Skip to main content
SpringerLink
Log in

Digital Rights Management Using a Master Control Device

  • Conference paper
Advances in Computer Science – ASIAN 2007. Computer and Network Security (ASIAN 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4846))

Included in the following conference series:

Abstract

This paper focuses on the problem of preventing the illegal copying of digital content whilst allowing content mobility within a single user domain. This paper proposes a novel solution for binding a domain to a single owner. Domain owners are authenticated using two-factor authentication, which involves “something the domain owner has”, i.e. a Master Control device that controls and manages consumers domains, and binds devices joining a domain to itself, and “something the domain owner is or knows”, i.e. a biometric or password/PIN authentication mechanism that is implemented by the Master Control device . These measures establish a one-to-many relationship between the Master Control device and domain devices, and a one-to-one relationship between domain owners and their Master Control Devices, ensuring that a single consumer owns each domain. This stops illicit content proliferation. Finally, the pros and cons of two possible approaches to user authentication, i.e. the use of a password/PIN and biometric authentication mechanisms, and possible countermeasures to the identified vulnerabilities are discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abbadi, I.: Digital asset protection in personal private networks. In: 8th International Symposium on Systems and Information Security (SSI 2006), Sao Jose dos Campos, Sao Paulo, Brazil (November 2006)

    Google Scholar 

  2. Carden, N.: iTunes and iPod in the enterprise. The Journal of the International Systems Security Association, 22–25 (May 2007)

    Google Scholar 

  3. Chen, L., Pearson, S., Vamvakas, A.: On enhancing biometric authentication with data protection. In: Proceedings of the Fourth International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies, vol. 1, pp. 249–252. IEEE, Los Alamitos (2000)

    Google Scholar 

  4. Dabbish, E.A., Messerges, T.S.: Digital rights management in a 3G mobile phone and beyond. In: Feigenbaum, J., Sander, T., Yung, M. (eds.) Proceedings of the 3rd ACM workshop on Digital Rights Management, pp. 27–38. ACM Press, New York (2003)

    Google Scholar 

  5. Gallery, E., Tomlinson, A.: Secure delivery of conditional access applications to mobile receivers. In: Mitchell, C.J. (ed.) Trusted Computing, ch. 7, pp. 195–237. IEEE, Los Alamitos (2005)

    Google Scholar 

  6. Trusted Computing Group.: Trusted platform module FAQ

    Google Scholar 

  7. Günther, A., Hoene, C.: Measuring round trip times to determine the distance between WLAN nodes. In: Boutaba, R., Almeroth, K.C., Puigjaner, R., Shen, S., Black, J.P. (eds.) NETWORKING 2005. LNCS, vol. 3462, pp. 768–779. Springer, Heidelberg (2005)

    Google Scholar 

  8. Huffaker, B., Fomenkov, M., Plummer, D.J., Moore, D., Claffy, K.: Distance metrics in the Internet. In: IEEE International Telecommunications Symposium (2002), http://www.caida.org/publications/papers/2002/Distance/distance.pdf

  9. IBM Research Division Almaden Research Center.: xCP cluster protocol (2003), http://www-03.ibm.com/solutions/digitalmedia/doc/content/bin/xCPWhitepaper_final_1.pdf

  10. International Organization for Standardization.: ISO/IEC 21481: Information technology — Telecommunications and information exchange between systems — Near Field Communication Interface and Protocol -2 (NFCIP-2) (2005)

    Google Scholar 

  11. International Organization for Standardization.: ISO/IEC 18033-2, Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers (2006)

    Google Scholar 

  12. Liu, S., Silverman, M.: A practical guide to biometric security technology. IT Professional 3(1), 27–32 (2001)

    Article  Google Scholar 

  13. Maltoni, D., Maio, D., Jain, A.K., Prabahakar, S.: Handbook of Fingerprint Recognition. Springer, Berlin (2003)

    MATH  Google Scholar 

  14. Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of artificial ‘gummy’ fingers on fingerprint systems. In: Proceedings of SPIE, vol. 4677, pp. 275–289 (2002)

    Google Scholar 

  15. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol — OCSP. RFC 2560, Internet Engineering Task Force (June 1999)

    Google Scholar 

  16. Open Mobile Alliance.: DRM Specification — Version 2.0 (2006)

    Google Scholar 

  17. Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Proceedings of the 9th ACM conference on Computer and communications security, pp. 161–170. ACM Press, New York (2002)

    Chapter  Google Scholar 

  18. Popescu, B.C., Kamperman, F.L.A.J., Crispo, B., Tanenbaum, A.S.: A DRM security architecture for home networks. In: Feigenbaum, J., Sander, T., Yung, M. (eds.) Proceedings of the 4th ACM workshop on Digital Rights Management, pp. 1–10. ACM Press, New York (2004)

    Chapter  Google Scholar 

  19. Rowell, L.F.: The ballad of DVD JON. netWorker 10(4), 28–34 (2006)

    Article  MathSciNet  Google Scholar 

  20. Thomson.: SmartRight technical white paper (2003), http://www.smartright.org/images/SMR/content/SmartRight_tech_whitepaper_jan28.pdf

  21. Toth, B.: Biometric liveness detection. The International Journal For Information Assurance Professionals 10(8), 291–298 (2005)

    Google Scholar 

  22. Trusted Computing Group.: Infrastructure Working Group Architecture, Part II, Integrity Management. Specification version 1.0 Revision 1.0 (2006)

    Google Scholar 

  23. Trusted Computing Group.: TPM Main, Part 1, Design Principles. Specification version 1.2 Revision 94 (2006)

    Google Scholar 

  24. Trusted Computing Group.: TPM Main, Part 2, TPM Structures. Specification version 1.2 Revision 94 (2006)

    Google Scholar 

  25. Trusted Computing Group.: TPM Main, Part 3, Design Principles. Specification version 1.2 Revision 94 (2006)

    Google Scholar 

  26. Weiss, A.: Will the open, unrestricted PC soon become a thing of the past? Journal of Trusted Computing 10(3), 18–25 (2006)

    Google Scholar 

  27. Wiedenbeck, S., Birget, J.-C., Brodskiy, A., Waters, J., Memon, N.: Authentication using graphical passwords: Effects of tolerance and image choice. In: Proceedings of the 2005 symposium on Usable privacy and security, pp. 1–12. ACM Press, New York (2005)

    Chapter  Google Scholar 

  28. Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: Proceedings of the working conference on Advanced visual interfaces, pp. 177–184. ACM Press, New York (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    Imad M. Abbadi

Authors
  1. Imad M. Abbadi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Iliano Cervesato

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abbadi, I.M. (2007). Digital Rights Management Using a Master Control Device. In: Cervesato, I. (eds) Advances in Computer Science – ASIAN 2007. Computer and Network Security. ASIAN 2007. Lecture Notes in Computer Science, vol 4846. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76929-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-76929-3_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-76927-9

  • Online ISBN: 978-3-540-76929-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation