Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Mechanical Engineering
  3. Audio Engineering

jayeeta mullick_DRM_1

advertisement 
Tools, Techniques and Standards of
Digital Rights Management Systems
By
Jayeeta Mullick
Overview
•
•
•
•
•
•
What is DRM?
What are the Digital contents?
Tools and Techniques of DRM
DRM Standards
Commercial DRM Systems
DRM and its impacts in Libraries
DRM
Digital Rights Management (DRM) refers to those technologies
which have been specifically developed for managing digital rights.
“Digital rights management (DRM) is a class of access control
technologies that are used by hardware manufacturers, publishers,
copyright holders and individuals with the intent to limit the use of
digital content and devices after sale. DRM is any technology that
inhibits uses of digital content that are not desired or intended by the
content provider.” –wikipedia.
As stated in the eBook User Bill of Rights , “Digital Rights
Management (DRM), like a tariff, acts as a mechanism to inhibit the
free exchange of ideas, literature, and information.”
What are Digital contents?
Digital Materials are mostly digital files or programmes available in
digital environment.
Some of these are
•
•
•
•
•
•
Documents/ E-text
E-books/ E-Publishing
Images
Audio
Video
Software
Theses digital contents are accessed through Computers, Phone,
various types of video or audio players, TV etc.
Tools and Techniques of DRM
I.
Encryption
Encryption is a technique to protect digital work. In this technique
file is encrypted using a key and only the key holders are able to
decrypt the file. Sometimes when key is linked with BIOS or
hardware of the authorized user then the security level will be
increased. The key is the most important component in an
encryption system. In this way unauthorized user access can be
protected but not fully because key holders have the authority to
disclose the key to other users. There are two possible scheme
viz., private key (symmetric) cryptographic and public key
(asymmetric) cryptography.
A key is generally bound to a certificate that attests to the key’s
validity. Keys are generally assigned by trusted third parties, who
are responsible for certifying the security of keys, so that all parties
trust the keys, and for assigning keys to specific users and uses.
Tools and Techniques of DRM
contd.
 Digital Certificate is a special kind of machine-readable document
issued by a trusted Certificate Authority (CA) to an individual or
organization which is unique to them. Some digital certificates
conform to a standard, X.509.
 A Digital Signature is an electronic signature that can be used to
authenticate the identity of a message sender or the signer of a
document, and possibly to ensure that the original content of the
message or document that has been sent is unchanged.
A digital certificate contains the digital signature of the certificateissuing authority so that anyone can verify the authenticity.
Tools and Techniques of DRM
contd.
II. Watermarking
Watermarking is a group of methods and technologies
that can be used to protect digital data. Watermarking
may be used for copyright protection of Digital data. By
watermarking techniques we can protect our files,
images, audio, video, etc. Watermarking may also be
used in authentication, certification, photo development
laboratory, OCR software etc. Some watermarking tools
available are WMT Plus, visual water mark etc.
Tools and Techniques of DRM
contd.
III. Broadcast Flag
The Broadcast Protection Discussion Group (BPDG) is a working
group of content providers, television broadcasters, consumer
electronics manufacturers, information technology companies,
interested individuals. The group proposed that digital TV
programs should be embedded with a "broadcast flag."
A broadcast flag is a set of status bits (or a "flag") sent in the data
stream of a digital television program that indicates whether the
data stream can be recorded, or if there are any restrictions on
recorded content.
Tools and Techniques of DRM
contd.
IV. Licenses
Licenses, sometimes also called end-user license agreements
(EULAs), are a core component of DRM systems. Licenses
documents and control permission are provided to the end users to
access the protected content. Licenses may be hidden in encrypted
content, such as water mark. A license usually communicates
directly with a device to allow access to content.
Many e-publishers, license DRM-enabled content for online
transactions or subscription services. There are various types of
models for distributors and consumers to choose from multiple
fee/free business models. For example, the content could be
included in both the free-content or it could be licensed on a fee-for
pay use by different types of organizations viz. corporate,
government or institutional users.
Organisations need to update & incorporate new licensing
requirements when necessary.
Tools and Techniques of DRM
contd.
V. Secured hardware
In recent years, hardware components with embedded
DRM support and other security features have
emerged to provide support for DRM controlled
content. These include the SD memory card, TPM
(Trusted Platform Module) microcontroller, SVP
(Secure Video Processor).
Tools and Techniques of DRM
VI.
contd.
Secured Transmission Protocols
Several protocols have been developed to secure the transport of
protected content between devices across the networks.
SSL (Secure Sockets Layers) or TLS (Transport Layer Security)
are protocols for cryptographic communications over the internet.
Secure Socket Layer version 3 (SSLv3) and its successor Transport
Layer Security version 1 (TLSv1) are used to provide data integrity
and security for network communications. These security protocols
are used to secure application protocols such as HTTP, FTP, SIP,
SMTP, NNTP, XMPP, and others.
SSLv3/TLSv1 operates on a layer between the transport layer and
the application layer. In this position it can support multiple
application layer protocols by securing the application data before
sending it to the transport layer.
DRM Standards
DRM technologies are cumbersome and can result many
problems for consumers. Such as incompatibility with upgrades
of operating systems, incompatible hardware upgrades,
automatic upgrades from self-renewing DRM systems etc.
DRM systems attempt to address these serious consumer
concerns through DRM standards. It is “An end-to- end process
for content delivery and consumption, specify standardized
technologies for each step of the DRM process, and provide a
certification process for content providers and device
manufacturers to prove compliance with the standard.”
DRM Standards…
• SDMI (Secure Digital Music Initiative)
SDMI was a forum formed in late 1998, composed of
more than 200 IT, consumer electronics, security
technology, ISP and recording industry companies, to
develop technology specifications that protect the
playing, storing, and distribution of digital music.
But since 2001 technology is obsolete as team of
researchers from Princeton and Rice universities
successfully cracked the watermark with the four SDMI
technologies.
DRM Standards…
• CPSA (Content Protection System Architecture)
CPSA is a content technology protection framework that includes
a number of technologies designed to protect content that is
physically distributed through analog tapes or digital media.
CPSA specifies technologies to protect content and to specify
Content Management Information (CMI).
Three basic objectives of CPSA's are:
1. to protect content at its source (wherever it is stored and
whenever it is copied).
2. to protect content as it is transmitted (between transmission
points or between devices).
3. to protect content from unauthorized copying. CPSA relies
primarily on copy control information, watermarks and encryption.
CPSA technology standards…
There are a number of copy control technology standards that can be
included under this CPSA category, some of them are mentioned here.
 CSS (Content Scramble System) is an encryption technology first
introduced in 1996 and is licensed primarily for encrypting content stored on
DVD. CSS utilizes a series of keys for encryption and decryption.
 CPPM (Content Protection for Pre-Recorded Media) utilizes a stronger
encryption algorithm than CSS, key blocks, watermarking and revocation for
compromised devices.
 CGMS (Copy Generation Management System) is information embedded
in video signals, indicating whether the information can be copied, to
prevent both initial and generational (copy of a copy) copying.
 CPRM is a renewable copy protection format for DVD- R/ RW and DVDRAM discs.
Contd.
CPSA technology standards…
• VCPS (Video Content Protection System) provides copy- once
protection for DVD-R and DVD-RW to enable direct digital recording
of digital broadcasts from satellite and cable sources.
• HDCP (High-bandwidth Digital Content Protection) a content
protection system designed to protect illegal transmission of HighDefinition entertainment. It blocks unofficial digital interception and
replication between a player and a monitor. HDCP protects the
contents transmitted through cables using high definition interfaces,
such as DVI (Digital Visual Interface) and UDI (Unified Display
Interface).
It protects transmission of content from a source device to a
destination device, such as TV set-top, using authentification,
encryption and key implementation.
Contd.
CPSA technology standards…
•
DTCP (Digital Transmission Content Protection) protects transmission over
the cable and interface components between two communicating devices
such as USB and fireware. It includes a device authentification and key
exchange protocol. DTCP-IP extends DTCP to support transmission over IP
networks, using 128 bit advanced encryption standard. DTCP are designed
to incorporate with other DRM protocols.
•
Verance VCMS/AV Watermarking Technology protects DVD audio, HDDVD and Blu-ray audio content from being captured by either analog or
digital recorders.
•
AACS (Advanced Access Content System) is a newer encryption standard
for personal computing and consumer electronics devices that is intended to
support high-definition content and to provide stronger protection for digital
audiovisual content than the compromised CSS encryption technology
provides. AACS uses 128-bit AES encryption, and a stronger key
management system that involves media key block technology.
Contd.
CPSA technology standards…
• BD+ is an additional layer of content protection
developed for Blu-ray discs. It is defined as a ‘virtual
machine-based content protection technology’.
• MPEG IPMP-X. The Moving Picture Experts Group
(MPEG) is responsible for a range of standards to
encode and manage digital video and audio. IPMP-X
(Intellectual Property Management and Protection
Extension) is a DRM architecture based on principles
of normative re-use of standard DRM technologies;
mutual authentication to create an authenticated
channel for secure communications
CPSA technology standards…
• OMA DRM is a digital rights management system that
emerged from the Open Mobile Alliance, a consortium of
mobile system manufacturers, mobile phone
manufacturers, mobile telecom providers and IT
companies.
• CMLA (Content Management Licensing Administrator) is
an created by four companies - Intel, Nokia, Panasonic
and Samsung - to implement a “trust model” for the
Open Mobile Alliance (OMA) Digital Rights Management
technical specification version 2.0 standards.
Commercial DRM Systems
In addition to open standards that might be utilized by a range of commercial and
non-commercial entities, there are many proprietary DRM systems
•
DRM technology has been embraced by many of the largest companies in the world
including Apple, Microsoft, Disney, Sony, IBM and Intel.
•
Windows Media DRM (WM-DRM) is an end-to-end DRM system that can be applied
by anyone in a Windows environment to provide secure delivery of digital media over
an IP network.
•
Adobe Acrobat has the facility to protect digital work from copying and pasting.
Adobe has incorporated DRM into its digital creation applications, such as Adobe
Acrobat Professional, which supports assigning digital signatures to verify a file's
authenticity, file encryption, password protection for files, and role-based permissions
for file access and use.
•
Apple FairPlay is a DRM system integrated with QuickTime multimedia technology
that provides DRM for protected digital files for the iPod, iTunes and iTunes Music
Store applications.
DRM and Libraries
In the increasingly protected digital information
space, libraries may be supplying digital content
which is controlled by DRM technologies that the
library may not manage.
Security of digital data and DRM is essential
because through this a large amounts of new
content can be made available in safe, open,
and trusted environments.
DRM and Libraries…..
Contd.
• By embedding controls within the product,
providers can prevent the public from use that is
non-infringing under copyright law as well as
enforce restrictions that extend far beyond those
specific rights enumerated in the Copyright Act
(or other laws). Thus, DRM changes the
fundamental relationship between the creators,
publishers, and users, to the detriment of
creators, users, and the institutions that serve
them.
DRM and Libraries…..
Contd.
But there are significant challenges as well, especially in these
areas:
• Archiving and Future Use
Libraries subscribing online databases, the content and the control
of the content will remain in vendor systems, and libraries are just
"outsource" access to the digital materials.
Some titles are available on a term-limited licensing basis, many
titles are being offered for sale to libraries on a perpetual basis , but
it doesn’t mean that libraries are physically acquiring the digital files.
There is also no guarantee of future access and the addition of DRM
into this can make it more worse.
DRM and Libraries…..
Contd.
• Infrastructural upgrade: access and control
Libraries and archives that deal with electronic formats
have long been concerned about the problem of format
obsolescence, information could be inaccessible or it
cannot be read by modern hardware.
while using these e-documents we have to go through a
complex system to open and read a book, So, its a big
question what happens twenty or fifty or a hundred years
from now when that system no longer exist?
Diversity in e-book formats
Different e-book publishers publish their books in different formats. Like,











Amazon Kindle (published as: .azw; .kf8);
Apple iBooks Author(.iba);
Broadband eBooks ( .lrf; .lrx);
Comic Book Archive file (.cbr , .cbz , .cbt , .cba);
eReader (.pdb);
Hypertext Markup Language (.htm; .html);
Microsoft Reader (.lit);
Mobipocket (.prc; .mobi);
Multimedia eBooks (.exe or .html);
Open Electronic Package (.opf);
Portable Document Format (.pdf) and many more.
So, in such a scenario Hardware, software and OS compatibility are very important
aspects for managing these data in libraries.
conclusion
• There is no doubt that DRM has the potential to
have a tremendous impact on libraries and how
they do their work. Exactly what the impact will
be, is hard to predict today because, this is a
technology in the early stages of its potential
development.
• But it is possible to present some general
cautions based on current experience with
protected works.
Thank You
Related documents
NetIS - C.D.I. Systems Ltd.
NetIS - C.D.I. Systems Ltd.
EQUELLA Flexpaper Solution CH
EQUELLA Flexpaper Solution CH
File
File
Protected Content in Browsers
Protected Content in Browsers
SharePoint 2010 Records Management
SharePoint 2010 Records Management
Inclusive DRM in India - Handicap International Seminars
Inclusive DRM in India - Handicap International Seminars
Inclusive Disaster Risk Management & Handicap International
Inclusive Disaster Risk Management & Handicap International
Document
Document
Download
advertisement