Key Management in
open DRM platforms
*Carlos Serrão, *Miguel Dias and **Jaime Delgado
   carlos.serrao, miguel.dias {@isct...
Summary

    • DRM interoperability
      •   open DRM interoperability

    • Key Management
      •   Key Management Lif...
DRM interoperability

     • DRM involves the:
      •   description, layering, analysis, valuation, trading and
         ...
DRM interoperability

     • Different DRM systems
       do not interoperate
     • DRM-A governed
       content is inco...
DRM interoperability

     • Solvable problem?
      •   Yes, but...
          •   Although technologically complex, it is...
DRM interoperability

     • 3 different strategies based on International
       standards
       •   Full-format interop...
open DRM interoperability

     • open DRM interoperability
      •   requires DRM solutions that provide open
          s...
open DRM interoperability

     • Connected DRM interoperability:
      •   DRM P2P connected interoperability
          •...
open DRM interoperability

     • DRM P2P connected interoperability




9
open DRM interoperability

      • DRM broker-based connected interoperability




10
open DRM interoperability




11
open DRM interoperability

      • Approach for DRM interoperability study




11
open DRM interoperability

      • Approach for DRM interoperability study
       I. Select a group of different open-DRM ...
open DRM interoperability

      • Approach for DRM interoperability study
       I. Select a group of different open-DRM ...
open DRM interoperability

      • Approach for DRM interoperability study
       I. Select a group of different open-DRM ...
open DRM interoperability

      • Approach for DRM interoperability study
       I. Select a group of different open-DRM ...
open DRM interoperability

      • Approach for DRM interoperability study
       I. Select a group of different open-DRM ...
Some DRM concepts

     • One of the functions that modern DRM
       involves the use of several security technologies:
 ...
Key Management

     • What is Key Management?
       •   Key Management is the set of techniques and
           procedure...
Key Management in DRM

     • Key Management and DRM
       •   DRM uses keying material in several situations:
          ...
Key Management in DRM

           • Key Management Life Cycle
                                                            ...
Key Management in DRM

     • Key Management Life Cycle




16
Key Management in DRM

     • Key Management Life Cycle
       •   It is important to study on the different DRM solutions...
Key Management in open DRM

     • Key management analysis on open DRM
       •   a set of open DRM platforms were selecte...
Key Management in open DRM

     • OpenSDRM
       •   not very well documented
       •   source-code is available
      ...
Key Management in open DRM

     • OpenIPMP
       •   not very well documented
       •   source-code is available
      ...
Key Management in open DRM

     • DMAG MIPAMS
       •   some limited documentation exists
       •   no source-code avai...
Key Management in open DRM

     • DMP Chillout
       •   extensive and detailled documentation is
           available
 ...
Key Management in open DRM

     • OMA DRM
       •   OMA has an extensive available
           documentation with several...
Key Management in open DRM

     • Sun DReaM
       •   has some specifications available,
           although very limited...
Comparison
                               DMAG
                               MIPAMS

        User Registration

        S...
Comparison
                                                DMAG
                                                MIPAMS

  ...
Conclusions

      • Key management is important in DRM for:
        •   confidentiality
        •   entity authentication
...
Conclusions

      • The analysis conducted to open of the platforms
                                        DRM
        r...
Conclusions

      • The lackin DRM could lead keysome serious
                 of an appropriate    management
        sc...
Q &A

     • It’s time for some questions...
     • ... and (maybe) some answers.




30
Upcoming SlideShare
Loading in …5
×

Axmedis2007 Presentation

1,467 views

Published on

Published in: Economy & Finance, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,467
On SlideShare
0
From Embeds
0
Number of Embeds
31
Actions
Shares
0
Downloads
23
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Axmedis2007 Presentation

  1. 1. Key Management in open DRM platforms *Carlos Serrão, *Miguel Dias and **Jaime Delgado carlos.serrao, miguel.dias {@iscte.pt}, jaime.delgado@ac.upc.edu *ISCTE/DCTI/ADETTI **UPC/AC/DMAG Lisboa, Portugal Barcelona, Spain
  2. 2. Summary • DRM interoperability • open DRM interoperability • Key Management • Key Management Life Cycle • Key Management LC on open DRM • OpenSDRM, OpenIPMP, DMAG MIPAMS, DMP Chillout, OMA DRM, Sun DReaM • Comparison • Conclusions and Future Work 2
  3. 3. DRM interoperability • DRM involves the: • description, layering, analysis, valuation, trading and monitoring of rights over an individual or organisation's assets, in digital format; • DRM is: • the chain of hardware and software services and technologies governing the authorised use of digital objects and managing any consequences of that use throughout the entire life cycle of the object. 3
  4. 4. DRM interoperability • Different DRM systems do not interoperate • DRM-A governed content is incompatible DRM ??? A with other DRM systems DRM • B Users hate it! ??? • Different formats, ??? ??? ??? protocols, security mechanisms, content DRM protection mechanisms, C ??? and others... DRM • Vertical solutions lead to D non-interoperability 4
  5. 5. DRM interoperability • Solvable problem? • Yes, but... • Although technologically complex, it is not only a technical problem • It is also a business problem! 5
  6. 6. DRM interoperability • 3 different strategies based on International standards • Full-format interoperability • requires everyone using the same format • Connected interoperability • brokering between different DRM regimes • Configuration driven interoperability • DRM regimes use tools to adapt to other regimes 6
  7. 7. open DRM interoperability • open DRM interoperability • requires DRM solutions that provide open specifications and/or are open-source based • true connectedthis approach can only be interoperability achieved using 7
  8. 8. open DRM interoperability • Connected DRM interoperability: • DRM P2P connected interoperability • specific individual connectors between each of the different DRM functions • DRM broker-based connected interoperability • generic function broker between the different DRM functions 8
  9. 9. open DRM interoperability • DRM P2P connected interoperability 9
  10. 10. open DRM interoperability • DRM broker-based connected interoperability 10
  11. 11. open DRM interoperability 11
  12. 12. open DRM interoperability • Approach for DRM interoperability study 11
  13. 13. open DRM interoperability • Approach for DRM interoperability study I. Select a group of different open-DRM systems; 11
  14. 14. open DRM interoperability • Approach for DRM interoperability study I. Select a group of different open-DRM systems; II. Identify the major functionalities inside the particular open-DRM systems; 11
  15. 15. open DRM interoperability • Approach for DRM interoperability study I. Select a group of different open-DRM systems; II. Identify the major functionalities inside the particular open-DRM systems; III. Identify commonalities between the functionalities of the different open-DRM systems; 11
  16. 16. open DRM interoperability • Approach for DRM interoperability study I. Select a group of different open-DRM systems; II. Identify the major functionalities inside the particular open-DRM systems; III. Identify commonalities between the functionalities of the different open-DRM systems; IV. Create a brokerage functionality in a common generic DRM broker, that maps to the specific open-DRM functionalities; 11
  17. 17. open DRM interoperability • Approach for DRM interoperability study I. Select a group of different open-DRM systems; II. Identify the major functionalities inside the particular open-DRM systems; III. Identify commonalities between the functionalities of the different open-DRM systems; IV. Create a brokerage functionality in a common generic DRM broker, that maps to the specific open-DRM functionalities; V. Define an orchestration model, in the DRM-broker, between the same functionalities of the different open- DRM systems. 11
  18. 18. Some DRM concepts • One of the functions that modern DRM involves the use of several security technologies: • Public-key cryptography • Secret-key cryptography • Digital signatures • Digital certificates • ... and others. • All this keying material should be properly managed, to avoid security breaches... • ... and this brings us to Key Management. 12
  19. 19. Key Management • What is Key Management? • Key Management is the set of techniques and procedures supporting the establishment and maintenance of keying relationships between authorised parties. • Key Management encompasses techniques and procedures supporting: • Initialisation of system users within a domain; • Generation, distribution and installation of keying material; • Controlling the use of keying material; • Update, revocation and destruction of keying material; 13
  20. 20. Key Management in DRM • Key Management and DRM • DRM uses keying material in several situations: • Entities (content providers, users, ...) registration and management • Software applications and components registration and management • Content security • Rights management and enforcement (licenses) 14
  21. 21. Key Management in DRM • Key Management Life Cycle Key installation • pre-operational Key registration operational • User Registration • Normal usage • System and User initialisation • Key backup • Key generation • Key update • Key recovery • post-operational obsolete Key de-registration and • Archival • destruction Key revocation • 15
  22. 22. Key Management in DRM • Key Management Life Cycle 16
  23. 23. Key Management in DRM • Key Management Life Cycle • It is important to study on the different DRM solutions handle this functionalities • Establish a common secure license and key management life-cycle • Implementing a broker-based interoperable key management system • As a mechanism for DRM interoperability 17
  24. 24. Key Management in open DRM • Key management analysis on open DRM • a set of open DRM platforms were selected • OpenSDRM, OpenIPMP, DMAG MIPAMS, DMP Chillout, OMA DRM, Sun DReaM • and the key management cycle has been studied • available specifications • in some cases, open-source code (OpenSDRM, OpenIPMP, DMP Chillout and Sun DReaM) 18
  25. 25. Key Management in open DRM • OpenSDRM • not very well documented • source-code is available • relies on XML certificates and X509 certificates • key management life cycle • handles key material creation, registration and normal usage • revocation, archival, or destruction of obsolete key material is not handled 19
  26. 26. Key Management in open DRM • OpenIPMP • not very well documented • source-code is available • relies on X509 certificates • key management life cycle • handles key material creation, registration and normal usage • handles key and certificate revocation • archival, or destruction of obsolete key material is not handled 20
  27. 27. Key Management in open DRM • DMAG MIPAMS • some limited documentation exists • no source-code available • makes usage of X509 mechanisms • key life cycle management • handles key material creation, registration and normal usage • handles (partly) key and certificate revocation • archival, or destruction of obsolete key material is not handled 21
  28. 28. Key Management in open DRM • DMP Chillout • extensive and detailled documentation is available • source-code is well organized and available • makes usage of X509 • key management life cycle • handles key material creation, registration and normal usage • revocation, archival, or destruction of obsolete key material is not handled 22
  29. 29. Key Management in open DRM • OMA DRM • OMA has an extensive available documentation with several specifications • No source-code is available • Details specific security details, like algorithms to be used, protocols, ... • key management life cycle • handles key material creation, registration and normal usage • handles key and certificate revocation • archival, or destruction of obsolete key material is not handled 23
  30. 30. Key Management in open DRM • Sun DReaM • has some specifications available, although very limited • source-code is available (it is still under heavy development) • key management life cycle • it is hard to analyse this due to early development • handles key material creation, registration and normal usage • revocation, archival, or destruction of obsolete key material is not handled 24
  31. 31. Comparison DMAG MIPAMS User Registration System and User Initialization Key generation Key installation Key registration Normal usage Key backup Key update Key recovery Key archival Key revocation Key de-registration and destruction 25
  32. 32. Comparison DMAG MIPAMS User Registration operational System and User pre- Initialization Key generation Key installation Key registration operational Normal usage Key backup Key update Key recovery olet operati Key archival obs post- Key revocation Key de-registration and destruction 26
  33. 33. Conclusions • Key management is important in DRM for: • confidentiality • entity authentication • data origin authentication • data integrity • and digital signatures. • Managing correctlyinthe keying material and its life cycle is important DRM security design. 27
  34. 34. Conclusions • The analysis conducted to open of the platforms DRM revealed that important aspects key management life cycle are poorly considered: • key backup • key update • key recovery • key archival • key revocation • key de-registration and destruction. 28
  35. 35. Conclusions • The lackin DRM could lead keysome serious of an appropriate management scheme to security problems, such as: • the compromise of confidentiality of secret keys; • compromise of authenticity of private or public keys, and; • the unauthorized usage of private or public keys. • This is of DRM solutions. considered on the an aspect to be further design 29
  36. 36. Q &A • It’s time for some questions... • ... and (maybe) some answers. 30

×