Requirements for enforcing digital rights management in multicast content distribution

In this paper, we have collected the requirements for Digital Rights Management from various sources, and presented them as a set of 11 requirements, associated with five categories. We discuss each requirement, provide the motivation for each entry, and illustrate how each one could be achieved. Four example commercial DRM systems are briefly explained, and the requirements that they meet are presented in tabular format. None of the example systems meet all the requirements that we have listed. The security threats that are faced by DRM systems are briefly discussed. All of the example systems are based on unicast data distribution. The use of multicast data distribution can help the source of the data and the underlying network to reduce their resource requirements when distributing high-quality content at minimum cost and delay. Up to now, there has been little motivation to use standard Internet Protocol multicast because it does not support any protection mechanisms for the delivered data. Given that significant progress has been made by other researchers in providing “secure” multicast data distribution, we explore how the use of secure multicast as a distribution technology can bring significant improvement for some requirements, while making the achievement of others more difficult. We review how the architecture of the distribution must change to permit capturing the advantages of multicast distribution while retaining as much as possible the features of unicast systems. Some open problems are identified.

[1]  Brian Weis,et al.  The Multicast Group Security Architecture , 2004, RFC.

[2]  Stefanos Gritzalis,et al.  Integration of non-repudiation services in mobile DRM scenarios , 2007, Telecommun. Syst..

[3]  J. William Atwood,et al.  Sender access and data distribution control for inter-domain multicast groups , 2010, Comput. Networks.

[4]  Andrew Hutchison,et al.  Requirement Analysis of Enterprise DRM Systems , 2005, ISSA.

[5]  Moon-Seog Jun,et al.  A Study on DRM System for On/Off Line Key Authentication , 2006, Security and Management.

[6]  J. William Atwood,et al.  Multicast receiver access control by IGMP-AC , 2009, Comput. Networks.

[7]  Roger Midtstraum,et al.  Software-Based Copy Protection for Temporal Media During Dissemination and Playback , 2005, ICISC.

[8]  N. Sulaiman Performance Evaluation of Traffic Mix in IP Based Networks , 2007 .

[9]  Alapan Arnab,et al.  Digital Rights Management — A current review , 2004 .

[10]  Mikhail J. Atallah,et al.  A Survey of Anti-Tamper Technologies , 2004 .

[11]  Yuichiro Kanzaki,et al.  Software obfuscation from crackers' viewpoint , 2006, ACST.

[12]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[13]  Chi-Hung Chi,et al.  Survey on the Technological Aspects of Digital Rights Management , 2004, ISC.

[14]  Thomas S. Messerges,et al.  Digital rights management in a 3G mobile phone and beyond , 2003, DRM '03.

[15]  Edward W. Felten,et al.  Digital rights management, spyware, and security , 2006, IEEE Security & Privacy Magazine.

[16]  Ted Taekyoung Kwon,et al.  Contents distribution system based on MPEG-4 ISMACryp in IP set-top box environments , 2006, IEEE Transactions on Consumer Electronics.

[17]  Andrew Hutchison,et al.  Persistent access control: a formal model for drm , 2007, DRM '07.

[18]  Lixia Zhang,et al.  Resource ReSerVation Protocol (RSVP) - Version 1 Functional Specification , 1997, RFC.

[19]  Amy Friedlander,et al.  D-Lib Magazine: Publishing as the Honest Broker , 1998 .

[20]  J. William Atwood,et al.  A Policy Framework for Multicast Group Control , 2007, 2007 4th IEEE Consumer Communications and Networking Conference.

[21]  Paul England,et al.  The Darknet and the Future of Content Distribution , 2003 .

[22]  J. William Atwood,et al.  A Framework to Add AAA Functionalities in IP Multicast , 2006, Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services (AICT-ICIW'06).

[23]  Reihaneh Safavi-Naini,et al.  Digital Rights Management , 2005, Wirtschaftsinf..

[24]  Russ Housley,et al.  Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) , 2004, RFC.

[25]  Reihaneh Safavi-Naini,et al.  Digital Rights Management for Content Distribution , 2003, ACSW.

[26]  Tsunemasa Hayashi,et al.  Requirements for Multicast AAA coordinated between Content Provider(s) and Network Service Provider(s) , 2010 .

[27]  Sjouke Mauw,et al.  Core security requirements of DRM systems , 2005 .

[28]  Tiejun Huang Evolvement of DRM Schema: From Encryption to Interoperability and Monitoring , 2007, MCAM.

[29]  Christian Neubauer,et al.  Technical Aspects of Digital Rights Management Systems , 2002 .

[30]  Edward J. Delp,et al.  Advances in Digital Video Content Protection , 2005, Proceedings of the IEEE.

[31]  J. William Atwood,et al.  Scalable solutions for secure group communications , 2007, Comput. Networks.

[32]  R. Mori,et al.  Superdistribution : the concept and the architecture , 1990 .

[33]  Jason Flinn,et al.  Cobalt: Separating Content Distribution from Authorization in Distributed File Systems , 2007, FAST.

[34]  山口 英,et al.  第44回「21世紀の日本を考える」研究会 DRM(Digital Rights Management)--デジタル化時代の著作権管理を考える , 2005 .

[35]  Nasir D. Memon,et al.  Preventing Piracy, Reverse Engineering, and Tampering , 2003, Computer.

[36]  J. W. Atwood An Architecture for Secure and Accountable Multicasting , 2007 .

[37]  Tsunemasa Hayashi,et al.  AAA and Admission Control Framework for Multicasting , 2010 .

[38]  Radek Vingralek,et al.  How to Manage Persistent State in DRM Systems , 2001, Digital Rights Management Workshop.

[39]  B Weis Cisco,et al.  The Multicast Group Security Architecture", RFC 3740 , 2004 .

[40]  S. Islam,et al.  Multicast receiver access control by IGMP-AC q , 2009 .

[41]  Maria Nickolova,et al.  CONCEPTUAL MODEL AND SECURITY REQUIREMENTS FOR DRM TECHNIQUES USED FOR E-LEARNING OBJECTS PROTECTION , 2007 .

[42]  Greg Hoglund,et al.  Rootkits: Subverting the Windows Kernel , 2005 .

[43]  Renato Iannella,et al.  Digital Rights Management (DRM) Architectures , 2001, D Lib Mag..

[44]  James Irwin Digital Rights Management: The Open Mobile Alliance DRM specifications , 2004, Inf. Secur. Tech. Rep..