Your SlideShare is downloading. ×
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
iDRM – Interoperability Mechanisms for Open Rights Management Platforms
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

iDRM – Interoperability Mechanisms for Open Rights Management Platforms

1,091

Published on

PhD presentation at UPC, Barcelona, Spain

PhD presentation at UPC, Barcelona, Spain

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,091
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
41
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. iDRM – Interoperability mechanisms for Open Rights Management platforms Ph.D. Dissertation Lecture Professor Jaime Delgado*, Professor Miguel Dias** Carlos Serrão *UPC/AC/DMAG, Barcelona, Spain *IUL-ISCTE/DCTI/ADETTI, Lisboa, Portugal *cserrao@ac.upc.edu **carlos.serrao@iscte.pt carlos.j.serrao@gmail.com *http://www.upc.edu UPC - Universitat Politecnica de Calalunya **http://www.iscte.pt 3rd. December, 2008
  • 2. Summary   Context and State of the Art   Specific Contributions   Rights Management interoperability and SOA   Using PKI towards Rights Management interoperability   Open Rights Management as a mean for interoperability   Secure Key and License management for open RM platforms   The OpenSDRM open RM platform   Wallet Rights Management interoperability middle-ware   License Templates   OpenSDRM use-cases and experiences   Conclusions and Future Work   Questions 2 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 3. Context and State of the Art
  • 4. Content Compression Content 4 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 5. Content   Advantages and Opportunities   Better content   New and better delivery channels   New customers   Fast delivery   ...   Disadvantages and Challenges   Piracy and Uncontrolled distribution   ... 5 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 6. Content   Answer from content industry   Digital   Rights   Management   and   Copy   Protection/Prevention 6 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 7. DRM interoperability   DRM involves the:   description   layering   analysis   valuation   trading   and monitoring of rights   over an individual or organization's assets, in digital format. 7 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 8. Digital Content Value-Chain Creator Publisher Aggregator Distributor Retailer Consumer Content Creation, Capture Content Rights Establishment Content Rights Validation Content Packaging Content Repository Content Trading Content Distribution Content Trading Content Distribution Content Payment Content Trading Permission Management 8 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 9. remixed r/w culture 9 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 10. Digital Content Value-Chain Creator Publisher Aggregator Consumer is PublisherConsumer is Consumer is Distributor is Aggregator Consumer is Creator Consumer Retailer Consumer Distributor Retailer   Consumers are “active” not “passive”   Consumers take other roles on DCVC   Changes the established rights management logic 10 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 11. interoperability 11 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 12. Digital Rights Management   DRM 1.0 failure   Vulnerable DRM systems   Limitations to user experience   Limited availability   Offer limited protection   Imposition to end-users   Lack of interoperability   DRM 2.0 must solve these issues 12 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 13. Digital Rights Management DRM 1.0 DRM 1.5 DRM 2.0 13 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 14. Digital Rights Management   DRM Layers Rights Management Rights Enforcement Copy Protection 14 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 15. Digital Rights Management   DRM Layers – non-interoperable Rights Management X Rights Management DRM A DRM B Rights Enforcement X Rights Enforcement Copy Protection X Copy Protection 15 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 16. Digital Rights Management   DRM Layers - interoperable Rights Management Rights Management Rights Enforcement Rights Enforcement Copy Protection Copy Protection 16 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 17. Digital Rights Management   Interoperability strategies (International Standards):   Full format interoperability   Connected interoperability   Configuration driven interoperability [Koenen et al., 2004] [Kalker et al., 2007] 17 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 18. Digital Rights Management DRM 1.0 DRM 1.5 DRM 2.0 Interoperability 18 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 19. Contributions
  • 20. Contributions   Motivations/Objectives   Study the applicability of SOA to the creation of interoperable rights management services   Use PKI-based solutions to create common trust environments between different RM solutions/services   Design and implement an open, distributed, service-based architecture for interoperable rights management infrastructure   Based on the key management life cycle, create a generic model for secure license and key management for rights management solutions   Create an open and interoperable RM services-based platform (OpenSDRM)   Study and develop a mechanism to provide interoperability between different content rendering applications and abstraction from REL   Evaluate the flexibility and adaptation of OpenSDRM to multiple use-cases and scenarios 20 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 21. Rights Management Interoperability and Service Oriented Architectures Contributions
  • 22. RM interoperability and SOA   SOA and Web-Services allow an easy and standard decoupling mechanisms for application integration   This decoupling works based on three pillars:   Service Provider (WSDL)   Service Requester (SOAP)   Service Broker (UDDI)   Allows the distribution of services through an open network, using open standards – such as HTTP 22 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 23. RM interoperability and SOA   Idea/Objective   Identification of most relevant rights management services   “Abstract” its proprietary implementation, through a well-defined and public interface using WSDL   Interaction between services, can be performed via:   Proprietary communication channels, if they are internal to the same rights management solution   Open SOA channels, if they are to be interoperable between different rights management solutions 23 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 24. RM interoperability and SOA   Service decoupling Service Broker Request service WSDL Service Other Service proprietary internal Interface implementation Proprietary Services communication Services Open communication services (SOAP/HTTP)‫‏‬ WSDL Service Other Service proprietary internal Interface implementation Proprietary Services communication Services 24 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 25. RM interoperability and SOA 25 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 26. RM interoperability and SOA 26 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 27. RM interoperability and SOA UDDI Service Broker Publish the RM Ask for service service description location and description SOAP Communication with the specific RM service DRM Governed content 27 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 28. RM interoperability and SOA   Relevant papers   Serrão C., Dias M., Delgado J., “Using Service-oriented Architectures towards Rights Management interoperability”, in Proceedings of the International Joint Conferences on computer, Information and Systems Sciences and Engineering (CISSE06), University of Bridgeport, USA, 4-14 December, 2006   Serrão C., Fonseca P., Dias M., Delgado J., “The Web-Services growing importance for DRM interoperability”, in Proceedings of the IADIS International Conference WWW/Internet 2006, Múrcia, Spain, 5-8 October, 2006   Serrão C., Dias M., Delgado J., “Using Web-Services to Manage and Control Access to Multimedia Content”, in Proceedings of The 2005 International Symposium on Web Services and Applications (ISWS05), Las Vegas, USA, 2005 28 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 29. Using PKI towards Rights Management interoperability Contributions
  • 30. PKI and RM interoperability   From a security point of view, two major aspects need to be considered in any DRM solution:   the digital object protection, in which the digital object is packaged in a specific container that is locked, preventing non- authorized copies or modifications, making usage of strong cryptographic algorithms.   and the fact that through the entire object life cycle a trustworthy environment must be established between the different actors, devices and software components. 30 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 31. PKI and RM interoperability   Trust Environment   In a common DRM system, trust must be established between the different elements   The way this trust environment is accomplished differs from DRM implementation to implementation   There is no common trust system   This creates interoperability problems 31 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 32. PKI and RM interoperability Users Content Users Content Users Content Users Content DRM A DRM B DRM C DRM D Trust Trust Trust Trust Mechanism A Mechanism B Mechanism C Mechanism D Non-Interoperability points 32 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 33. PKI and RM interoperability   Public-Key Infrastructures (PKI) are important for trust environment establishment   PKIX (PKI for X.509) is currently one of the most deployed PKI technologies, present in many security solutions   PKI offers functions/services that are crucial to the establishment of trust environments:   Certification Authority   Registration Authority   Repository   Archive 33 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 34. PKI and RM interoperability   PKIX supports most of the security and trust functions that DRM needs   DRM systems can “deliver” their security and trust requirements “in the hands” of an underlying PKIX system   This would simplify the task of DRM interoperability 34 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 35. PKI and RM interoperability   Two approaches for DRM interoperability through PKI:   Use a single PKI service shared by all DRM systems;   Each DRM use their own PKI service, and brokering mechanisms are used between them 35 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 36. PKI and RM interoperability All the different DRM systems use the same PKI solution, to establish the necessary trust environment between the different actors, devices or software components. 36 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 37. PKI and RM interoperability The different DRM systems have their own PKI, and a PKI broker is used to build interoperable trust environments between the different actors, devices and software components of the different DRM systems. 37 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 38. PKI and RM interoperability   1st Scenario   The same PKI offers to the different DRM components, trust credentials, that can be immediately trusted between different DRM systems   This is however a low probability scenario. DRM systems will adopt their own PKI solutions 38 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 39. PKI and RM interoperability   2nd Scenario   Reflects what is happening now – each DRM chooses its own PKI solution   “Local” and “External” interoperability   “Local” - the internal components of a DRM system rely on the trust provided by their own PKI   “External” - the components of different DRM systems, have to build trust relationships using a PKI broker 39 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 40. PKI and RM interoperability   Relevant papers   Serrão C., Torres V., Delgado J., Dias M., “Interoperability Mechanisms for registration and authentication on different open DRM platforms”, in International Journal of Computer Science and Network Security, Vol. 6, Number 12, Pages 291-303, December, 2006   Serrão, C., Serra A., Dias M., Delgado J., “PKI as a way to leverage DRM interoperability”, In Proceedings of the IADIS International Conference on Telecommunications, Networks and Systems 2007 (TNS2007), Lisboa, Portugal, 3-5 July, 2007 40 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 41. Open Rights management as a mean for interoperability Contributions
  • 42. Open RM and Interoperability   “open” is an important key in interoperability   “open”, in RM has three dimensions   open specifications   open interfaces   open-source 42 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 43. Open RM and Interoperability   Open-source DRM platforms   Media-S   OpenIPMP   DReaM   Chillout   OpenSDRM   Open-specification DRM platforms   MIPAMS   OMA-DRM 43 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 44. Open RM and Interoperability   Open-source DRM platforms comparison   Organisation   License   Activity   Base components   Development status   Deployment   Number of Developers   Fields of Applicability   REL Support   Content Support 44 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 45. Open RM and Interoperability   Open RM SWOT analysis 45 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 46. Open RM and Interoperability   Two dimensions for the Interoperability problem:   DRM complexity:   protection (encryption, decryption, watermarking, key distribution, etc.);   authorization based on licenses (rights expressions, verification, license distribution, etc.);   Metadata;   Enforcement;   Governance;   Authorities;   and others.   How we try to get interoperability -> definition of different DRM interoperability levels:   Proprietary systems;   Standards and architectures;   Software framework based;   Open Source. 46 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 47. Open RM and Interoperability   Broker-based open RM interoperability 47 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 48. Open RM and Interoperability   Relevant papers   Serrão C., Torres V., Delgado J., Dias M., “ How Open DRM platforms can shape the future of DRM”, in IEEE Multimedia   Serrão C., Marques J., Dias M., Delgado J., “Open-Source Software as a Driver for Digital Content E-Commerce and DRM interoperability”, in Proceedings of the Europe-China Conference on Intellectual Property in Digital Media – Optimisation of Intellectual Property in Digital Media (IPDM06), Shangai, China, 18-19 October, 2006 48 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 49. Secure Key and License Management for open Rights Management platforms Contributions
  • 50. Secure key and license management   Some of the functions of modern DRM involves the use of several security technologies:   Public-key cryptography   Secret-key cryptography   Digital signatures   Digital certificates   ... and others.   All this keying material should be properly managed, to avoid security breaches...   ... and this brings us to Key Management. 50 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 51. Secure key and license management   Key Management Life Cycle 51 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 52. Secure key and license management   Key Management Life Cycle   It is important to study on the different DRM solutions handle this functionalities   Establish a common secure license and key management life-cycle   Implementing a broker-based interoperable key management system   As a mechanism for DRM interoperability 52 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 53. Secure key and license management   Key Management and DRM   DRM uses keying material in several situations:   Entities (content providers, users, ...) registration and management   Software applications and components registration and management   Content security   Rights management and enforcement (licenses) 53 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 54. Secure key and license management   Rights Expression Languages (REL)   Allow the expression of copyright   Allow the expression of contracts or license agreements   Allow to control over access and/or use   Mostly used to express DRM-governed content licenses   Licenses express how a governed-content can be used   Expressed in a specific format/notation (XML, Text, Graph theory, ...)   XrML and ODRL are two of the most used   May contain protected keying material information to be used with the protected digital content 54 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 55. Secure key and license management   Depending on the DRM scenario and implementation licenses can be used or not   This gives 6 different scenarios:   Licenses are used in DRM   License contains CEK   License is inside digital content   License is outside the digital content   License don't have CEK   License is inside digital content   License is outside the digital content   Licenses are not used in DRM   CEK is inside digital content   CEK is not inside the digital content 55 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 56. Secure key and license management   License topology 56 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 57. Secure key and license management 57 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 58. Secure key and license management   Analysis of key management in open RM platforms 58 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 59. Secure key and license management   Relevant papers   Serrão, C., Serra A., Dias M., Delgado J., quot;Key Management in open DRM Platforms”, in the Proceedings of the 3rd. International Conference of Automated Production of Cross Media Content for Multi-channel Distribution (AXMEDIS2007), Barcelona, Spain, 28-30 November, 2007   Serrão, C., Serra A., Dias M., Delgado J., “Secure License Management - Management of Digital Object Licenses in a DRM environment”, In Proceedings of the International Conference on Security and Cryptography (SECRYPT2007), Barcelona, Spain, 28-31 July, August, 2007   Serrão, C., Serra A., Dias M., Delgado J., quot;Protection of MP3 Music Files Using Digital Rights Management and Symmetric Cipheringquot;, in the Proceedings of the 2nd. International Conference of Automated Production of Cross Media Content for Multi-channel Distribution (AXMEDIS2006),  Leeds, United Kingdom, 13-15 December, 2006 59 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 60. The OpenSDRM open rights management platform Contributions
  • 61. OpenSDRM   What is OpenSDRM?   Distributed DRM architecture   Each of the functionalities is implemented has an independent distributed service   There can exist multiple instances of the same service provided by different entities   incorporate the previous contributions 61 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 62. OpenSDRM   OpenSDRM is open:   open-source   open specifications   open interfaces   open to different types of content   open to support many different business models   open to interoperability 62 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 63. OpenSDRM 63 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 64. OpenSDRM   Relevant papers   Serrão C., Dias M., Kudumakis P., “From OPIMA to MPEG IPMP-X - A standard’s history across R&D projects”, in Special Issue on European Projects in Visual Representation Systems and Services, Image Communications, Volume 20, Issue 9-10, Pages 972-994, Elsevier, 2005   Serrão C., quot;Open Secure Infrastructure to control User Access to multimedia contentquot;, in Proceedings of the 4th. International Conference on Web Delivering of Music (WEDELMUSIC2004), Barcelona, Spain, 2004   Serrão C., Neves D., Kudumakis P., Barker T., Balestri M., quot;OpenSDRM – An Open and Secure Digital Rights Management Solutionquot;, in Proceedings of the IADIS International Conference e-Society 2003, Lisboa, Portugal, 3-6 June, 2003 64 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 65. Wallet Rights Management interoperability middleware Contributions
  • 66. Wallet RM interoperability middle-ware 66 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 67. Wallet RM interoperability middle-ware   DRM-governed content life cycle 67 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 68. Wallet RM interoperability middle-ware   Relevant papers   Serrão C., Dias M., Delgado J., “Digital Object Rights Management – Interoperable client-side DRM middleware”, In Proceedings of the International Conference on Security and Cryptography (SECRYPT2006), Setúbal, Portugal, 7-10 August, 2006   Serrão C., Dias M., Delgado J., “Bringing DRM interoperability to digital content rendering applications”, in Proceedings of the CISSE05 – The International Joint Conferences on Computer, Information, and System Sciences, and Engineering, Springer, ISBN: 978-1-4020-5260-6, University of Bridgeport, USA, 10-20 Dezembro, 2005 68 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 69. License Templates Contributions
  • 70. License Templates   Complex RM environments   Content Provider - License Provider - User CRA   Support for multiple license format is *not* assured   Possible solutions   REL translation   License in one format is translated to other format   Templates   Specific REL license templates created “a priori”, and instantiated when the license is to be issued 70 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 71. License Templates   License template definition process 71 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 72. License Templates   Relevant papers   Serrão C., Dias M., Delgado J., “Using ODRL to express rights for different content usage scenarios”, in Proceedings of the ODRL2005 – 2nd International ODRL Workshop 2005, Lisboa, Portugal, 7-8 July, 2005   Serrão C., Dias M., Delgado J., “Bringing DRM interoperability to digital content rendering applications”, in Proceedings of the CISSE05 – The International Joint Conferences on Computer, Information, and System Sciences, and Engineering, Springer, ISBN: 978-1-4020-5260-6, University of Bridgeport, USA, 10-20 Dezembro, 2005 72 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 73. OpenSDRM experiences and use-cases Contributions
  • 74. OpenSDRM experiences and use-cases   OpenSDRM usage cases:   Digital Music, MOSES FP5-IST project, Music-4You.com   JPEG2000 digital images, HICOD2000 ESA RTD project   Video-Surveillance, WCAM FP6-IST project   Home Networking Digital Music, MediaNet FP6-IST project 74 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 75. OpenSDRM experiences and use-cases   Relevant papers   Serrão C., “Music-4you.com – Digital Music E-Commerce Case Study”, in IADIS International Journal on Internet/WWW, Volume 3, Issue 1, ISSN 1645-7641, 2005   Carvalho H., Serrão C., Serra A., Dias M., “Flexible Access to ESA Earth Observation data using JPEG2000 and DRM”, in Proceedings of the Fourth Conference on Imaging Information Mining (ESA-EUSC2006), Madrid, Spain, 27-28 November, 2006   Serrão, C., Dias M., Serra A., Carvalho H., quot;Accessing Earth Observation data using JPEG2000quot;, in Proceedings of the Symposium on Computational Modelling of Objects Represented in Images (CompImage2006), Coimbra, Portugal, 20-21 October, 2006   Serrão, C., Dias L., Serra A., Dias M., quot;JPEG2000 Image Compression and Visualization for Desktop and Mobile Clientsquot;, in Proceedings of the Atlantic Europe Conference on Remote Imaging and Spectroscopy (AECRIS2006), International Journal of Internet Protocol Technology, Preston, United Kingdom, 11-12 September, 2006 75 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 76. Conclusions and Future Work
  • 77. Conclusions   The objective of this work was to present several mechanisms to improve the RM non-interoperable panorama   Some specific mechanisms were selected to study its applicability to RM interoperability   RM interoperability is not an easy problem   This thesis does not solve it!!!   However, it contributes with some mechanisms to make the problem less complex.   But, more work needs to be done! 77 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 78. Conclusions   Rights Management and Service-Oriented Architectures   SoA has a huge impact on the software and service distribution (SaaS)   RM can benefit from service distribution, to create heterogeneous RM environments   RM providers decouple RM services   Published, and promoted on UDDI repositories   Approach followed on the OpenSDRM implementation 78 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 79. Conclusions   PKI and rights management interoperability   RMS systems need to establish trust environments and to handle cryptographic material   Most current RM solutions do not rely on existing PKI services – they implement their own proprietary services   Contributed with PKI-based interoperability solution to establish trust – PKI-broker to establish trust between different RM solutions   Design and establishment of protocols to create trust environments between different RM solutions 79 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 80. Conclusions   Open rights management towards interoperability   Commercial RM solutions are vertical, closed and non-interoperable – alternative is an open model   Open RM solutions were identified, classified and included in three categories: open-source, open specifications and open interfaces   A SWOT analysis was conducted to identify the major advantages and drawbacks of having open RM solutions 80 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 81. Conclusions   Secure key and license management for open rights management   Security is central to RM systems   Appropriate secure management of rights and key management are of extreme importance   Scenarios between the REL, the digital object and the CEK were identified   Description of the license management life cycle   Identify how the different RM handle the key management life cycle   Lack of support behind the pre-operational and operational stages   Proper key management is crucial for security management 81 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 82. Conclusions   OpenSDRM open rights management architecture   Design and implementation of an open RM platform   Based on a service oriented approach   E2E RM services for the DCVC   Detailed security mechanisms and protocols 82 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 83. Conclusions   Wallet rights management interoperability middle-ware and license templates   Establishment of a client-side RM middle-ware to provide interoperability between different CRA   Abstraction layer between the CRA and DRM regime   Request authorizations to the RM layer to render content   Creation of and usage of license rights templates to offer RM interoperability between multiple content providers, license providers and user-devices   Expression of particular business model using different license templates   Facilitate the interoperation between different REL 83 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 84. Conclusions   OpenSDRM use-cases   Demonstrate the OpenSDRM applicability, adaptability and interoperability to:   Multiple business models   Multiple content types   Multiple CRA 84 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 85. Conclusions   Using of SoA to enable the RM services interoperability   Establishment of common trust environments, using PKI mechanisms, to provide interoperability   Analyse how open RM can contribute to RM interoperability and define an approach for open RM platforms based on SWOT analysis   Define how to manage securely both keys and licenses throughout their life-cycle, across open RM platforms   Creation of an open and services based RM platform that enables interoperability between different scenarios   Design of an abstraction mechanism between content rendering and RM, and abstraction mechanism between the content provider business model and the REL used   Evaluate the usage of contributed mechanisms on different usage scenarios 85 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 86. Conclusions 86 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 87. Conclusions   Future work   Interoperable RM brokerage   Economic impact of OpenSDRM disintermediation   Key and license management on super-distribution   OpenSDRM development and improvement 87 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  • 88. Questions Thank you for your time and your patience…
  • 89. iDRM – Interoperability mechanisms for Open Rights Management platforms Ph.D. Dissertation Lecture Professor Jaime Delgado*, Professor Miguel Dias** Carlos Serrão *UPC/AC/DMAG, Barcelona, Spain *IUL-ISCTE/DCTI/ADETTI, Lisboa, Portugal *cserrao@ac.upc.edu **carlos.serrao@iscte.pt carlos.j.serrao@gmail.com *http://www.upc.edu UPC - Universitat Politecnica de Calalunya **http://www.iscte.pt 3rd. December, 2008

×