1 / 14

The MediaSnap ® Digital Rights Management System

The MediaSnap ® Digital Rights Management System. Priti Sabadra and Mark Stamp Department of Computer Science San Jose State University. This talk…. MediaSnap, Inc. What is DRM? Overview of MediaSnap DRM system Conclusions. What is DRM?. “Remote control” problem Digital book example

helene
Download Presentation

The MediaSnap ® Digital Rights Management System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The MediaSnap® Digital Rights Management System Priti Sabadra and Mark Stamp Department of Computer Science San Jose State University

  2. This talk… • MediaSnap, Inc. • What is DRM? • Overview of MediaSnap DRM system • Conclusions DRM

  3. What is DRM? • “Remote control” problem • Digital book example • Digital music, video, documents, etc. • Privacy DRM

  4. Persistent Protection Restrictions on use afterdelivery • No copying • Limited number of reads • Time limits • No forwarding • etc. DRM

  5. What to do? • The honor system (The Plant) • Give up (HIPAA, etc.) • Lame software-based DRM • Better software-based DRM • Tamper-resistant hardware http://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html DRM

  6. Current state of DRM • Security by obscurity (at best) • Secret designs (Kerckhoff’s Principle?) • Is crypto the answer? • “Whoever thinks his problem can be solved using cryptography, doesn’t understand his problem and doesn’t understand cryptography.” --- Attributed by Roger Needham and Butler Lampson to each other DRM

  7. MediaSnap’s DRM system • Secure Document Server (SDS) • PDF plugin (or reader) • Security stuff… DRM

  8. Protecting a document encrypt Sender persistent protection Recipient SDS DRM

  9. Security issues • Server (SDS) • Protect keys, authentication data, etc. • Apply persistent protection • Client (Reader/PDF plugin) • Protect keys, authenticate, etc. • Enforce persistent protection DRM

  10. Document reader security Tamper-resistance Obscurity DRM

  11. Obscurity • Key management • Authentication • Caching (keys, authentication, etc.) • Encryption and “scrambling” • Key parts (data and code) • Multiple keys DRM

  12. Other security features • Module tamper checking (hashing) • Anti-screen capture • Watermarking • “Unique-ification” • Code “fragilization” • OS issues DRM

  13. Conclusions • Current DRM systems are weak • Ideal software-based DRM features… • Individual content is non-trivial to attack • Overall system survives repeated attacks • Is this possible? DRM

  14. More info… • M. Stamp, Digital rights management: The technology behind the hype, to appear in Journal of Electronic Commerce Research, http://home.earthlink.net/~mstamp1/papers/DRM.doc • M. Stamp, Risks of digital rights management, Communications of the ACM, http://www.csl.sri.com/users/neumann/insiderisks.html#147 • M. Stamp, Digital rights management: For better or for worse?, ExtremeTech, http://www.extremetech.com/article2/0,3973,1051610,00.asp DRM

More Related