Method for Electronic Content. Distribution and Right Management. Abstract

Size: px
Start display at page:

Download "Method for Electronic Content. Distribution and Right Management. Abstract"

Transcription

1 Method for Electronic Content Distribution and Right Management Abstract The present paper proposes a method for managing the copyright of electronic content, especially huge size documents. The user, the owner of a dedicated device embedded with a secure module, can make use of encrypted documents after he/she is authenticated by a trusted party or clearinghouse. And the content can only be used on the designated device. This model supports super-distribution and corporate purchasing. The present paper can protect participants from abrupt network connection breakdown. 1. Background In most cases, buying books electronically means browsing bookseller s Web site (e.g. starting to search a database, paying with a credit card, and having the book shipped. The buying process incorporates rapidly evolving technologies, but the content remains decidedly low-tech: paper, ink, and glue. Electronic books (ebooks) have the potential to easily assemble personal libraries of fiction, reference books and publications. Digital content can be copied and disseminated easily and without any degradation in quality. Digital security of lawsuits can not stop Internet theft of content. Stephen King encrypted his novel Riding the Bullet and published its Internet distribution for PC in 2000, the key was hacked and posted on the Internet in less than 24 hours after its release. The publishing industry stands to lose $1.5 billion through ebook piracy by 2005 (Forrester Research, Content Out of Control, Sept. 2000). However, with the growing demand for digital content, publishers, distributors, and Web retailers are looking for safe and effective ways to sell and distribute documents electronically. They have learned a lesson from watching the music industry struggling with the consequences of digital music distribution. Wary of making the same mistakes, they will not fully embrace the electronic commerce of digital content 1

2 until they can implement digital rights protection mechanisms that are fully customisable, and appropriately secure. US5,513,260, entitled Method and Apparatus for Copy Protection for Various Recording Media, provides a method and apparatus for copyright protection for various recording media such as compact discs (CDs). Coupled with the combination of encrypting methods, an authenticating signature is recorded on the media when copy protection is required. The nature of this authenticating signature is that it will not be transferred to private copies made on CD recorders and it is necessary to play the protected medium. US4,903,296, entitled Implementing a Shared Higher Level of Privilege on Personal Computers for Copy Protection of Software, restricts software distributed on magnetic media, to use on a single computing machine. The original medium can not be copied functionally, until it is modified by the execution of a program stored in a tamper proof co-processor, which forms a part of the computing machine. The modified software on the original medium or its copy is operable only on the computing machine containing the co-processor that performed the modification. WO9,842,098A1, Digital Product Rights Management Technique, enables a digital product to be freely distributed through uncontrolled channels in encrypted form. Security fragment(s) of the product are stored in a license server. To purchase a license, reader software at the user side provides to the server a signature, which the license server uses to encrypt the product decryption key and the security fragments. To make use of the product, a new signature is generated and used to decrypt the product fragments. US6,006,332, with the title of Rights Management System for Digital Media, is provided for controlling access to digitised data. An unsecure client is provided with a launch pad program which is capable of communicating with a secure Rights Management (RM) server. The launch pad will communicate with the secured RM server and request the digitised data corresponding to the controlled object. The RM server transmits this information to the launch pad. To handle this data, the launch pad requests an appropriate RM browser from the RM server. Based on this request, an 2

3 appropriate RM browser is obtained, and authentication and security information are inscribed. Prior to use, an authentication procedure is undertaken between the launch pad and the RM server to authenticate the RM browser. Further prior art references include: US Pat. 5,935,246, Glenn Stuart Benson, Electronic Copy Protection Mechanism using challenge and response to prevent unauthorised execution of software US Pat. 5,986,690, John S. Hendricks, Electronic Book Selection and Delivery system US4,866,769, Karp Alan Hersh, Hardware Assist for Protecting PC Software M. A. Kaplan, IBM Cryptolopes TM, Super-Distribution and Digital Rights Management, R. Mori and M. Kawahara, Superdistribution: The Concept and the Architecture, IEICE Transactions, Vol. E.73, No. 7, July J. Menezes, P. C. van Oorschot, S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, Summary The present paper provides a method for secure distributing electronic books. The digital content can be read on a dedicated device with a tamperproof unit that can execute security function. Without loss of generality, we assume the content is stored on a CD-ROM. Any content buyer can obtained a CD-ROM as well as an access card. Nobody but the buyer can read the information of the access card. The content is encrypted in advance and a clearinghouse keeps the decryption key, which is required to decrypt the content on the CD-ROM. To make use of the content, the user s device submits a request to the clearinghouse. The clearinghouse sends a response message including a ciphertext generated by encrypting the content decryption key with the device secret key. The ciphertext other than the content decryption key is stored on the device. Only the secure module of the device can make use of the ciphertext. Should the user lost the ciphertext, the user can recover it with the help of the clearinghouse. 3

4 3. Description of the Drawings Figure 1 illustrates the relationship of the various parties involved. The producers 100 provide the encrypted content to the retailers 120, the decryption keys are stored in the clearinghouse 110. The clearinghouse is the trusted party of the system. The retailers sell products to the users 130. Figure 2 is the block diagram of the user device. The device 200 comprises video interface 220, which outputs to terminal 210; storage device 230; network interface 240 used to communicate with network 290; processor 250 acting as a general computer CPU; I/O interface 260; keyboard 280 and secure module 270 embedded with a device secret key. Any operation related to the device secret key is executed in module 270. Figure 3 is the database structure of the clearinghouse. The database 300 includes two parts. One is for management of decryption key. This component 310 has CD-ROM serial number 312 and content decryption key 318. The other is for management of access card, used to record the history of access card, device and CD-ROM. This component 350 includes card information 352, device serial numbers 354 (default is null) and CD-ROM serial numbers 356 (default is null). Figure 4 introduces the content of access card. The card 400 comprises of the CD- ROM serial number 410 (optional), number of licenses 420 can be some forms of money or the number of legal devices or CD-ROM, expire date 430 and card serial number 440. If one license is granted to a device, the device can make use of one kind of CD-ROM. Figure 5 is the flowchart of the operation of the preferred embodiment. In this embodiment, the clearinghouse provides services to the user. 4. Description of the Preferred Embodiment In this embodiment, a user, the owner of a dedicated device, buys an encrypted digital goods from a retailer, as well as an access card. The user submits a registration request to a clearinghouse to obtain the decryption key so that he/she can make use of 4

5 the goods. Without loss of generality, we assume that the content is stored in a CD- ROM and all the content in one CD-ROM share the same decryption key kept in the database of the clearinghouse. It is trivial to encrypt different content with different key based on the titles or some other information. 5.1Notation a b: the concatenation of a and b E(m,K): the ciphertext formed by encrypting plaintext m with key K K ch : the secret key of a clearinghouse DEV no : Device serial number, readable freely. Any device has a unique DEV no. DEV key : Device secret key, is derived with a one way function h(k ch DEV no ), such as MD5 or SHA-1. It sis stored in the secure module 270(figure 2) and is protected from access by any other module but 270. CARD no : The serial number of an access card. It is generated by the clearinghouse and satisfies some restriction, e.g., E(n n, K ch ), where n is a number. Every access card has a unique number CARD no. CD no : The serial number of a CD-ROM. Every CD-ROM has a serial number CD no. CD key : The decryption key of content in a CD-ROM. Clearinghouse: A central trusted organisation, which has a secret key K ch and a database. It provides the services such as issuing access cards, device secret keys DEV key and distributing decryption keys to users. Retailer: Obtains the CD-ROM from the content manufacturers or content providers. The contents stored in the CD-ROM are encrypted. User: Owner of a dedicated device. A legal user has one access card CARD no for a legal CD-ROM. A valid card has an item in the database of the clearinghouse. This access card should be intact when the user get it from a retailer. 5.2 Registration Process Referring to figure 5, at 500, the user purchases a CD-ROM from a retailer as well as an access card. When the user scratches the cover of the card or opens the package, a valid serial number CARD no is shown. The CD-ROM has a serial number CD no that is printed on the cover and is readable. At 510, the user connects to the clearinghouse to request the content decryption key of the CD-ROM. He/she sends the clearinghouse the serial number CARD no encrypted with device key DEV key, device serial number DEV no, the CD-ROM serial number 5

6 CD no, a nonce r and a checkword Sig. The checkword is used to provide the packet integrity. At 520, the clearinghouse receives the request and checks the integrity of the request message with the check word. At 530, the clearinghouse calculates the device key DEV key = h(k ch DEV no ). At 540, the clearinghouse decrypts the request with the device key DEV key to get the card number. The clearinghouse can reject the request if at least one of following cases occurs. An illegal card number. The clearinghouse can verify the card number based on some format requirement. For example, if a valid card number is formed as E(n n, K ch ), where n is a number, the clearinghouse can decrypt the card number with its secret key so that the clear text is the concatenation of two same texts ( or numbers). Expire License infringement. The database of the clearinghouse records the information of the access card when a registration request is successful. One record indicates that a device can access to one kind of CD-ROM. It is a license infringement that no record indicates the requesting device (serial number DEV no ) can use the CD-ROM (serial number CD no ) and there is no license left. At 550, the clearinghouse searches its database to find the decryption key CD key indexed by the CD-ROM serial number CD no. At 560, the clearinghouse encrypts CD key and r+1 with DEV key, and sends the ciphertext E(CD key r+1, DEV key ) to the user. If there are a few legal requests for content keys, the clearinghouse should make sure that every requesting device can get the required content keys, for example, encrypting CD key with every requesting device secret key. At 565, the clearinghouse updates the access card number database. If there is no record on the CD no and DEV no in the database, add a record on them to it. At 570, The user device receives the response message and passes it to the secure module 270. At 580, the secure module 270 reads the device DEV key and decrypts the response message, and verifies the response. 6

7 At 590, if the reply is incorrect for some reasons, e.g., network troubleshoot, the user can try again or quit. Otherwise, at 595, the user device stores the E(CD key, DEV key ) and the CD-ROM serial number CD no in storage 230 (figure 2) for later use. 5.3 Play To make use of a CD-ROM, indexed by the CD-ROM serial number, the secure module 270 can read E(CD key, DEV key ) from the storage. Because the secure module can access to the device secret key DEV key, the decryption key CD key can be decrypted be used to decrypt the CD-ROM content. The content plaintext can be outputted to the terminal Claims 1. A method for distributing electronic content in a controlled manner, the method comprising the steps of: User submiting a registration request for electronic goods to a clearinghouse; The clearinghouse disposing the request; The clearinghouse preparing a coupon based on the request; The user making use of the coupon. 2. A method according to claim 1, wherein said clearinghouse is a trusted central party. 3. A method according to claim 1, wherein said clearinghouse has a secret key and a database. Said database stores all the keys to the electronic goods. 4. A method according to claim 1, wherein said user is the owner of said electronic goods, at least one access card and at least one dedicated device. 5. A method according to claim 4, wherein access card issued by said clearinghouse includes expire date, number of licenses, and serial number. The information of the access card is stored in the database of said clearinghouse. 6. A method according to claim 5, wherein no one but the owner of said access card can access to the card before a successful registration. 7. A method according to claims 5, wherein the format of said serial number should be acceptable by said clearinghouse. 7

8 8. A method according to claim 7, wherein said format may be the ciphertext generated by encrypting the concatenation of two same text with said clearinghouse s secret key. 9. A method according to claim 1, wherein said clearinghouse is authorised to issue device key. 10. A method according to claim 9, wherein said device key is a unique number of a dedicated device that includes at least a secure module and a public device identification. 11. A method according to claim 10, wherein only said secure module can make use of said device key. 12. A method according to claims 9 and 10, wherein said device key is generated from said device identification and said clearinghouse s secret key. 13. A method according to claim 1, wherein said electronic goods has a unique number. 14. A method according to claim 1, wherein said registration request includes the ciphertext of an access card, device identifications, the electronic goods number, a nonce and a check code. 15. A method according to claim 14, wherein said ciphertext is formed by encrypting said access card number with at least one of said device keys. 16. A method according to claim 14, wherein said check code is the hash value of said ciphertext, said device identifications, said goods number and said nonce. 17. A method according to claim 1, wherein said disposing request including verifying it, searching electronic goods key, reconstructing device keys, and updating the database of said clearinghouse. 18. A method according to claim 17, wherein said verifying request includes checking the formats of the access card, expire date of the access card, and the licenses. 19. A method according to claim 17, wherein said good key may be found from the database of said clearinghouse based on the goods number. 20. A method according to claim 17, wherein process of device key reconstruction is the same as claim A method according to claim 1, wherein said coupon is the ciphertext of said goods key generated as claim 17, and a mapping of a nonce as claim A method according to 21, wherein said ciphertext is generated by encrypting said goods key with said device key as claim 20. 8

9 23. A method according to claim 21, wherein mapping may be an addition with a constant. 24. A method according to claim 1, wherein said usage of coupons, executing at the device side, includes decrypting the coupons into plaintexts, and analysing said plaintext. 25. A method according to claim 24, wherein said decrypting processes are executed in the secure module of said device. 26. A method according to claim 24, wherein the key for decrypting the response is the device key. 27. A method according to claim 24, wherein said plaintext includes the goods key and a mapping value as claim 23 said. 9

10 100 Producer 1 Producer i Producer n Clearing House 110 Retailer 1 Retailer j Retailer m 120 User 1 User j 130 Figure 1 10

11 Network Terminal Terminal Interface Storage Device Network Interface 200 Processor I/O Interface Secure Module Keyboard 270 Figure 2 11

12 CD serial number Access card information 354 device numbers decryption Key CD serial numbers Figure CD serial number (optional) 420 Number of licenses 430 Expire Date 440 Card Number Figure 4 12

13 User and device Clearinghouse Gets CD & access card Request to clearinghouse E(CARD no,dev key ) DEV no,cd no, r, Sig 520 Receives the request No stop Calculates Device key Is a valid card? Yes Searches decryption key E(CD key r+1,dev key ) Packs & sends the response Receive the response message Updates access card database Is a valid reply? Yes 595 No 590 Save the response message Try again or return Figure 5 13

SecureDoc Disk Encryption Cryptographic Engine

SecureDoc Disk Encryption Cryptographic Engine SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES Saiprasad Dhumal * Prof. K.K. Joshi Prof Sowmiya Raksha VJTI, Mumbai. VJTI, Mumbai VJTI, Mumbai. Abstract piracy of digital content is a one of the

More information

Understanding Digital Certificates and Wireless Transport Layer Security (WTLS)

Understanding Digital Certificates and Wireless Transport Layer Security (WTLS) Understanding Digital Certificates and Wireless Transport Layer Security (WTLS) Author: Allan Macphee January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What

More information

HP ProtectTools Embedded Security Guide

HP ProtectTools Embedded Security Guide HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded

More information

Software Tool for Implementing RSA Algorithm

Software Tool for Implementing RSA Algorithm Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

Qiong Liu, Reihaneh Safavi Naini and Nicholas Paul Sheppard Australasian Information Security Workshop 2003. Presented by An In seok. 2010.12.

Qiong Liu, Reihaneh Safavi Naini and Nicholas Paul Sheppard Australasian Information Security Workshop 2003. Presented by An In seok. 2010.12. Digital Rights Management for Content Distribution Qiong Liu, Reihaneh Safavi Naini and Nicholas Paul Sheppard Australasian Information Security Workshop 2003 Presented by An In seok. 2010.12.1 Contents

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

PrivyLink Cryptographic Key Server *

PrivyLink Cryptographic Key Server * WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Savitribai Phule Pune University

Savitribai Phule Pune University Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter

More information

A secure email login system using virtual password

A secure email login system using virtual password A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}

More information

IBM Client Security Solutions. Client Security User's Guide

IBM Client Security Solutions. Client Security User's Guide IBM Client Security Solutions Client Security User's Guide December 1999 1 Before using this information and the product it supports, be sure to read Appendix B - Notices and Trademarks, on page 22. First

More information

An Efficient Wrapper-based Digital Rights Management

An Efficient Wrapper-based Digital Rights Management An Efficient Wrapper-based Digital Rights Management Wei-Chen Wu 1, Horng-Twu Liaw 2 1 Computer Center, Hsin Sheng College of Medical Care and Management, Taoyuan County, Taiwan, R.O.C. wwu@hsc.edu.tw

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory There are actually two distinct aspects to the use of public-key encryption in this regard: The distribution of public keys. The use of public-key encryption to distribute secret keys. 9.1 Distribution

More information

GT 6.0 GSI C Security: Key Concepts

GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the

More information

A Study on Secure Electronic Medical DB System in Hospital Environment

A Study on Secure Electronic Medical DB System in Hospital Environment A Study on Secure Electronic Medical DB System in Hospital Environment Yvette E. Gelogo 1 and Sungwon Park 2 * 1 Catholic University of Daegu, Daegu, Korea 2 Department of Nursing, Hannam University, 133

More information

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Christchurch Polytechnic Institute of Technology Information Systems Acquisition, Development and Maintenance Security Standard

Christchurch Polytechnic Institute of Technology Information Systems Acquisition, Development and Maintenance Security Standard Christchurch Polytechnic Institute of Technology Information Systems Acquisition, Development and Maintenance Security Standard Corporate Policies & Procedures Section 1: General Administration Document

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

MOTOROLA ACCOMPLI 009 PERSONAL COMMUNICATOR MODULE OVERVIEW SCOPE OF DOCUMENT. Security Policy REV 1.2, 10/2002

MOTOROLA ACCOMPLI 009 PERSONAL COMMUNICATOR MODULE OVERVIEW SCOPE OF DOCUMENT. Security Policy REV 1.2, 10/2002 Security Policy MOTOROLA ACCOMPLI 009 PERSONAL COMMUNICATOR ENCRYPTION SERVICES MODULE REV 1.2, 10/2002 CONTENTS Module Overview... 1 Scope of Document... 1 Terms and Definitions... 2 Security Level...

More information

E-Book Security Assessment: NuvoMedia Rocket ebook TM

E-Book Security Assessment: NuvoMedia Rocket ebook TM E-Book Security Assessment: NuvoMedia Rocket ebook TM July 1999 Prepared For: The Association of American Publishers Prepared By: Global Integrity Corporation 4180 La Jolla Village Drive, Suite 450 La

More information

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST

Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods

More information

E-CERT C ONTROL M ANAGER

E-CERT C ONTROL M ANAGER E-CERT C ONTROL M ANAGER for e-cert on Smart ID Card I NSTALLATION G UIDE Version v1.7 Copyright 2003 Hongkong Post CONTENTS Introduction About e-cert Control Manager... 3 Features... 3 System requirements...

More information

Information Security

Information Security Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked

More information

Security Service tools user IDs and passwords

Security Service tools user IDs and passwords System i Security Service tools user IDs and passwords Version 5 Release 4 System i Security Service tools user IDs and passwords Version 5 Release 4 Note Before using this information and the product

More information

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui

VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463

More information

NXP & Security Innovation Encryption for ARM MCUs

NXP & Security Innovation Encryption for ARM MCUs NXP & Security Innovation Encryption for ARM MCUs Presenters Gene Carter- International Product Manager, NXP Semiconductors Gene is responsible for marketing of the ARM7 and Cortex-M3 microcontrollers.

More information

Protexis Inc. s Comments on Technological Protection Systems for Digitized Copyrighted Works

Protexis Inc. s Comments on Technological Protection Systems for Digitized Copyrighted Works January 14, 2003 Attn: Velica Steadman United States Patent and Trademark Office Office of Legislative and International Affairs Room 902 2121 Crystal Drive Arlington, VA 22202 Re: Protexis Inc. s Comments

More information

A Proxy-Based Data Security Solution in Mobile Cloud

A Proxy-Based Data Security Solution in Mobile Cloud , pp. 77-84 http://dx.doi.org/10.14257/ijsia.2015.9.5.08 A Proxy-Based Data Security Solution in Mobile Cloud Xiaojun Yu 1,2 and Qiaoyan Wen 1 1 State Key Laboratory of Networking and Switching Technology,

More information

Module 1: e- Learning

Module 1: e- Learning Module 1: e- Learning SECTION 1: OVERVIEW... 2 PRIMER ON INFORMATION TECHNOLOGY, IS INFRASTRUCTURE AND EMERGING TECHNOLOGIES (12%) E-LEARNING... 2 Objective Objective:... 2 Task Statements... 2 Knowledge

More information

DVS DCI Signing Certificate Tool

DVS DCI Signing Certificate Tool DVS DCI Signing Tool User Guide (Version 1.0) DVS DCI Signing Tool User Guide User Guide Version 1.0 for the DVS DCI Signing Tool Version 1.0 Copyright 2008 by DVS Digital Video Systems AG, Hanover. All

More information

Understanding Digital Signature And Public Key Infrastructure

Understanding Digital Signature And Public Key Infrastructure Understanding Digital Signature And Public Key Infrastructure Overview The use of networked personnel computers (PC s) in enterprise environments and on the Internet is rapidly approaching the point where

More information

ERserver. iseries. Secure Sockets Layer (SSL)

ERserver. iseries. Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted

More information

ELECTRONIC COMMERCE WORKED EXAMPLES

ELECTRONIC COMMERCE WORKED EXAMPLES MODULE 13 ELECTRONIC COMMERCE WORKED EXAMPLES 13.1 Explain B2B e-commerce using an example of a book distributor who stocks a large number of books, which he distributes via a large network of book sellers.

More information

Fighting product clones through digital signatures

Fighting product clones through digital signatures Paul Curtis, Katrin Berkenkopf Embedded Experts Team, SEGGER Microcontroller Fighting product clones through digital signatures Product piracy and forgery are growing problems that not only decrease turnover

More information

Why Have Intellectual Property?

Why Have Intellectual Property? Intellectual Property: Protecting Your Ideas James J. Pohl Timothy A. Doyle April 23, 2009 Why Have Intellectual Property? To protect ideas and expressions and to promote investments in these activities

More information

Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads

Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs

More information

E-commerce Revision. Typical e-business Architecture. Routing and Addressing. E-Commerce Web Sites. Infrastructure- Packets, Routing and Addressing

E-commerce Revision. Typical e-business Architecture. Routing and Addressing. E-Commerce Web Sites. Infrastructure- Packets, Routing and Addressing E-Commerce Web Sites E-commerce Revision Companies create Web sites for very different reasons: simple proof-of concept sites Intranets (internal information) information-only sites for customers business-to-business

More information

System i and System p. Customer service, support, and troubleshooting

System i and System p. Customer service, support, and troubleshooting System i and System p Customer service, support, and troubleshooting System i and System p Customer service, support, and troubleshooting Note Before using this information and the product it supports,

More information

SkyRecon Cryptographic Module (SCM)

SkyRecon Cryptographic Module (SCM) SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.

More information

Journal of Electronic Banking Systems

Journal of Electronic Banking Systems Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative

More information

Introduction Starfield Technologies Secure Certificate Services

Introduction Starfield Technologies Secure Certificate Services Introduction R ECENT NUMBERS FROM THE U.S. DEPARTMENT OF COMMERCE SHOW THAT ONLINE RETAIL IS CONTINUING ITS RAPID GROWTH. HOWEVER, FEAR OF INADEQUATE ONLINE SECURITY IS CAUSING ONLINE RETAIL- ERS TO LOSE

More information

Design and Analysis of Methods for Signing Electronic Documents Using Mobile Phones

Design and Analysis of Methods for Signing Electronic Documents Using Mobile Phones Design and Analysis of Methods for Signing Electronic Documents Using Mobile Phones Pramote Kuacharoen School of Applied Statistics National Institute of Development Administration 118 Serithai Rd. Bangkapi,

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER RaySafe S1 SECURITY WHITEPAPER Contents 1. INTRODUCTION 2 ARCHITECTURE OVERVIEW 2.1 Structure 3 SECURITY ASPECTS 3.1 Security Aspects for RaySafe S1 Data Collector 3.2 Security Aspects for RaySafe S1 cloud-based

More information

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL 1 INTRODUCTION The County of Imperial Information & Technical Services (ITS) Security Policy is the foundation of the County's electronic information

More information

SELF SERVICE RESET PASSWORD MANAGEMENT ARCHITECTURE GUIDE

SELF SERVICE RESET PASSWORD MANAGEMENT ARCHITECTURE GUIDE SELF SERVICE RESET PASSWORD MANAGEMENT ARCHITECTURE GUIDE Copyright 1998-2015 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form

More information

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files,

More information

Chapter 8. Network Security

Chapter 8. Network Security Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who

More information

IBM i Version 7.2. Security Service Tools

IBM i Version 7.2. Security Service Tools IBM i Version 7.2 Security Service Tools IBM i Version 7.2 Security Service Tools Note Before using this information and the product it supports, read the information in Notices on page 37. This edition

More information

EDA385 Embedded Systems Design. Advanced Course

EDA385 Embedded Systems Design. Advanced Course EDA385 Embedded Systems Design. Advanced Course Encryption for Embedded Systems Supervised by Flavius Gruian Submitted by Ahmed Mohammed Youssef (aso10ayo) Mohammed Shaaban Ibraheem Ali (aso10mib) Orges

More information

DIGIMARC CORPORATION 9405 SW Gemini Drive Beaverton, Oregon 97008 www.digimarc.com

DIGIMARC CORPORATION 9405 SW Gemini Drive Beaverton, Oregon 97008 www.digimarc.com DIGITAL WATERMARKING: FOSTERING AND ENHANCING LEGITIMATE PEER-TO-PEER (P2P) ECOSYSTEMS DIGIMARC CORPORATION 9405 SW Gemini Drive Beaverton, Oregon 97008 www.digimarc.com Copyright 2006 1 TABLE OF CONTENTS

More information

M-Shield mobile security technology

M-Shield mobile security technology Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a

More information

Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System

Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System ArchanaThange Post Graduate Student, DKGOI s COE, Swami Chincholi, Maharashtra, India archanathange7575@gmail.com,

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Digital Rights Management for the Online Music Business

Digital Rights Management for the Online Music Business Digital Rights Management for the Online Business Sai Ho Kwok Digital rights management has become a pressing concern for the online music business. Existing digital rights management systems are backed

More information

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services P/N:900-1005-20 CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services (hereinafter referred

More information

Compter Networks Chapter 9: Network Security

Compter Networks Chapter 9: Network Security Goals of this chapter Compter Networks Chapter 9: Network Security Give a brief glimpse of security in communication networks Basic goals and mechanisms Holger Karl Slide set: Günter Schäfer, TU Ilmenau

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Payment authorization Payment capture Table 1.3 SET Transaction Types

Payment authorization Payment capture Table 1.3 SET Transaction Types Table 1.3 lists the transaction types supported by SET. In what follows we look in some detail at the following transactions: Purchase request Payment authorization Payment capture Cardholder registration

More information

University of Liverpool

University of Liverpool University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 11: Email security: PGP and S/MIME Ion Petre Department of IT, Åbo Akademi University February 14, 2012 1 Email

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of

More information

Network FAX Driver. Operation Guide

Network FAX Driver. Operation Guide Network FAX Driver Operation Guide About this Operation Guide This Operation Guide explains the settings for the Network FAX driver as well as the procedures that are required in order to use the Network

More information

Business Issues in the implementation of Digital signatures

Business Issues in the implementation of Digital signatures Business Issues in the implementation of Digital signatures Much has been said about e-commerce, the growth of e-business and its advantages. The statistics are overwhelming and the advantages are so enormous

More information

FIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0

FIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0 FIPS 40-2 Non- Proprietary Security Policy McAfee SIEM Cryptographic Module, Version.0 Document Version.4 December 2, 203 Document Version.4 McAfee Page of 6 Prepared For: Prepared By: McAfee, Inc. 282

More information

Online signature API. Terms used in this document. The API in brief. Version 0.20, 2015-04-08

Online signature API. Terms used in this document. The API in brief. Version 0.20, 2015-04-08 Online signature API Version 0.20, 2015-04-08 Terms used in this document Onnistuu.fi, the website https://www.onnistuu.fi/ Client, online page or other system using the API provided by Onnistuu.fi. End

More information

B U S I N E S S G U I D E

B U S I N E S S G U I D E VeriSign Microsoft Office/Visual Basic for Applications (VBA) Code Signing Digital Certificates Realizing the Possibilities of Internet Software Distribution CONTENTS + What Is Developer Code Signing?

More information

Analysis of E-book Security

Analysis of E-book Security Analysis of E-book Security Guoyou He Helsinki University of Technology Telecommunications Software and Multimedia Laboratory ghe@cc.hut.fi Abstract E-book is a new publication technology raised in recent

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

Citrix Password Manager, Enterprise Edition Version 4.5

Citrix Password Manager, Enterprise Edition Version 4.5 122-B COMMON CRITERIA CERTIFICATION REPORT No. CRP235 Citrix Password Manager, Enterprise Edition Version 4.5 running on Microsoft Windows and Citrix Presentation Server Issue 1.0 June 2007 Crown Copyright

More information

[SMO-SFO-ICO-PE-046-GU-

[SMO-SFO-ICO-PE-046-GU- Presentation This module contains all the SSL definitions. See also the SSL Security Guidance Introduction The package SSL is a static library which implements an API to use the dynamic SSL library. It

More information

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions February 2005 All rights reserved. Page i Entrust is a registered trademark of Entrust,

More information

White Paper BMC Remedy Action Request System Security

White Paper BMC Remedy Action Request System Security White Paper BMC Remedy Action Request System Security June 2008 www.bmc.com Contacting BMC Software You can access the BMC Software website at http://www.bmc.com. From this website, you can obtain information

More information

IBM i Version 7.3. Security Digital Certificate Manager IBM

IBM i Version 7.3. Security Digital Certificate Manager IBM IBM i Version 7.3 Security Digital Certificate Manager IBM IBM i Version 7.3 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information

More information

UM0586 User manual. STM32 Cryptographic Library. Introduction

UM0586 User manual. STM32 Cryptographic Library. Introduction User manual STM32 Cryptographic Library Introduction This manual describes the API of the STM32 cryptographic library (STM32-CRYP-LIB) that supports the following cryptographic algorithms: AES-128, AES-192,

More information

Telstra Wholesale Digital Certificates

Telstra Wholesale Digital Certificates Telstra Wholesale Digital Certificates LinxOnline User Guide Issue Number 2, 31 July 2007 Version 2, 31 July 2007 TW Digital Certificate Management User Guide Copyright 2007, Telstra Corporation Limited.

More information

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status

10 Secure Electronic Transactions: Overview, Capabilities, and Current Status 10 Secure Electronic Transactions: Overview, Capabilities, and Current Status Gordon Agnew A&F Consulting, and University of Waterloo, Ontario, Canada 10.1 Introduction Until recently, there were two primary

More information

Evaluate the Usability of Security Audits in Electronic Commerce

Evaluate the Usability of Security Audits in Electronic Commerce Evaluate the Usability of Security Audits in Electronic Commerce K.A.D.C.P Kahandawaarachchi, M.C Adipola, D.Y.S Mahagederawatte and P Hewamallikage 3 rd Year Information Systems Undergraduates Sri Lanka

More information

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,

More information

Identikey Server Getting Started Guide 3.1

Identikey Server Getting Started Guide 3.1 Identikey Server Getting Started Guide 3.1 Disclaimer of Warranties and Limitations of Liabilities Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without

More information

HKUST CA. Certification Practice Statement

HKUST CA. Certification Practice Statement HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 1.1 Date : 3 March 2000 Prepared by : Information Technology Services Center Hong Kong University of Science

More information

Operating Instructions

Operating Instructions Operating Instructions (For Setting Up) Digital Imaging Systems Installation Overview Model No. DP-8060 / 8045 / 8035 Table of Contents Setting Your Machine Installation Overview General Installation Overview...

More information

P309 - Proofpoint Encryption - Decrypting Secure Messages Business systems

P309 - Proofpoint Encryption - Decrypting Secure Messages Business systems Procedure P309 - Proofpoint Encryption - Decrypting Secure Messages Business systems P309 - Page: Page 1 of 12 Date of Release: 23 February 2011 Status: Final Document Reference: Title: P309 Release Number:

More information

SecureStore I.CA. User manual. Version 2.16 and higher

SecureStore I.CA. User manual. Version 2.16 and higher User manual Version 2.16 and higher Contents SecureStore I.CA 1. INTRODUCTION...3 2. ACCESS DATA FOR THE CARD...3 2.1 Card initialisation...3 3. MAIN SCREEN...4 4. DISPLAYING INFORMATION ABOUT THE PAIR

More information

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.

More information

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1 PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority

More information

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT April 2009 EXAMINERS' REPORT Network Information Systems General Comments Last year examiners report a good pass rate with

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel Configuring a WatchGuard to IPSec Tunnel This document describes the procedures required to configure an IPSec tunnel between two WatchGuard Firebox s (version 2.3.x). The following WatchGuard products

More information

What is an SSL Certificate?

What is an SSL Certificate? Security is of the utmost importance when doing business on the Web. Your customers want to know that their information is protected when crossing data lines. A Thawte SSL Web Server Certificate or SuperCert

More information