Towards a software architecture for DRM

The domain of digital rights management (DRM) is currently lacking a generic architecture that supports interoperability and reuse of specific DRM technologies. This lack of architectural support is a serious drawback in light of the rapid evolution of a complex domain like DRM. It is highly unlikely that a single DRM technology or standard will be able to support the diversity of devices, users, platforms, and media, or the wide variety of system requirements concerning security, flexibility, and efficiency. This paper analyses state-of-the-art DRM technologies and extracts from them high level usage scenarios according to content consumers, producers, and publishers. In addition, the key services are identified both from a functional and security perspective. Identifying key DRM services and locating them in an overall structure brings us one step closer to a software architecture for DRM. Having available a software architecture should help the DRM community in reasoning about DRM systems, and in achieving reuse and interoperability of multiple domain-specific DRM technologies and standards.

[1]  John S. Erickson Fair use, DRM, and trusted computing , 2003, CACM.

[2]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[3]  Wenbo Mao,et al.  Modern Cryptography: Theory and Practice , 2003 .

[4]  Deirdre K. Mulligan,et al.  DIGITAL RIGHTS MANAGEMENT AND FAIR USE BY DESIGN , 2003 .

[5]  William Hugh Murray,et al.  Modern Cryptography , 1995, Information Security Journal.

[6]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[7]  Clemens A. Szyperski,et al.  Component software - beyond object-oriented programming , 2002 .

[8]  Ross J. Anderson Cryptography and competition policy: issues with 'trusted computing' , 2003, PODC '03.

[9]  Sam Michiels,et al.  Component framework technology for adaptable and manageable protocol stacks , 2003 .

[10]  David E. Culler,et al.  Virtualization considered harmful: OS design directions for well-conditioned services , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[11]  Gregory Wroblewski,et al.  General Method of Program Code Obfuscation , 2002 .

[12]  Paul F. Syverson,et al.  Anonymous connections and onion routing , 1998, IEEE J. Sel. Areas Commun..

[13]  Cristina V. Lopes,et al.  Open Implementation Design Guidelines , 1997, Proceedings of the (19th) International Conference on Software Engineering.

[14]  Robert E. Tarjan,et al.  Dynamic Self-Checking Techniques for Improved Tamper Resistance , 2001, Digital Rights Management Workshop.

[15]  Pramod A. Jamkhedkar,et al.  DRM as a layered system , 2004, DRM '04.

[16]  David D. Clark,et al.  The design philosophy of the DARPA internet protocols , 1988, SIGCOMM '88.

[17]  Paul C. van Oorschot,et al.  A White-Box DES Implementation for DRM Applications , 2002, Digital Rights Management Workshop.

[18]  Susanne Guth Rights Expression Languages , 2003, Digital Rights Management.