Verification and Application of Conceptual Model and Security Requirements on Practical Drm Systems in E-learning
نویسندگان
چکیده
The paper represents a verification of a previously developed conceptual model of security related processes in DRM implementation. The applicability of established security requirements in practice is checked as well by comparing these requirements to four real DRM implementations (Microsoft Media DRM, Apple's iTunes, SunnComm Technologies’s MediaMax DRM and First4Internet’s XCP DRM). The exploited weaknesses of these systems resulting from the violation of specific security requirements are explained and the possibilities to avoid the attacks by implementing the requirements in designing step are discussed.
منابع مشابه
The Structured Analysis of Requirements and Challenges of E-Learning and Proposing a a Practical Model for Successful Implementation of E- Courses in Medical Sciences
Introduction: The rapid expansion of e-learning elucidates the necessity of paying attention to this phenomenon by all educational centres especially medicals. Considering the importance of this subject and regarding the commencement of new courses in our country as well as the establishment of higher education disciplines, this paper aimed to review the structured analysis of requirements, cha...
متن کاملNuovo DRM Paradiso: Designing a Secure, Verified, Fair Exchange DRM Scheme
We introduce Nuovo DRM, a digital rights management scheme aimed to provide formal and practical security. The scheme is based on a recent DRM scheme, which we formally specify in the μCRL process algebraic language. The original scheme stated the following security requirements: effectiveness, secrecy and resistance of content masquerading. We formalise these security requirements as well as s...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملCore Security Requirements of DRM Systems
The use of Digital Rights Management (DRM) systems involves several stakeholders, such as the content provider, the license provider and the user, each having their own incentives to use the system. Proper use of the system implies that these incentives can only be met if certain security requirements are fulfilled. Quite some attention in literature has been devoted to specific security aspect...
متن کاملPrivate Key based query on encrypted data
Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted d...
متن کامل