Marshall McLuhan's statement that "the medium is the message" captured the reality of communications until the digital age. Communicating digitally involves the transfer of information as streams of bits. No longer does matter need to be moved. In the case of data representing continuous waveforms, the communication is complete when the recipient possesses a digital representation of the original signal with a given fidelity criterion. This allows one to embed watermarks to deliver hidden information. In the case of discrete data files, the communication is complete when the recipient possesses the identical stream of bits delivered by the source: at that moment there are two, identical, streams of bits. It is impossible to characterize one as the original and the other as the copy. Consequently, one loses control of digital information after transmitting it to another. The recipient is free to use their original as they see fit. The ubiquitous PC and Internet provide the means easily and inexpensively to copy and distribute data files to anyone wishing to do so. We introduce a framework for persistent access control over digital data. That is, data remain under the control of their originator, even after another has received them. This requires the use of multiple levels of encryption, transmission of ciphering keys through licenses associated with the data, and of trusted hardware and trusted software (access control mechanism) to ensure that the originator's restrictions are not circumvented. We show how a PC or consumer electronics appliance can accommodate the required system-while remaining compatible with previously produced data. This material is the subject of a pending U.S. Patent Application (allowed) and foreign applications.
[1]
Premkumar T. Devanbu,et al.
Research directions for automated software verification: using trusted hardware
,
1997,
Proceedings 12th IEEE International Conference Automated Software Engineering.
[2]
Jean-Jacques Quisquater,et al.
Cryptology for digital TV broadcasting
,
1995,
Proc. IEEE.
[3]
Douglas R. Stinson,et al.
Cryptography: Theory and Practice
,
1995
.
[4]
Jean-Paul M. G. Linnartz.
The "Ticket" Concept for Copy Control Based on Embedded Signalling
,
1998,
ESORICS.
[5]
Tomas Olovsson,et al.
An analysis of a secure system based on trusted components
,
1996,
Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.
[6]
Wolfgang Rankl,et al.
Smart Card Handbook
,
1997
.
[7]
Jack C. Lee,et al.
Toward on-line, worldwide access to Vatican Library materials
,
1996,
IBM J. Res. Dev..
[8]
P. Samarati,et al.
Access control: principle and practice
,
1994,
IEEE Communications Magazine.
[9]
Stephen Smalley,et al.
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
,
2000
.
[10]
Ahmed H. Tewfik,et al.
Digital watermarks for audio signals
,
1996,
1996 8th European Signal Processing Conference (EUSIPCO 1996).
[11]
Thomas J. Alexandre.
A Java-Based Platform for Intellectual Property Protection on the World Wide Web
,
1998,
Comput. Networks.
[12]
Lawrence O'Gorman,et al.
Document marking and identification using both line and word shifting
,
1995,
Proceedings of INFOCOM'95.