Skip to main content
SpringerLink
Log in

Requirements for enforcing digital rights management in multicast content distribution

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

In this paper, we have collected the requirements for Digital Rights Management from various sources, and presented them as a set of 11 requirements, associated with five categories. We discuss each requirement, provide the motivation for each entry, and illustrate how each one could be achieved. Four example commercial DRM systems are briefly explained, and the requirements that they meet are presented in tabular format. None of the example systems meet all the requirements that we have listed. The security threats that are faced by DRM systems are briefly discussed. All of the example systems are based on unicast data distribution. The use of multicast data distribution can help the source of the data and the underlying network to reduce their resource requirements when distributing high-quality content at minimum cost and delay. Up to now, there has been little motivation to use standard Internet Protocol multicast because it does not support any protection mechanisms for the delivered data. Given that significant progress has been made by other researchers in providing “secure” multicast data distribution, we explore how the use of secure multicast as a distribution technology can bring significant improvement for some requirements, while making the achievement of others more difficult. We review how the architecture of the distribution must change to permit capturing the advantages of multicast distribution while retaining as much as possible the features of unicast systems. Some open problems are identified.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Coyle, K. (2003). The technology of rights: digital rights management. Based on a talk originally given at the Library of Congress. http://www.kcoyle.net/drm_basics.pdf. Accessed 11 Oct 2008.

  2. Biddle, P., England, P., Peinado, M., & Willman, B. (2002). The darknet and the future of content distribution. In Proceedings of 2002 ACM DRM workshop. http://msl1.mit.edu/ESD10/docs/darknet5.pdf. Accessed 11 Oct 2008.

  3. Braden, R. Ed., Zhang, L., Berson, S., Herzog, S., & Jamin, S. (1997). Resource ReSerVation protocol (RSVP)—version 1 functional specification. IETF RFC 2205.

  4. Techtarger (2006). Digital rights management. http://searchcio.techtarget.com/sDefinition/0,,sid182_gci493373,00.html. Accessed 12 Oct 2008.

  5. Techterms (2008). DRM (digital rights management). http://www.techterms.com/definition/drm. Accessed 12 Oct 2008.

  6. InterTrust. http://www.intertrust.com/main/overview/drm.html.

  7. Arnab, A., & Hutchison, A. (2004). Digital rights management—an overview of current challenges and solutions. In H. S. Venter, J. H. P. Eloff, L. Labuschagne, & M. M. Eloff (Eds.), Proceedings information security South Africa (ISSA), Gallagher Estate, Midrand, South Africa. http://pubs.cs.uct.ac.za/archive/00000139/01/arnab_hutchison_issa2004.pdf. Accessed 11 Oct 2008.

  8. Huang, T. (2007). Evolution of DRM schema: from encryption to interoperability and monitoring. In LNCS : Vol. 4577. MCAM 2007. Berlin: Springer.

    Google Scholar 

  9. Deering, S. E. (1989). Host extensions for IP multicasting. IETF RFC 1112.

  10. Multicast Security (MSEC), IETF working group. http://www.ietf.org/html.charters/msec-charter.html. 1 August 2007.

  11. Hardjono, T. V. (2004). The multicast group security architecture. RFC 3740.

  12. Mukherjee, R., & Atwood, J. W. (2007). Scalable solutions for secure group communications. Computer Networks, 51, 12.

    Article  Google Scholar 

  13. Islam, S., & Atwood, J. W. (2009). Multicast receiver control by IGMP-AC. Computer Networks, 53(7), 989–1013.

    Article  Google Scholar 

  14. Islam, S., & Atwood, J. W. (2008). Sender access and data distribution control for inter-domain multicast groups. Computer Networks (submitted).

  15. Islam, S., & Atwood, J. W. (2007). A policy framework for multicast group control. In Proceedings of the IEEE workshop on peer-to-peer multicasting (P2PM2007), Las Vegas, NV (pp. 1103–1107).

  16. Atwood., J. W. (2007). An architecture for secure multicast. In Proceedings of the 32nd annual conference on local computer networks (LCN 2007) (pp. 73–78). doi:10.1109/LCN.2007.123.

  17. Hayashi, T., He, H., Satou, H., Ohta, H., & Vaidya, S. (2009). Requirements for multicast AAA coordinated between content provider(s) and network service provider(s). draft-ietf-mboned-maccnt-req (work in progress).

  18. Satou, H., Ohta, H., Jacquenet, C., Hayashi, T., & He, H. (2009). AAA and admission control framework for multicasting. draft-ietf-mboned-multiaaa-framework (work in progress).

  19. Pankajakshan., B., & Parker., B. J. (2007). U.S. 7,191,332 B1: Digital rights management for multicasting content distribution. Assigned to Sprint Communications Company L.P., Overland Park, Kans. Appl. No. 10/441,748.

  20. Hayashi, T., He, H., Satou, H., Ohta, H., & Vaidya, S. (2008). Requirements for multicast AAA coordinated between content provider(s) and network service provider(s). Internet draft draft-ietf-mboned-maccnt-req-06. http://tools.ietf.org/html/draft-ietf-mboned-maccnt-req-06. Accessed 11 Oct 2008.

  21. Nickolova, M., & Nickolov, E. (2007). Conceptual model and security requirements for DRM techniques used for e-learning objects protection. Information Technologies and Knowledge, 1(2007), 93–99. http://www.foibg.com/ijitk/ijitk-vol01/ijitk01-1-p18.pdf. Accessed 12 Nov. 2009.

  22. Jonker, H. L., & Mauw, S. (2007). Core security requirements of DRM systems. In Digital rights management, ICFAI book series, ICFAI, India. http://satoss.uni.lu/members/hugo/publications.php. Accessed 11 Oct 2008.

  23. Arnab, A., & Hutchion, A. (2005). Requirement analysis of enterprise DRM systems. In Proceedings information security South Africa, Hotel Balalaika, Sandton, Johannesburg. http://pubs.cs.uct.ac.za/archive/00000205/01/arnab_hutchison_issa_2005_final.pdf. Accessed 11 Oct 2008.

  24. OMA (2006). OMA DRM requirements. Candidate version 2.1. 10 Oct 2006.

  25. Iannella, R. (2001). Digital rights management (DRM) architectures. D-Lib Magazine, 7(6). http://www.dlib.org/dlib/june01/iannella/06iannella.html. Accessed 12 Oct 2008.

  26. Sonera Plaza Ltd. (2002). Digital rights management. White paper. http://www.medialab.sonera.fi/workspace/DRMWhitePaper.pdf. Accessed 13 Oct 2008.

  27. Liu, Q., Safavi-Naini, R., & Sheppard, N. P. (2003). Digital rights management for content distribution. In Australasian information security workshop 2003.

  28. Arnab, A., & Hutchison, A. (2007). Persistent access control: a formal model for drm. In Proceedings of the 2007 ACM workshop on digital rights management (Alexandria, Virginia, USA). http://pubs.cs.uct.ac.za/archive/00000411/03/acmdrm07-arnab.pdf. Accessed 12 Oct 2008.

  29. Lin, E. I., Eskicioglu, A. M., Lagendijk, R. L., & Delp, E. J. (2005). Advances in digital video content protection. In Proceedings IEEE, special issue on multimedia security for digital rights management.

  30. Onieva, J. A., Lopez, J., Roman, R., Zhou, J., & Gritzalis, S. (2007). Integration of non-repudiation services in mobile DRM scenarios. Telecommunication Systems, 35(3–4), 161–176.

    Article  Google Scholar 

  31. Irwin, J. (2004). The open mobile alliance DRM specifications (Information Security Technical Report, Vol. 9).

  32. Kamat, M. (2002). Security requirement for digital rights management. In The proceedings of ISECON 2002 (Vol. 19) (San Antonio): 353b.

  33. Bar-El, H. Challenges standardizing renewable broadcast security. WhitePaper. http://www.hbarel.com/publications/Challenges_of_Standardizing_Renewable_Broadcast_Security.pdf. Accessed 12 Oct 2008.

  34. Grimen, G., Mönch, C., & Midtstraum, R. (2005). Software-based copy protection for temporal media during dissemination and playback. In LNCS : Vol. 3935. The 8th international conference on information security and cryptology. Berlin: Springer.

    Google Scholar 

  35. Pruneda, A. (2001). Windows media technologies: using windows media rights manager to protect and distribute digital media. MSDN Magazine. December 2001. Microsoft Corporation. http://msdn.Microsoft.com/msdnmag/issues/01/12/DRM/default.aspx.

  36. Open Mobile Alliance. http://www.openmobilealliance.org/. Acceseed 12 Nov. 2009.

  37. Johansson, J. M., & Grimes, R. (2008). The great debate: security by obscurity. http://technet.Microsoft.com/en-us/magazine/cc510319.aspx. Accessed 27 August 2008.

  38. Naumovich, G., & Memo, N. (2003). Preventing privacy, reverse engineering, and tampering. Computer, 36, 64–71.

    Article  Google Scholar 

  39. Felten, E. W., & Halderman, J. A. (2006). Rootkits: digital rights management, spyware, and security. Los Alamitos: IEEE Comput. Soc.

    Google Scholar 

  40. Mori, R., & Kawahara, M. (1990) Superdistribution: the concept and the architecture. Transaction of the IEICE, E73(7).

  41. Arsenova, E. (2002). Technical aspects of digital rights management. http://wob.iai.uni-bonn.de/Wob/images/01212504.pdf. Accessed 13 Oct 2008.

  42. OMA (2008). DRM architecture OMA. Candidate version 2.1—05 Aug 2008. http://www.openmobilealliance.org/Technical/release_program/drm_archive.aspx. Accessed 12 Oct 2008.

  43. Oma, V. (2008). DRM content format. Approved version 2.0.1.

  44. Doehla, S. (2007). DVB-H handheld video content protection with ISMA encryption. http://www.videsignline.com/howto/196801482;jsessionid=NJUVNBYZXPEYQQSNDLPSKHSCJUNN2JVN. Accessed 24 Feb. 2009.

  45. Windows Mobile 6 Device Types—Smartphones & PDAs. http://pocketpccentral.net/smartphone/help/general/wm6_naming_scheme.htm. Accessed 31 March 2008.

  46. Redmond, W. (2004). Microsoft announces new version of windows media digital rights management software. http://www.Microsoft.com/presspass/press/2004/may04/05-03DigitalRightsManagementTechnologyPR.mspx. Accessed 31 March 2008.

  47. Jang, K. W., Park, C. K., Kim, J. J., & Jun, J. J. (2006). A study on DRM system for on/off line key authentication. IJCSNS International Journal of Computer Science and Network Security, 6(2B), 233–238.

    Google Scholar 

  48. Arnab, A. (2007). Towards a general framework for digital rights management (DRM). Ph.D., Department of Computer Science, University of Cape Town, 2007. http://pubs.cs.uct.ac.za/archive/00000448/01/alapan.arnab.thesis.final.pdf. Accessed 31 March 2008.

  49. Windows Media Digital Rights Management. http://msdn2.Microsoft.com/en-us/windowsmedia/bb190317.aspx. Accessed 31 March 2008.

  50. Rosenblatt, B. (2005). Enterprise DRM—technology comparison: authentica active rights management and Microsoft windows rights management services. http://www.drmwatch.com/special/article.php/11579_3519841_5. Accessed 31 March 2008.

  51. Microsoft. Windows media rights manager providers. http://www.Microsoft.com/windows/windowsmedia/forpros/drm/supgrade.aspx. Accessed 31 March 2008.

  52. Screamer, B. (2001). Microsoft’s digital rights management scheme—technical details. http://cryptome.org/ms-drm.htm. Accessed Oct. 27 2007.

  53. Ku, B., & Chi, C. (2004). Survey on the technological aspects of digital rights management. In ISC 2004.

  54. Messerges, T. S., & Dabbish, E. A. (2003). Digital rights management in a 3G mobile phone and beyond. In Proceedings of the 2003 ACM workshop on digital rights management, Washington, DC.

  55. ISMA (2006). ISMA implementation specification. http://www.isma.tv/. Accessed 23 Feb. 2009.

  56. Park, S., Jeong, J., & Kwon, T. (2006). Contents distribution system based on MPEG-4 ISMACryp in IP Set-top box environments. IEEE Transactions on Consumer Electronics, 52(2), 660–668.

    Article  Google Scholar 

  57. Housley, R., & Security, V. (2004). Using advanced encryption standard (AES) counter mode with ipsec encapsulating security payload (ESP). IETF RFC 3686.

  58. Hoglund, G., & Butler, J. (2005). Rootkits: subverting the Windows kernel. Reading: Addison-Wesley.

    Google Scholar 

  59. Bryant, E. D., Atallah, M. J., & Stytz, M. R. (2004). A survey of Anti-Tamper technologies. CrossTalk. The Journal of Defense Software Engineering, 17(11), 12–16. http://www.arxan.com/ATknowledgePortal/pdfs/Crosstalk-Article-A-Surve-of-AntiTamper-Technologies.pdf. Accessed 13 March 2008.

    Google Scholar 

  60. Coyle, K. (2006). Software obfuscation from Crackers’ viewpoint. In Proceedings of the IASTED international conference advances in computer science and technology, Puerto Vallarta, Mexico.

  61. Shapiro, W., & Vingralek, R. (2001). How to manage persistent state in DRM systems. (Technical Report). http://citeseer.ist.psu.edu/shapiro01how.html. Accessed 9 Nov 2007.

  62. Veeraraghavan, K., Myrick, A., & Flinn, J. (2007). Cobalt: separating content distribution from authorization in distributed file systems. In FAST’07: proceedings of the 5th USENIX conference on file and storage technologies.

  63. Vadera, A. (1999). SCAMP: Scalable Multicast Protocol for Communication in Large Groups. http://www.cse.iitk.ac.in/research/mtech1997/9711105/all.html. Accessed 12 Oct 2008.

  64. Islam, S., & Atwood, J. W. (2006). A framework to add AAA functionalities in IP multicast. In Proceedings of advanced international conference on telecommunications (AICT’06), Guadeloupe, French Caribbean.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Software Engineering, Concordia University, 1455 De Maisonneuve Blvd. West, Room EV 8.139, Montreal, QC, H3G 1M8, Canada

    Malek Barhoush

  2. Department of Computer Science and Software Engineering, Concordia University, 1455 De Maisonneuve Blvd. West, Room EV 3.185, Montreal, QC, H3G 1M8, Canada

    J. William Atwood

Authors
  1. Malek Barhoush
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. J. William Atwood
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to J. William Atwood.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Barhoush, M., Atwood, J.W. Requirements for enforcing digital rights management in multicast content distribution. Telecommun Syst 45, 3–20 (2010). https://doi.org/10.1007/s11235-009-9231-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11235-009-9231-4

Search

Navigation