Problem Analyses and Recommendations in DRM Security Policies

  • Youngseek Kim
  • Jessica Howard
  • Sharad Ravindranath
  • Joon S. Park
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5376)


We claim that the current digital rights management (DRM) technology and its related policy do not address customers’ needs in the perspective of availability, which–along with confidentiality and integrity–is one of the main security properties. Our research has focused on how the current security policy in regards to DRM addresses the availability as a main security property. We study the current policies of DRM in U.S. law, the fair use doctrine, and the Digital Millennium Copyright Act. Additionally, we look at policies at the market, examining how the recording industry has used DRM in both the past and present. We analyze how much the companies and distributors place unnecessary controls on customers by considering customers’ online resource usage. Finally, we suggest the market-level policy criteria as our possible solutions for the copyright owners, the distributors, and the general users.


Digital Rights Management DRM Security Policy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Koenen, B.H., Lacy, J., Mackay, M., Mitchell, S.: The Long to Interpoerable Digital Rights Management. IEEE 92(6), 883–897 (2004)CrossRefGoogle Scholar
  2. 2.
    Subramanya, S.R., Yi, B.K.: Digital Rights Management, pp. 31–34. IEEE, Los Alamitos (2006)Google Scholar
  3. 3.
    Kwok, S.H.: Digital Rights Management for the Online Music Business. ACM SIGecom Exchange 3(3), 17–24 (2002)CrossRefGoogle Scholar
  4. 4.
    Jeong, Y., Park, J., Kim, J., Yoon, K.: DRM Content Adaptation Scheme Between Different DRM Systems for Seamless Content Service, pp. 867–870. IEEE, Los Alamitos (2007)Google Scholar
  5. 5.
    Bellovin, S.: DRM, Complexity, and Correctness. IEEE Security & Privacy 80 (2007)Google Scholar
  6. 6.
    Layton, J.: How Digital Rights Management Works (2008) (Retrieved April 22, 2008),
  7. 7.
    Chang, K.-A., Lee, B.-R.: Multimedia Rights Management for the Multiple Devices of End-User. In: The 23rd International Conference on Distributed Computing Systems Workshops (2003)Google Scholar
  8. 8.
    Kravitz, D.W., Messerges, T.S.: Achieving Media Portability Through Local Content Translation and End-to-End Rights Management. In: DRM, Alexandria, Virginia, USA (2005)Google Scholar
  9. 9.
    Liu, Q., Safavi-Naini, R., Sheppard, N.P.: Digital Rights Management for Content Distribution. In: The Australasian Information Security Workshop, Adelaide, Australia (2003)Google Scholar
  10. 10.
    Nam, D.-W., Lee, J.-S., Kim, J.-H., Yoon, K.-S.: Interlock System for DRM Interoperability of Streaming Contents (2007)Google Scholar
  11. 11.
    Popescu, B.C., Crispo, B., Tanenbaum, A.S., Kamperman, F.L.A.J.: A DRM Security Architecture for Home Networks. In: DRM, Washington, DC, USA (2004)Google Scholar
  12. 12.
    U.S. Copyright Office. Circular 1 (2006a) (Retrieved April 22, 2008),
  13. 13.
    U.S. Copyright Office. Fair Use (2006b) (Retrieved April 22, 2008),
  14. 14.
    U.S. Copyright Office. The Digital Millennium Copyright Act of 1998. U.S. Copyright Office Summary (1998) (Retrieved April 22, 2008),
  15. 15.
    Bailey, J.: How to write an effective DMCA notice. BlogHerald (2007) (Retrieved April 28, 2008),
  16. 16.
    Jackson, M., Singh, S., Waycott, J., Beekhuyzen, J.: DRMs, Fair Use and Users’ Experience of Sharing Music. In: DRM, Alexandria, Virginia, USA (2005)Google Scholar
  17. 17.
    Brandl, D.: Root out rootkit problems. Control Engineering 53(4), 22 (2006)Google Scholar
  18. 18.
    Wood, M.: DRM this, Sony! (November 10, 2005) (Retrieved March 29, 2008),
  19. 19.
    Electronic Frontier Foundation. (n.d.) Sony BMG settlement FAQ (Retrieved March 29, 2008),
  20. 20.
    Felten, E.W.: A Skeptical View of DRM and Fair Use. Communications of the ACM 46(4), 57–59 (2003)CrossRefGoogle Scholar
  21. 21.
    Center for Management Research. (n.d.). Case Details. The Napster Controversy (Retrieved April 21, 2008),
  22. 22.
    Lombardi, C.: iTunes goes DRM-free with EMI. CNET (May 30, 2007) (Retrieved April 11, 2008),
  23. 23.
    Dybwad, B.: Napster Going DRM-free. Engadget (January 1, 2008) (Retrieved April 20, 2008),
  24. 24.
    Holahan, C.: Sony BMG Plans to Drop DRM. BusinessWeek (January 4, 2008) (Retrieved April 22, 2008),
  25. 25.
    Apple. iTunes now Number Two Music Retailer in the U.S (2008) ( Retrieved April 24, 2008),
  26. 26.
    Mulligan, D.K., Han, J., Burstein, A.J.: How DRM-Based Content Delivery Systems Disrupt Expectations of Personal Use. In: DRM, Washington, DC, USA (2003)Google Scholar
  27. 27.
    Mulligan, D.K.: Digital Rights Management and Fair Use by Design. Communications of the ACM 46(4), 31–33 (2003)CrossRefGoogle Scholar
  28. 28.
    Grodzinsky, F.S., Bottis, M.C.: Private Use as Fair Use: Is It Fair? SIGCAS Computers and Society 37(2), 11–24 (2007)CrossRefGoogle Scholar
  29. 29.
    Arnab, A., Hutchison, A.: Fairer Usage Contracts For DRM. In: DRM, Alexandria, Virginia, USA (2005)Google Scholar
  30. 30.
    Erickson, J.S.: Fair Use, DRM, and Trusted Computing. Communications of the ACM 46(4), 34–39 (2003)CrossRefGoogle Scholar
  31. 31.
    Kalker, T.: On Interoperability of DRM. In: DRM, Alexandria, Virgina, USA (2006)Google Scholar
  32. 32.
    Heileman, G.L., Jamkhedkar, P.A.: DRM Interoperability Analysis from the Perspective of a Layered Framework. In: DRM, Alexandria, Virginia, USA (2005)Google Scholar
  33. 33.
    Jackson, M., Shah, A.: The Impact of DRMs on Personal Use Expectations and Fair Dealing Rights. In: The Australasian Information Security Workshop, Newcastle, Australia (2005)Google Scholar
  34. 34.
    Taban, G., Cardenas, A.A., Gligor, V.D.: Towards a Secure and Interoperable DRM Architecture. In: DRM, Alexandria, Virginia, USA (2006)Google Scholar
  35. 35.
    Yague, M.I.: The Digital Information War. Online Information Review 31(1), 5–9 (2007)CrossRefGoogle Scholar
  36. 36.
    Cohen, J.E.: DRM and Privacy. Communications of the ACM 46(4), 47–49 (2003)CrossRefGoogle Scholar
  37. 37.
    Electronic Frontier Foundation. The Customer Is Always Wrong: A User’s Guide to DRM in Online Music (2008) (Retrieved April 24, 2008),
  38. 38.
    Foroughi, A., Albin, M., Gillard, H.: Issues and Opportunities in Digital Rights Management (June 2002) (Retrieved April 21, 2008),
  39. 39.
    Gardner, G.: DRM-free music will hurt the iPod (April 2007) (Retrieved April 22, 2008),
  40. 40.
    Jobs, S.: Thoughts on Music (February 6, 2007) (Retrieved April 10, 2008)
  41. 41.
    Recording Industry Association of America. (n.d. a). How much money does the recording industry lose from piracy? For Students (Retrieved April 20, 2008)
  42. 42.
    Recording Industry Association of America. (n.d. b). The Law. Piracy: Online and On the Street (Retrieved April 24, 2008),
  43. 43.
    Siy, S.: Amazons mp3s: no software restrictions, but legal ones (October 2007) (Retrieved April 20, 2008),

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Youngseek Kim
    • 1
  • Jessica Howard
    • 1
  • Sharad Ravindranath
    • 1
  • Joon S. Park
    • 1
  1. 1.School of Information StudiesSyracuse UniversitySyracuseUSA

Personalised recommendations