iDRM – Interoperability mechanisms for
                  Open Rights Management platforms
                                ...
Summary
        Context and State of the Art
        Specific Contributions
             Rights Management interoperabi...
Context and State of the Art
Content




                                            Compression
                                          Content




...
Content
        Advantages and Opportunities
             Better content
             New and better delivery channels
...
Content
        Answer from content industry
             Digital
             Rights
             Management
       ...
DRM interoperability
        DRM involves the:
             description
             layering
             analysis
  ...
Digital Content Value-Chain

Creator            Publisher            Aggregator       Distributor            Retailer     ...
remixed
                                    r/w
                                  culture


9   [iDRM] - Ph.D. Lecture Dis...
Digital Content Value-Chain

Creator        Publisher            Aggregator Consumer is PublisherConsumer is
             ...
interoperability
11   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
Digital Rights Management
     DRM 1.0 failure
          Vulnerable DRM systems
          Limitations to user experienc...
Digital Rights Management
     DRM 1.0                          DRM 1.5   DRM 2.0




13     [iDRM] - Ph.D. Lecture Disser...
Digital Rights Management
     DRM Layers



                                 Rights Management

                        ...
Digital Rights Management
     DRM Layers – non-interoperable




           Rights Management                     X   Ri...
Digital Rights Management
     DRM Layers - interoperable



          Rights Management                       Rights Man...
Digital Rights Management
     Interoperability strategies (International Standards):
          Full format interoperabi...
Digital Rights Management
     DRM 1.0                          DRM 1.5   DRM 2.0




                    Interoperability...
Contributions
Contributions
     Motivations/Objectives
          Study the applicability of SOA to the creation of interoperable righ...
Rights Management Interoperability and Service
                      Oriented Architectures

                             ...
RM interoperability and SOA
     SOA and Web-Services allow an easy and standard decoupling
      mechanisms for applicat...
RM interoperability and SOA
     Idea/Objective
          Identification of most relevant rights management services
   ...
RM interoperability and SOA
     Service decoupling                            Service
                                  ...
RM interoperability and SOA




25   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
RM interoperability and SOA




26   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
RM interoperability and SOA
                                                UDDI
                                         ...
RM interoperability and SOA
     Relevant papers
          Serrão C., Dias M., Delgado J., “Using Service-oriented Archi...
Using PKI towards Rights Management
                      interoperability

                            Contributions
PKI and RM interoperability
     From a security point of view, two major aspects need to be
      considered in any DRM ...
PKI and RM interoperability
     Trust Environment
          In a common DRM system, trust must be established between t...
PKI and RM interoperability
Users    Content         Users          Content   Users    Content   Users       Content




 ...
PKI and RM interoperability
     Public-Key Infrastructures (PKI) are important for trust
      environment establishment...
PKI and RM interoperability
     PKIX supports most of the security and trust functions that
      DRM needs
     DRM sy...
PKI and RM interoperability
     Two approaches for DRM interoperability through PKI:
          Use a single PKI service...
PKI and RM interoperability


                                           All the different DRM
                           ...
PKI and RM interoperability

                                           The different DRM systems have
                   ...
PKI and RM interoperability
     1st Scenario
          The same PKI offers to the different DRM components, trust
     ...
PKI and RM interoperability
     2nd Scenario
          Reflects what is happening now – each DRM chooses its own PKI
  ...
PKI and RM interoperability
     Relevant papers
          Serrão C., Torres V., Delgado J., Dias M., “Interoperability ...
Open Rights management as a mean for
                     interoperability

                           Contributions
Open RM and Interoperability
     “open” is an important key in interoperability
     “open”, in RM has three dimensions...
Open RM and Interoperability
     Open-source DRM platforms
          Media-S
          OpenIPMP
          DReaM
     ...
Open RM and Interoperability
     Open-source DRM platforms comparison
          Organisation
          License
      ...
Open RM and Interoperability
     Open RM SWOT analysis




     45    [iDRM] - Ph.D. Lecture Dissertation   3rd. Decembe...
Open RM and Interoperability
     Two dimensions for the Interoperability problem:
          DRM complexity:
           ...
Open RM and Interoperability
     Broker-based open RM interoperability




     47    [iDRM] - Ph.D. Lecture Dissertatio...
Open RM and Interoperability
     Relevant papers
          Serrão C., Torres V., Delgado J., Dias M., “ How Open DRM pl...
Secure Key and License Management for open
               Rights Management platforms

                                 Co...
Secure key and license management
     Some of the functions of modern DRM involves the use of
      several security tec...
Secure key and license management
     Key Management Life Cycle




     51    [iDRM] - Ph.D. Lecture Dissertation   3rd...
Secure key and license management
     Key Management Life Cycle
          It is important to study on the different DRM...
Secure key and license management
     Key Management and DRM
          DRM uses keying material in several situations:
...
Secure key and license management
     Rights Expression Languages (REL)
          Allow the expression of copyright
   ...
Secure key and license management
     Depending on the DRM scenario and implementation licenses can
      be used or not...
Secure key and license management
     License topology




     56    [iDRM] - Ph.D. Lecture Dissertation   3rd. Decembe...
Secure key and license management




57   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
Secure key and license management
     Analysis of key management in open RM platforms




     58    [iDRM] - Ph.D. Lect...
Secure key and license management
     Relevant papers
          Serrão, C., Serra A., Dias M., Delgado J., quot;Key Man...
The OpenSDRM open rights management
                            platform

                           Contributions
OpenSDRM
     What is OpenSDRM?
          Distributed DRM architecture
          Each of the functionalities is impleme...
OpenSDRM
     OpenSDRM is open:
          open-source
          open specifications
          open interfaces
       ...
OpenSDRM




63   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
OpenSDRM
     Relevant papers
          Serrão C., Dias M., Kudumakis P., “From OPIMA to MPEG IPMP-X - A
           stan...
Wallet Rights Management interoperability
                             middleware

                               Contribu...
Wallet RM interoperability middle-ware




66   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
Wallet RM interoperability middle-ware
     DRM-governed content life cycle




     67    [iDRM] - Ph.D. Lecture Dissert...
Wallet RM interoperability middle-ware
     Relevant papers
          Serrão C., Dias M., Delgado J., “Digital Object Ri...
License Templates

        Contributions
License Templates
     Complex RM environments
          Content Provider - License Provider - User CRA
          Suppo...
License Templates
     License template definition process




     71     [iDRM] - Ph.D. Lecture Dissertation   3rd. Dec...
License Templates
     Relevant papers
          Serrão C., Dias M., Delgado J., “Using ODRL to express rights for
     ...
OpenSDRM experiences and use-cases

                          Contributions
OpenSDRM experiences and use-cases
     OpenSDRM usage cases:
          Digital Music, MOSES FP5-IST project, Music-4You...
OpenSDRM experiences and use-cases
     Relevant papers
          Serrão C., “Music-4you.com – Digital Music E-Commerce ...
Conclusions and Future Work
Conclusions
     The objective of this work was to present several mechanisms
      to improve the RM non-interoperable p...
Conclusions
     Rights Management and Service-Oriented Architectures
          SoA has a huge impact on the software an...
Conclusions
     PKI and rights management interoperability
          RMS systems need to establish trust environments a...
Conclusions
     Open rights management towards interoperability
          Commercial RM solutions are vertical, closed ...
Conclusions
     Secure key and license management for open rights
      management
          Security is central to RM ...
Conclusions
     OpenSDRM open rights management architecture
          Design and implementation of an open RM platform...
Conclusions
     Wallet rights management interoperability middle-ware and
      license templates
          Establishme...
Conclusions
     OpenSDRM use-cases
          Demonstrate the OpenSDRM applicability, adaptability and
           intero...
Conclusions
     Using of SoA to enable the RM services interoperability
     Establishment of common trust environments...
Conclusions




86   [iDRM] - Ph.D. Lecture Dissertation   3rd. December 2008
Conclusions
     Future work
          Interoperable RM brokerage
          Economic impact of OpenSDRM disintermediati...
Questions

Thank you for your time and your patience…
iDRM – Interoperability mechanisms for
                  Open Rights Management platforms
                                ...
Upcoming SlideShare
Loading in...5
×

iDRM – Interoperability Mechanisms for Open Rights Management Platforms

1,109

Published on

PhD presentation at UPC, Barcelona, Spain

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,109
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
42
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

iDRM – Interoperability Mechanisms for Open Rights Management Platforms

  1. 1. iDRM – Interoperability mechanisms for Open Rights Management platforms Ph.D. Dissertation Lecture Professor Jaime Delgado*, Professor Miguel Dias** Carlos Serrão *UPC/AC/DMAG, Barcelona, Spain *IUL-ISCTE/DCTI/ADETTI, Lisboa, Portugal *cserrao@ac.upc.edu **carlos.serrao@iscte.pt carlos.j.serrao@gmail.com *http://www.upc.edu UPC - Universitat Politecnica de Calalunya **http://www.iscte.pt 3rd. December, 2008
  2. 2. Summary   Context and State of the Art   Specific Contributions   Rights Management interoperability and SOA   Using PKI towards Rights Management interoperability   Open Rights Management as a mean for interoperability   Secure Key and License management for open RM platforms   The OpenSDRM open RM platform   Wallet Rights Management interoperability middle-ware   License Templates   OpenSDRM use-cases and experiences   Conclusions and Future Work   Questions 2 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  3. 3. Context and State of the Art
  4. 4. Content Compression Content 4 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  5. 5. Content   Advantages and Opportunities   Better content   New and better delivery channels   New customers   Fast delivery   ...   Disadvantages and Challenges   Piracy and Uncontrolled distribution   ... 5 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  6. 6. Content   Answer from content industry   Digital   Rights   Management   and   Copy   Protection/Prevention 6 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  7. 7. DRM interoperability   DRM involves the:   description   layering   analysis   valuation   trading   and monitoring of rights   over an individual or organization's assets, in digital format. 7 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  8. 8. Digital Content Value-Chain Creator Publisher Aggregator Distributor Retailer Consumer Content Creation, Capture Content Rights Establishment Content Rights Validation Content Packaging Content Repository Content Trading Content Distribution Content Trading Content Distribution Content Payment Content Trading Permission Management 8 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  9. 9. remixed r/w culture 9 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  10. 10. Digital Content Value-Chain Creator Publisher Aggregator Consumer is PublisherConsumer is Consumer is Distributor is Aggregator Consumer is Creator Consumer Retailer Consumer Distributor Retailer   Consumers are “active” not “passive”   Consumers take other roles on DCVC   Changes the established rights management logic 10 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  11. 11. interoperability 11 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  12. 12. Digital Rights Management   DRM 1.0 failure   Vulnerable DRM systems   Limitations to user experience   Limited availability   Offer limited protection   Imposition to end-users   Lack of interoperability   DRM 2.0 must solve these issues 12 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  13. 13. Digital Rights Management DRM 1.0 DRM 1.5 DRM 2.0 13 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  14. 14. Digital Rights Management   DRM Layers Rights Management Rights Enforcement Copy Protection 14 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  15. 15. Digital Rights Management   DRM Layers – non-interoperable Rights Management X Rights Management DRM A DRM B Rights Enforcement X Rights Enforcement Copy Protection X Copy Protection 15 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  16. 16. Digital Rights Management   DRM Layers - interoperable Rights Management Rights Management Rights Enforcement Rights Enforcement Copy Protection Copy Protection 16 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  17. 17. Digital Rights Management   Interoperability strategies (International Standards):   Full format interoperability   Connected interoperability   Configuration driven interoperability [Koenen et al., 2004] [Kalker et al., 2007] 17 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  18. 18. Digital Rights Management DRM 1.0 DRM 1.5 DRM 2.0 Interoperability 18 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  19. 19. Contributions
  20. 20. Contributions   Motivations/Objectives   Study the applicability of SOA to the creation of interoperable rights management services   Use PKI-based solutions to create common trust environments between different RM solutions/services   Design and implement an open, distributed, service-based architecture for interoperable rights management infrastructure   Based on the key management life cycle, create a generic model for secure license and key management for rights management solutions   Create an open and interoperable RM services-based platform (OpenSDRM)   Study and develop a mechanism to provide interoperability between different content rendering applications and abstraction from REL   Evaluate the flexibility and adaptation of OpenSDRM to multiple use-cases and scenarios 20 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  21. 21. Rights Management Interoperability and Service Oriented Architectures Contributions
  22. 22. RM interoperability and SOA   SOA and Web-Services allow an easy and standard decoupling mechanisms for application integration   This decoupling works based on three pillars:   Service Provider (WSDL)   Service Requester (SOAP)   Service Broker (UDDI)   Allows the distribution of services through an open network, using open standards – such as HTTP 22 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  23. 23. RM interoperability and SOA   Idea/Objective   Identification of most relevant rights management services   “Abstract” its proprietary implementation, through a well-defined and public interface using WSDL   Interaction between services, can be performed via:   Proprietary communication channels, if they are internal to the same rights management solution   Open SOA channels, if they are to be interoperable between different rights management solutions 23 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  24. 24. RM interoperability and SOA   Service decoupling Service Broker Request service WSDL Service Other Service proprietary internal Interface implementation Proprietary Services communication Services Open communication services (SOAP/HTTP)‫‏‬ WSDL Service Other Service proprietary internal Interface implementation Proprietary Services communication Services 24 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  25. 25. RM interoperability and SOA 25 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  26. 26. RM interoperability and SOA 26 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  27. 27. RM interoperability and SOA UDDI Service Broker Publish the RM Ask for service service description location and description SOAP Communication with the specific RM service DRM Governed content 27 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  28. 28. RM interoperability and SOA   Relevant papers   Serrão C., Dias M., Delgado J., “Using Service-oriented Architectures towards Rights Management interoperability”, in Proceedings of the International Joint Conferences on computer, Information and Systems Sciences and Engineering (CISSE06), University of Bridgeport, USA, 4-14 December, 2006   Serrão C., Fonseca P., Dias M., Delgado J., “The Web-Services growing importance for DRM interoperability”, in Proceedings of the IADIS International Conference WWW/Internet 2006, Múrcia, Spain, 5-8 October, 2006   Serrão C., Dias M., Delgado J., “Using Web-Services to Manage and Control Access to Multimedia Content”, in Proceedings of The 2005 International Symposium on Web Services and Applications (ISWS05), Las Vegas, USA, 2005 28 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  29. 29. Using PKI towards Rights Management interoperability Contributions
  30. 30. PKI and RM interoperability   From a security point of view, two major aspects need to be considered in any DRM solution:   the digital object protection, in which the digital object is packaged in a specific container that is locked, preventing non- authorized copies or modifications, making usage of strong cryptographic algorithms.   and the fact that through the entire object life cycle a trustworthy environment must be established between the different actors, devices and software components. 30 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  31. 31. PKI and RM interoperability   Trust Environment   In a common DRM system, trust must be established between the different elements   The way this trust environment is accomplished differs from DRM implementation to implementation   There is no common trust system   This creates interoperability problems 31 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  32. 32. PKI and RM interoperability Users Content Users Content Users Content Users Content DRM A DRM B DRM C DRM D Trust Trust Trust Trust Mechanism A Mechanism B Mechanism C Mechanism D Non-Interoperability points 32 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  33. 33. PKI and RM interoperability   Public-Key Infrastructures (PKI) are important for trust environment establishment   PKIX (PKI for X.509) is currently one of the most deployed PKI technologies, present in many security solutions   PKI offers functions/services that are crucial to the establishment of trust environments:   Certification Authority   Registration Authority   Repository   Archive 33 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  34. 34. PKI and RM interoperability   PKIX supports most of the security and trust functions that DRM needs   DRM systems can “deliver” their security and trust requirements “in the hands” of an underlying PKIX system   This would simplify the task of DRM interoperability 34 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  35. 35. PKI and RM interoperability   Two approaches for DRM interoperability through PKI:   Use a single PKI service shared by all DRM systems;   Each DRM use their own PKI service, and brokering mechanisms are used between them 35 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  36. 36. PKI and RM interoperability All the different DRM systems use the same PKI solution, to establish the necessary trust environment between the different actors, devices or software components. 36 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  37. 37. PKI and RM interoperability The different DRM systems have their own PKI, and a PKI broker is used to build interoperable trust environments between the different actors, devices and software components of the different DRM systems. 37 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  38. 38. PKI and RM interoperability   1st Scenario   The same PKI offers to the different DRM components, trust credentials, that can be immediately trusted between different DRM systems   This is however a low probability scenario. DRM systems will adopt their own PKI solutions 38 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  39. 39. PKI and RM interoperability   2nd Scenario   Reflects what is happening now – each DRM chooses its own PKI solution   “Local” and “External” interoperability   “Local” - the internal components of a DRM system rely on the trust provided by their own PKI   “External” - the components of different DRM systems, have to build trust relationships using a PKI broker 39 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  40. 40. PKI and RM interoperability   Relevant papers   Serrão C., Torres V., Delgado J., Dias M., “Interoperability Mechanisms for registration and authentication on different open DRM platforms”, in International Journal of Computer Science and Network Security, Vol. 6, Number 12, Pages 291-303, December, 2006   Serrão, C., Serra A., Dias M., Delgado J., “PKI as a way to leverage DRM interoperability”, In Proceedings of the IADIS International Conference on Telecommunications, Networks and Systems 2007 (TNS2007), Lisboa, Portugal, 3-5 July, 2007 40 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  41. 41. Open Rights management as a mean for interoperability Contributions
  42. 42. Open RM and Interoperability   “open” is an important key in interoperability   “open”, in RM has three dimensions   open specifications   open interfaces   open-source 42 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  43. 43. Open RM and Interoperability   Open-source DRM platforms   Media-S   OpenIPMP   DReaM   Chillout   OpenSDRM   Open-specification DRM platforms   MIPAMS   OMA-DRM 43 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  44. 44. Open RM and Interoperability   Open-source DRM platforms comparison   Organisation   License   Activity   Base components   Development status   Deployment   Number of Developers   Fields of Applicability   REL Support   Content Support 44 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  45. 45. Open RM and Interoperability   Open RM SWOT analysis 45 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  46. 46. Open RM and Interoperability   Two dimensions for the Interoperability problem:   DRM complexity:   protection (encryption, decryption, watermarking, key distribution, etc.);   authorization based on licenses (rights expressions, verification, license distribution, etc.);   Metadata;   Enforcement;   Governance;   Authorities;   and others.   How we try to get interoperability -> definition of different DRM interoperability levels:   Proprietary systems;   Standards and architectures;   Software framework based;   Open Source. 46 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  47. 47. Open RM and Interoperability   Broker-based open RM interoperability 47 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  48. 48. Open RM and Interoperability   Relevant papers   Serrão C., Torres V., Delgado J., Dias M., “ How Open DRM platforms can shape the future of DRM”, in IEEE Multimedia   Serrão C., Marques J., Dias M., Delgado J., “Open-Source Software as a Driver for Digital Content E-Commerce and DRM interoperability”, in Proceedings of the Europe-China Conference on Intellectual Property in Digital Media – Optimisation of Intellectual Property in Digital Media (IPDM06), Shangai, China, 18-19 October, 2006 48 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  49. 49. Secure Key and License Management for open Rights Management platforms Contributions
  50. 50. Secure key and license management   Some of the functions of modern DRM involves the use of several security technologies:   Public-key cryptography   Secret-key cryptography   Digital signatures   Digital certificates   ... and others.   All this keying material should be properly managed, to avoid security breaches...   ... and this brings us to Key Management. 50 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  51. 51. Secure key and license management   Key Management Life Cycle 51 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  52. 52. Secure key and license management   Key Management Life Cycle   It is important to study on the different DRM solutions handle this functionalities   Establish a common secure license and key management life-cycle   Implementing a broker-based interoperable key management system   As a mechanism for DRM interoperability 52 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  53. 53. Secure key and license management   Key Management and DRM   DRM uses keying material in several situations:   Entities (content providers, users, ...) registration and management   Software applications and components registration and management   Content security   Rights management and enforcement (licenses) 53 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  54. 54. Secure key and license management   Rights Expression Languages (REL)   Allow the expression of copyright   Allow the expression of contracts or license agreements   Allow to control over access and/or use   Mostly used to express DRM-governed content licenses   Licenses express how a governed-content can be used   Expressed in a specific format/notation (XML, Text, Graph theory, ...)   XrML and ODRL are two of the most used   May contain protected keying material information to be used with the protected digital content 54 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  55. 55. Secure key and license management   Depending on the DRM scenario and implementation licenses can be used or not   This gives 6 different scenarios:   Licenses are used in DRM   License contains CEK   License is inside digital content   License is outside the digital content   License don't have CEK   License is inside digital content   License is outside the digital content   Licenses are not used in DRM   CEK is inside digital content   CEK is not inside the digital content 55 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  56. 56. Secure key and license management   License topology 56 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  57. 57. Secure key and license management 57 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  58. 58. Secure key and license management   Analysis of key management in open RM platforms 58 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  59. 59. Secure key and license management   Relevant papers   Serrão, C., Serra A., Dias M., Delgado J., quot;Key Management in open DRM Platforms”, in the Proceedings of the 3rd. International Conference of Automated Production of Cross Media Content for Multi-channel Distribution (AXMEDIS2007), Barcelona, Spain, 28-30 November, 2007   Serrão, C., Serra A., Dias M., Delgado J., “Secure License Management - Management of Digital Object Licenses in a DRM environment”, In Proceedings of the International Conference on Security and Cryptography (SECRYPT2007), Barcelona, Spain, 28-31 July, August, 2007   Serrão, C., Serra A., Dias M., Delgado J., quot;Protection of MP3 Music Files Using Digital Rights Management and Symmetric Cipheringquot;, in the Proceedings of the 2nd. International Conference of Automated Production of Cross Media Content for Multi-channel Distribution (AXMEDIS2006),  Leeds, United Kingdom, 13-15 December, 2006 59 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  60. 60. The OpenSDRM open rights management platform Contributions
  61. 61. OpenSDRM   What is OpenSDRM?   Distributed DRM architecture   Each of the functionalities is implemented has an independent distributed service   There can exist multiple instances of the same service provided by different entities   incorporate the previous contributions 61 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  62. 62. OpenSDRM   OpenSDRM is open:   open-source   open specifications   open interfaces   open to different types of content   open to support many different business models   open to interoperability 62 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  63. 63. OpenSDRM 63 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  64. 64. OpenSDRM   Relevant papers   Serrão C., Dias M., Kudumakis P., “From OPIMA to MPEG IPMP-X - A standard’s history across R&D projects”, in Special Issue on European Projects in Visual Representation Systems and Services, Image Communications, Volume 20, Issue 9-10, Pages 972-994, Elsevier, 2005   Serrão C., quot;Open Secure Infrastructure to control User Access to multimedia contentquot;, in Proceedings of the 4th. International Conference on Web Delivering of Music (WEDELMUSIC2004), Barcelona, Spain, 2004   Serrão C., Neves D., Kudumakis P., Barker T., Balestri M., quot;OpenSDRM – An Open and Secure Digital Rights Management Solutionquot;, in Proceedings of the IADIS International Conference e-Society 2003, Lisboa, Portugal, 3-6 June, 2003 64 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  65. 65. Wallet Rights Management interoperability middleware Contributions
  66. 66. Wallet RM interoperability middle-ware 66 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  67. 67. Wallet RM interoperability middle-ware   DRM-governed content life cycle 67 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  68. 68. Wallet RM interoperability middle-ware   Relevant papers   Serrão C., Dias M., Delgado J., “Digital Object Rights Management – Interoperable client-side DRM middleware”, In Proceedings of the International Conference on Security and Cryptography (SECRYPT2006), Setúbal, Portugal, 7-10 August, 2006   Serrão C., Dias M., Delgado J., “Bringing DRM interoperability to digital content rendering applications”, in Proceedings of the CISSE05 – The International Joint Conferences on Computer, Information, and System Sciences, and Engineering, Springer, ISBN: 978-1-4020-5260-6, University of Bridgeport, USA, 10-20 Dezembro, 2005 68 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  69. 69. License Templates Contributions
  70. 70. License Templates   Complex RM environments   Content Provider - License Provider - User CRA   Support for multiple license format is *not* assured   Possible solutions   REL translation   License in one format is translated to other format   Templates   Specific REL license templates created “a priori”, and instantiated when the license is to be issued 70 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  71. 71. License Templates   License template definition process 71 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  72. 72. License Templates   Relevant papers   Serrão C., Dias M., Delgado J., “Using ODRL to express rights for different content usage scenarios”, in Proceedings of the ODRL2005 – 2nd International ODRL Workshop 2005, Lisboa, Portugal, 7-8 July, 2005   Serrão C., Dias M., Delgado J., “Bringing DRM interoperability to digital content rendering applications”, in Proceedings of the CISSE05 – The International Joint Conferences on Computer, Information, and System Sciences, and Engineering, Springer, ISBN: 978-1-4020-5260-6, University of Bridgeport, USA, 10-20 Dezembro, 2005 72 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  73. 73. OpenSDRM experiences and use-cases Contributions
  74. 74. OpenSDRM experiences and use-cases   OpenSDRM usage cases:   Digital Music, MOSES FP5-IST project, Music-4You.com   JPEG2000 digital images, HICOD2000 ESA RTD project   Video-Surveillance, WCAM FP6-IST project   Home Networking Digital Music, MediaNet FP6-IST project 74 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  75. 75. OpenSDRM experiences and use-cases   Relevant papers   Serrão C., “Music-4you.com – Digital Music E-Commerce Case Study”, in IADIS International Journal on Internet/WWW, Volume 3, Issue 1, ISSN 1645-7641, 2005   Carvalho H., Serrão C., Serra A., Dias M., “Flexible Access to ESA Earth Observation data using JPEG2000 and DRM”, in Proceedings of the Fourth Conference on Imaging Information Mining (ESA-EUSC2006), Madrid, Spain, 27-28 November, 2006   Serrão, C., Dias M., Serra A., Carvalho H., quot;Accessing Earth Observation data using JPEG2000quot;, in Proceedings of the Symposium on Computational Modelling of Objects Represented in Images (CompImage2006), Coimbra, Portugal, 20-21 October, 2006   Serrão, C., Dias L., Serra A., Dias M., quot;JPEG2000 Image Compression and Visualization for Desktop and Mobile Clientsquot;, in Proceedings of the Atlantic Europe Conference on Remote Imaging and Spectroscopy (AECRIS2006), International Journal of Internet Protocol Technology, Preston, United Kingdom, 11-12 September, 2006 75 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  76. 76. Conclusions and Future Work
  77. 77. Conclusions   The objective of this work was to present several mechanisms to improve the RM non-interoperable panorama   Some specific mechanisms were selected to study its applicability to RM interoperability   RM interoperability is not an easy problem   This thesis does not solve it!!!   However, it contributes with some mechanisms to make the problem less complex.   But, more work needs to be done! 77 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  78. 78. Conclusions   Rights Management and Service-Oriented Architectures   SoA has a huge impact on the software and service distribution (SaaS)   RM can benefit from service distribution, to create heterogeneous RM environments   RM providers decouple RM services   Published, and promoted on UDDI repositories   Approach followed on the OpenSDRM implementation 78 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  79. 79. Conclusions   PKI and rights management interoperability   RMS systems need to establish trust environments and to handle cryptographic material   Most current RM solutions do not rely on existing PKI services – they implement their own proprietary services   Contributed with PKI-based interoperability solution to establish trust – PKI-broker to establish trust between different RM solutions   Design and establishment of protocols to create trust environments between different RM solutions 79 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  80. 80. Conclusions   Open rights management towards interoperability   Commercial RM solutions are vertical, closed and non-interoperable – alternative is an open model   Open RM solutions were identified, classified and included in three categories: open-source, open specifications and open interfaces   A SWOT analysis was conducted to identify the major advantages and drawbacks of having open RM solutions 80 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  81. 81. Conclusions   Secure key and license management for open rights management   Security is central to RM systems   Appropriate secure management of rights and key management are of extreme importance   Scenarios between the REL, the digital object and the CEK were identified   Description of the license management life cycle   Identify how the different RM handle the key management life cycle   Lack of support behind the pre-operational and operational stages   Proper key management is crucial for security management 81 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  82. 82. Conclusions   OpenSDRM open rights management architecture   Design and implementation of an open RM platform   Based on a service oriented approach   E2E RM services for the DCVC   Detailed security mechanisms and protocols 82 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  83. 83. Conclusions   Wallet rights management interoperability middle-ware and license templates   Establishment of a client-side RM middle-ware to provide interoperability between different CRA   Abstraction layer between the CRA and DRM regime   Request authorizations to the RM layer to render content   Creation of and usage of license rights templates to offer RM interoperability between multiple content providers, license providers and user-devices   Expression of particular business model using different license templates   Facilitate the interoperation between different REL 83 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  84. 84. Conclusions   OpenSDRM use-cases   Demonstrate the OpenSDRM applicability, adaptability and interoperability to:   Multiple business models   Multiple content types   Multiple CRA 84 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  85. 85. Conclusions   Using of SoA to enable the RM services interoperability   Establishment of common trust environments, using PKI mechanisms, to provide interoperability   Analyse how open RM can contribute to RM interoperability and define an approach for open RM platforms based on SWOT analysis   Define how to manage securely both keys and licenses throughout their life-cycle, across open RM platforms   Creation of an open and services based RM platform that enables interoperability between different scenarios   Design of an abstraction mechanism between content rendering and RM, and abstraction mechanism between the content provider business model and the REL used   Evaluate the usage of contributed mechanisms on different usage scenarios 85 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  86. 86. Conclusions 86 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  87. 87. Conclusions   Future work   Interoperable RM brokerage   Economic impact of OpenSDRM disintermediation   Key and license management on super-distribution   OpenSDRM development and improvement 87 [iDRM] - Ph.D. Lecture Dissertation 3rd. December 2008
  88. 88. Questions Thank you for your time and your patience…
  89. 89. iDRM – Interoperability mechanisms for Open Rights Management platforms Ph.D. Dissertation Lecture Professor Jaime Delgado*, Professor Miguel Dias** Carlos Serrão *UPC/AC/DMAG, Barcelona, Spain *IUL-ISCTE/DCTI/ADETTI, Lisboa, Portugal *cserrao@ac.upc.edu **carlos.serrao@iscte.pt carlos.j.serrao@gmail.com *http://www.upc.edu UPC - Universitat Politecnica de Calalunya **http://www.iscte.pt 3rd. December, 2008
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×