Enabling Fairer Digital Rights Management with Trusted Computing

  • Ahmad-Reza Sadeghi
  • Marko Wolf
  • Christian Stüble
  • N. Asokan
  • Jan-Erik Ekberg
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4779)

Abstract

Today, digital content is routinely distributed over the Internet, and consumed in devices based on open platforms. However, on open platforms users can run exploits, reconfigure the underlying operating system or simply mount replay attacks since the state of any (persistent) storage can easily be reset to some prior state. Faced with this difficulty, existing approaches to Digital Rights Management (DRM) are mainly based on preventing the copying of protected content thus protecting the needs of content providers. These inflexible mechanisms are not tenable in the long term since their restrictiveness prevents reasonable usage scenarios, and even honest users may be tempted to circumvent DRM systems.

In this paper we present a security architecture and the corresponding reference implementation that enables the secure usage and transfer of stateful licenses (and content) on a virtualized open platform. Our architecture allows for openness while protecting security objectives of both users (flexibility, fairer usage, and privacy) and content providers (license enforcement). In particular, it prevents replay attacks that is fundamental for secure management and distribution of stateful licenses. Our main objective is to show the feasibility of secure and fairer distribution and sharing of content and rights among different devices. Our implementation combines virtualization technology, a small security kernel, trusted computing functionality, and a legacy operating system (currently Linux).

Keywords

Trusted Computing security architectures stateful licenses 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Ahmad-Reza Sadeghi
    • 1
  • Marko Wolf
    • 1
  • Christian Stüble
    • 2
  • N. Asokan
    • 3
  • Jan-Erik Ekberg
    • 3
  1. 1.Horst-Görtz-Institute for IT-Security, Ruhr-University BochumGermany
  2. 2.Sirrix AG security technologiesGermany
  3. 3.Nokia Research Center, HelsinkiFinland

Personalised recommendations