal. How well they achieve this goal is unclear. Although various security techniques are being used by DRM systems and being researched for use in DRM systems, there seems to be little research into evaluating the security of an entire DRM system. As security of the individual components of a system does not guarantee security of the system as a whole, this means that currently it is hard to understand what level of security is offered by a DRM system. TNO ITSEF performs security evaluations of both hardware and software products. This paper is a preliminary and condensed report of research into evaluating the security of DRM systems. The main goal of this research is to devise a security evaluation method that has consistent, reciprocal comparable results.
منابع مشابه
Core Security Requirements of DRM Systems
The use of Digital Rights Management (DRM) systems involves several stakeholders, such as the content provider, the license provider and the user, each having their own incentives to use the system. Proper use of the system implies that these incentives can only be met if certain security requirements are fulfilled. Quite some attention in literature has been devoted to specific security aspect...
متن کاملDigital Rights Management: The Four Perspectives of Developers, Distributors, Users, and Lawyers
Digital Rights Management (DRM) refers to a collection of security mechanisms that are widely deployed on a number of copyright-protected digital assets. However, despite the existence of a number of studies of the technical architectures of rights management security systems, there is little scholarly/academic literature dedicated to the human aspects associated with circumvention of DRM secur...
متن کاملAuthentication, Identification Techniques, and Secure Containers - Baseline Technologies
The commercial distribution of multimedia content over the Internet demands high security mechanisms. There is not only the possibility of third persons intercepting the communication, but also the risk of malevolent hackers faking the identity of registered users. This paper describes mechanisms that prevent such attacks. First an overview of cryptographic algorithms is given. After that the t...
متن کاملIdentity Based Drm System with Total Anonymity and Device Flexibility Using Ibes
Most of the Digital Rights Management (DRM) systems fail to cover all requirements like user anonymity, user fairness, security and others. Device based DRM systems, adopted by most providers, lack user fairness and mostly follow proprietary formats. On the contrary, Smart Card DRM systems satisfy user anonymity and fairness, but have certain vulnerabilities, as identified in this paper. We pro...
متن کاملVerification and Application of Conceptual Model and Security Requirements on Practical Drm Systems in E-learning
The paper represents a verification of a previously developed conceptual model of security related processes in DRM implementation. The applicability of established security requirements in practice is checked as well by comparing these requirements to four real DRM implementations (Microsoft Media DRM, Apple's iTunes, SunnComm Technologies’s MediaMax DRM and First4Internet’s XCP DRM). The expl...
متن کامل