Digital Rights Management Ecosystem and its Usage Controls: A Survey

Progressive and dynamic developments in the digital content industry are significantly dependent on copyright protection. Effective usage control technologies can guarantee that end consumers are able to legally access, transfer, and share copyrighted contents and corresponding digital rights. From the technical and managerial perspectives, we give a wide survey on state-of-the-art of Digital Rights Management (DRM) systems. This paper starts with a generic DRM ecosystem that effectively supports two typical application scenarios, and the ecosystem builds multi-stakeholder trust and maximizes risk management opportunities. And also, a holistic and comprehensive investigation of usage control models, policies, and mechanism were made in detail. These include, but are not limited to, multiple comparisons of rights expression languages, security models, authorization management, rights transfer, and trustworthy utilization of secure end-user digital devices or consumer electronics. Finally, a range of open issues and challenges for DRM ecosystems are highlighted. A variety of controllable and traceable rights sharing among e-users, in combination with security risk management, will be the key for emerging social network services.

[1]  Ahmad-Reza Sadeghi,et al.  Property-based attestation for computing platforms: caring about properties, not mechanisms , 2004, NSPW '04.

[2]  Zouhair Guennoun,et al.  Improvement of MPEG-21 right expression language , 2009, 2009 IEEE/ACS International Conference on Computer Systems and Applications.

[3]  Chi-Chun Lo,et al.  Threshold Based Group-Oriented Nominative Proxy Signature Scheme for Digital Rights Management , 2010, 2010 7th IEEE Consumer Communications and Networking Conference.

[4]  Tetsutaro Uehara,et al.  Integrating fingerprint with cryptosystem for internet-based live pay-TV system , 2008, 2008 Third International Conference on Communications and Networking in China.

[5]  Pramod A. Jamkhedkar,et al.  Digital rights management architectures , 2009, Comput. Electr. Eng..

[6]  Reihaneh Safavi-Naini,et al.  A Rights Management Approach to Securing Data Distribution in Coalitions , 2010, 2010 Fourth International Conference on Network and System Security.

[7]  Jiying Zhao,et al.  An improved watermarking technique for multi-user, multi-right environments , 2009, Multimedia Tools and Applications.

[8]  Joseph Y. Halpern,et al.  A formal foundation for XrML , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[9]  Ahmad-Reza Sadeghi,et al.  A protocol for property-based attestation , 2006, STC '06.

[10]  Eric Matthew Hinkes Access Controls in the Digital Era and the Fair Use/First Sale Doctrines , 2007 .

[11]  SandhuRavi,et al.  The UCONABC usage control model , 2004 .

[12]  Iván Martínez-Ortiz,et al.  The problem with rights expression languages , 2006, DRM '06.

[13]  Richard Y. K. Fung,et al.  Chinese MPEG-21 Rights Expression Language: Enhancing Digital Rights Management Adoption to Digital Libraries in Hong Kong , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[14]  Pramod A. Jamkhedkar,et al.  DRM as a layered system , 2004, DRM '04.

[15]  Xin Wang Design principles and issues of rights expression languages for digital rights management , 2005, Visual Communications and Image Processing.

[16]  E. Ramsey,et al.  Trust considerations on attitudes towards online purchasing: The moderating effect of privacy and security concerns , 2010 .

[17]  Mohan S. Kankanhalli,et al.  Joint Watermarking Scheme for Multiparty Multilevel DRM Architecture , 2009, IEEE Transactions on Information Forensics and Security.

[18]  Sang Uk Lee,et al.  Robust image watermarking using local Zernike moments , 2009, J. Vis. Commun. Image Represent..

[19]  Jianguo Xiao,et al.  Cardinality Constraint Access Control Model and Implementation , 2011 .

[20]  Xi Chen,et al.  Secure and traceable multimedia distribution for convergent Mobile TV services , 2010, Comput. Commun..

[21]  Radu Sion,et al.  A personal mobile DRM manager for smartphones , 2009, Comput. Secur..

[22]  Nora Cuppens-Boulahia,et al.  OPA: Onion Policy Administration Model - Another approach to manage rights in DRM , 2007, SEC.

[23]  Shiguo Lian Secure video distribution scheme based on partial encryption , 2009, Int. J. Imaging Syst. Technol..

[24]  Joon S. Park,et al.  Problem Analyses and Recommendations in DRM Security Policies , 2008, EuroISI.

[25]  Ganapathi Padmavathi,et al.  A security framework for Content-Based Publish-Subscribe system , 2006, Electron. Commer. Res. Appl..

[26]  Pramod A. Jamkhedkar,et al.  A formal conceptual model for rights , 2008, DRM '08.

[27]  Hsin Hsin Chang,et al.  Consumer perception of interface quality, security, and loyalty in electronic commerce , 2009, Inf. Manag..

[28]  Roger Clarke,et al.  A best practice model for e-consumer protection , 2010, Comput. Law Secur. Rev..

[29]  Nei Kato,et al.  Network-Based Traitor-Tracing Technique Using Traffic Pattern , 2010, IEEE Transactions on Information Forensics and Security.

[30]  Lin Yang,et al.  Cooperative and Non-Cooperative Game-Theoretic Analyses of Adoptions of Security Policies for DRM , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[31]  Reihaneh Safavi-Naini,et al.  Location constraints in digital rights management , 2008, Comput. Commun..

[32]  J. William Atwood,et al.  Requirements for enforcing digital rights management in multicast content distribution , 2010, Telecommun. Syst..

[33]  Chris J. Mitchell,et al.  Trusted Mobile Platforms , 2007, FOSAD.

[34]  Bill Rosenblatt DRM, law and technology: an American perspective , 2007, Online Inf. Rev..

[35]  Chris Barlas,et al.  Digital Rights Expression Languages (DRELs) , 2006 .

[36]  Mei-Yu Wu,et al.  Design and implementation of a context and role-based access control model for digital content , 2010 .

[37]  Kisong Yoon,et al.  DRM applied contents share in digital home , 2009, 2009 IEEE 13th International Symposium on Consumer Electronics.

[38]  Shiguo Lian,et al.  Multimedia Content Encryption: Techniques and Applications , 2008 .

[39]  Kevin P. Hwang,et al.  The combined model of influencing on-line consumer behavior , 2010, Expert Syst. Appl..

[40]  Reihaneh Safavi-Naini,et al.  Implementing Trusted Terminals with a and SITDRM , 2008, Electron. Notes Theor. Comput. Sci..

[41]  Wuu-Yee Chen,et al.  Processing Logical Access Control Command in Computer System , 2008, J. Digit. Content Technol. its Appl..

[42]  Yan Zhang,et al.  Handbook of Research on Secure Multimedia Distribution , 2009 .

[43]  Reihaneh Safavi-Naini,et al.  On the operational semantics of rights expression languages , 2009, DRM '09.

[44]  R. Safavi-Naini,et al.  Implementing Trusted Terminals with a TPM and SITDRM , 2010 .

[45]  Petros S. Stefaneas,et al.  Algebraic Specifications for OMA REL Licenses , 2009, 2009 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[46]  Shiguo Lian,et al.  Fuzzy Risk Assessments on Security Policies for Digital Rights Management , 2009 .

[47]  Andrew S. Tanenbaum,et al.  A DRM security architecture for home networks , 2004, DRM '04.

[48]  Riccardo Pucella,et al.  A Formal Foundation for ODRL , 2006, ArXiv.

[49]  Saraju P. Mohanty,et al.  Hardware assisted watermarking for multimedia , 2009, Comput. Electr. Eng..

[50]  Andrew Hutchison,et al.  Persistent access control: a formal model for drm , 2007, DRM '07.

[51]  Dengguo Feng,et al.  TBDRM: A TPM-Based Secure DRM Architecture , 2009, 2009 International Conference on Computational Science and Engineering.

[52]  Christopher C. Lamb,et al.  An interoperable usage management framework , 2010, DRM '10.

[53]  Cheun Ngen Chong Experiments in rights control : expression and enforcement , 2005 .

[54]  José Albors-Garrigos,et al.  Design and development challenges for an E2E DRM content business integration platform , 2009, Int. J. Inf. Manag..

[55]  Rosa Gil,et al.  Content value chains modelling using a copyright ontology , 2010, Inf. Syst..

[56]  Yevgeniy Dodis,et al.  On Cryptographic Techniques for Digital Rights Management , 2006 .

[57]  William J. Caelli Modernising MAC: New Forms for Mandatory Access Control in an Era of DRM , 2007, SEC.

[58]  Sunil Karforma,et al.  A prototype design for DRM based credit card transaction in E-commerce , 2008, UBIQ.

[59]  Mohan S. Kankanhalli,et al.  Efficient license validation in MPML DRM architecture , 2009, DRM '09.

[60]  Hyunsoo Yoon,et al.  Digital Rights Management with Right Delegation for Home Networks , 2006, ICISC.

[61]  Sang-Heui Lee,et al.  Open process and open-source enterprise systems , 2009, Enterp. Inf. Syst..

[62]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[63]  Jean-Henry Morin Towards Socially-Responsible Management of Personal Information in Social Networks , 2009, BlogTalk.

[64]  Hiroyuki Imaizumi,et al.  Integrated Digital Rights Management for Mobile IPTV Using Broadcasting and Communications , 2009, IEEE Transactions on Broadcasting.

[65]  Paul Koster,et al.  Introduction of the Domain Issuer in OMA DRM , 2007, 2007 4th IEEE Consumer Communications and Networking Conference.

[66]  Zhun Cai,et al.  An Improved IBE Authorization Protocol on Grid Computing System , 2011 .

[67]  Mohan S. Kankanhalli,et al.  Privacy Preserving Multiparty Multilevel DRM Architecture , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[68]  Rosa Gil,et al.  Copyright Licenses Reasoning an OWL-DL Ontology , 2009, Law, Ontologies and the Semantic Web.

[69]  William J. Caelli,et al.  DRM, Trusted Computing and Operating System Architecture , 2005, ACSW.

[70]  Andrew S. Tanenbaum,et al.  Enforcing DRM policies across applications , 2008, DRM '08.

[71]  Jeremy V. Pitt,et al.  An artist life cycle model for digital media content: Strategies for the Light Web and the Dark Web , 2009, Electron. Commer. Res. Appl..

[72]  Hsiang-Cheh Huang,et al.  Metadata-based image watermarking for copyright protection , 2010, Simul. Model. Pract. Theory.

[73]  Ali Aydin Selçuk,et al.  Optimal subset-difference broadcast encryption with free riders , 2009, Inf. Sci..

[74]  Franco Frattolillo,et al.  A Novel Approach to DRM Systems , 2009, 2009 International Conference on Computational Science and Engineering.

[75]  Yung-Ming Li,et al.  Pricing schemes for digital content with DRM mechanisms , 2009, Decis. Support Syst..

[76]  Yu-Cheng Fan,et al.  DFT-Based SoC/VLSI IP Protection and Digital Rights Management Platform , 2009, IEEE Transactions on Instrumentation and Measurement.

[77]  Jianfeng Ma,et al.  A Fine-Grained Digital Rights Transfer Policy and Trusted Distribution and Enforcement , 2008, 2008 International Conference on Computational Intelligence and Security.

[78]  Jianfeng Ma,et al.  Security and Trust in Digital Rights Management: A Survey , 2009, Int. J. Netw. Secur..

[79]  Chin-Chen Chang,et al.  Digital rights management for multimedia content over 3G mobile networks , 2010, Expert Syst. Appl..

[80]  Vivek Haldar,et al.  Semantic remote attestation , 2006 .

[81]  Wang Tao,et al.  An empirical study of customers' perceptions of security and trust in e-payment systems , 2010, Electron. Commer. Res. Appl..

[82]  Cath Everett Is DRM fit for purpose , 2010 .

[83]  Imad M. Abbadi,et al.  Replay Attack of Dynamic Rights within an Authorised Domain , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[84]  Wuu-Yee Chen,et al.  An Analysis Present Condition of Information Systems in Turkish Ports and Direction of Improvement , 2008 .

[85]  Paul Koster,et al.  Identity Based DRM: Personal Entertainment Domain , 2005, Communications and Multimedia Security.

[86]  Chin-Ling Chen,et al.  A secure and traceable E-DRM system based on mobile device , 2008, Expert Syst. Appl..

[87]  Hongxia Jin,et al.  Adaptive traitor tracing for large anonymous attack , 2008, DRM '08.

[88]  Michael E. Lesk Digital Rights Management and Individualized Pricing , 2008, IEEE Security & Privacy.

[89]  Ilkka Kiema Commercial piracy and intellectual property policy , 2008 .

[90]  Christian Schaefer,et al.  Usage Control Enforcement: Present and Future , 2008, IEEE Security & Privacy.

[91]  Yang,et al.  Establishing Multi-Party Trust Architecture for DRM by Using Game-Theoretic Analysis of Security Policies , 2009 .

[92]  Joseph Y. Halpern,et al.  Using First-Order Logic to Reason about Policies , 2008, TSEC.

[93]  Ahmad-Reza Sadeghi,et al.  Secure Data Management in Trusted Computing , 2005, CHES.

[94]  Lin Yang,et al.  Research on Usage Control Model with Delegation Characteristics Based on OM-AM Methodology , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[95]  Ahmad-Reza Sadeghi,et al.  Flexible and secure enterprise rights management based on trusted virtual domains , 2008, STC '08.

[96]  Eric Diehl A four-layer model for security of digital rights management , 2008, DRM '08.

[97]  Riccardo Pucella,et al.  A logic for reasoning about digital rights , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[98]  Jong Kim,et al.  Redistributing time-based rights between consumer devices for content sharing in DRM system , 2009, International Journal of Information Security.

[99]  Lin Yang,et al.  Implementing Trustworthy Dissemination of Digital Contents by Using a Third Party Attestation Proxy-Enabling Remote Attestation Model , 2008, 2008 International Conference on MultiMedia and Information Technology.

[100]  Raphael C.-W. Phan,et al.  Tampering with a watermarking-based image authentication scheme , 2008, Pattern Recognit..

[101]  Zhi Tang,et al.  An Efficient Contents Sharing Method for DRM , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.