Enabling Fairer Digital Rights Management with Trusted Computing

  • Ahmad-Reza Sadeghi
  • Marko Wolf
  • Christian Stüble
  • N. Asokan
  • Jan-Erik Ekberg
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4779)


Today, digital content is routinely distributed over the Internet, and consumed in devices based on open platforms. However, on open platforms users can run exploits, reconfigure the underlying operating system or simply mount replay attacks since the state of any (persistent) storage can easily be reset to some prior state. Faced with this difficulty, existing approaches to Digital Rights Management (DRM) are mainly based on preventing the copying of protected content thus protecting the needs of content providers. These inflexible mechanisms are not tenable in the long term since their restrictiveness prevents reasonable usage scenarios, and even honest users may be tempted to circumvent DRM systems.

In this paper we present a security architecture and the corresponding reference implementation that enables the secure usage and transfer of stateful licenses (and content) on a virtualized open platform. Our architecture allows for openness while protecting security objectives of both users (flexibility, fairer usage, and privacy) and content providers (license enforcement). In particular, it prevents replay attacks that is fundamental for secure management and distribution of stateful licenses. Our main objective is to show the feasibility of secure and fairer distribution and sharing of content and rights among different devices. Our implementation combines virtualization technology, a small security kernel, trusted computing functionality, and a legacy operating system (currently Linux).


Trusted Computing security architectures stateful licenses 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adelsbach, A., Sadeghi, A.-R., Rohe, M.: Towards multilateral secure digital rights distribution infrastructures. In: Proceedings of the ACM Workshop on Digital Rights Management (2005)Google Scholar
  2. 2.
    Apple Computer, Inc. FairPlay DRM,
  3. 3.
    Asokan, N., Ekberg, J.-E.: Mobile digital rights management. In: Professional Mobile Internet Technical Architecture – Visions & Implementations (2002)Google Scholar
  4. 4.
    Aura, T., Gollmann, D.: Software license management with smart cards. In: Proceedings of the First USENIX Workshop on Smartcard Technology (1999)Google Scholar
  5. 5.
    Authentica, Inc. Authentica active rights management,
  6. 6.
    Baek, K.-H., Smith, S.W.: Preventing theft of quality of service on open platforms. IEEE/CREATE-NET Workshop on Security and QoS in Communications Networks (September 2005)Google Scholar
  7. 7.
    Council, N.R.: The Digital Dilemma, Intellectual Property in the Information Age. National Academy Press, Washington, DC (2000)Google Scholar
  8. 8.
    Dierks, T., Allen, C.: RFC2246 - the TLS protocol version 1.0 (January 1999),
  9. 9.
    Epsilon Squared, Inc. InstallRite Version 2.5.,
  10. 10.
    Freitas, M., Roitzsch, M., Melanson, M., and Mattern, T.: The xine free multimedia player,
  11. 11.
    Hohmuth, M.: Linux-Emulation auf einem Mikrokern. Master’s thesis, Dresden University of Technology, Dept. of Computer Science (1996)Google Scholar
  12. 12.
    Koenen, R., Lacy, J., MacKay, M., Mitchell, S.: The long march to interoperable digital rights management. Proceedings of the IEEE 92(V) (2004)Google Scholar
  13. 13.
    Liedtke, J.: Towards real microkernels. Communications of the ACM 39 (September 1996)Google Scholar
  14. 14.
    Liu, Q., Safavi-Naini, R., Sheppard, N.P.: A license-sharing scheme in digital rights management. Tech. rep., Cooperative Research Centres - Smart Internet Technology, Australia (2004)Google Scholar
  15. 15.
    Marchesini, J., Smith, S., Wild, O., Barsamian, A., Stabiner, J.: Open-source applications of TCPA hardware. In: 20th Annual Computer Security Applications Conference (2004)Google Scholar
  16. 16.
    Marchesini, J., Smith, S.W., Wild, O., MacDonald, R.: Experimenting with TCPA/TCG hardware, or: How I learned to stop worrying and love the bear. Tech. Rep. TR2003-476, Dartmouth College (2003)Google Scholar
  17. 17.
    Microsoft Corporation. 60 days trial program,
  18. 18.
    Microsoft Corporation. Windows media rights manager 10,
  19. 19.
    Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A.: The PERSEUS system architecture. Tech. Rep. RZ 3335 (#93381), IBM Research Division, Zurich Laboratory (April 2001)Google Scholar
  20. 20.
    Pruneda, A., Travis, J.: Metering the use of digital media content with Windows Media DRM 10,
  21. 21.
    Robin, J.S., Irvine, C.E.: Analysis of the intel pentium’s ability to support a secure virtual machine monitor. In: Proceedings of the 9th USENIX Security Symposium (2000)Google Scholar
  22. 22.
    Russinovich, M.: Sony, rootkits and digital rights management gone too far (October 2005),
  23. 23.
    Sadeghi, A.-R., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: The New Security Paradigms Workshop (2004)Google Scholar
  24. 24.
    Sadeghi, A.-R., Wolf, M., Stüble, C., Asokan, N., Ekberg, J.-E.: Enabling Fairer Digital Rights Management with Trusted Computing. Tech. Rep. HGI-TR-2007-002, Horst-Görtz-Institute for IT-Security, Ruhr-University Bochum (June 2007)Google Scholar
  25. 25.
    Sailer, R., Valdez, E., Jaeger, T., Perez, R., van Doorn, L., Griffin, J.L., Berger, S.: sHype: Secure hypervisor approach to trusted virtualized systems. Tech. Rep. RC23511, IBM Research Division (2005)Google Scholar
  26. 26.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th USENIX Security Symposium (2004)Google Scholar
  27. 27.
    Shapiro, W., Vingralek, R.: How to manage persistent state in DRM systems. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, Springer, Heidelberg (2002)Google Scholar
  28. 28.
    Singaravelu, L., Pu, C., Helmuth, C., Härtig, H.: Reducing TCB complexity for security-sensitive applications: Three case studies. In: Eurosys Conference Proceedings, Leuven, Belgium (2006)Google Scholar
  29. 29.
    Starz Entertainment Group. Video on demand service,
  30. 30.
    Tanenbaum, A.: Keynote at (January 2007)Google Scholar
  31. 31.
    TCG Infrastructure Workgroup. Tcg infrastructure workgroup subject key attestation evidence extension specification version 1.0 revision 7Google Scholar
  32. 32.
    The Hymn Project. Free your iTunes Music Store purchases from their DRM restrictions (March 2007),
  33. 33.
    The Register. DVD Jon hacks Media Player file encryption (October 2005),
  34. 34.
    TrouSerS. The open-source TCG software stack,
  35. 35.
    Trusted Computing Group,
  36. 36.
    Trusted Computing Group. TPM main specification. Tech. rep.,
  37. 37.
    Tygar, J., Yee, B.: Dyad: a system using physically secure coprocessors. In: Technological Strategies for Protecting Intellectual Property in the Networked Multimedia Environment (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Ahmad-Reza Sadeghi
    • 1
  • Marko Wolf
    • 1
  • Christian Stüble
    • 2
  • N. Asokan
    • 3
  • Jan-Erik Ekberg
    • 3
  1. 1.Horst-Görtz-Institute for IT-Security, Ruhr-University BochumGermany
  2. 2.Sirrix AG security technologiesGermany
  3. 3.Nokia Research Center, HelsinkiFinland

Personalised recommendations