Digital Rights Management. Past and Present Ben Wells

Similar documents
Qiong Liu, Reihaneh Safavi Naini and Nicholas Paul Sheppard Australasian Information Security Workshop Presented by An In seok

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

Tresorit s DRM. A New Level of Security for Document Collaboration and Sharing

Cloud Computing for Education Workshop

June 29, Subject: Class 3

The Genealogy Cloud: Which Online Storage Program is Right For You Page , copyright High-Definition Genealogy. All rights reserved.

Intellectual Property Rights: Potential of Digital Rights Management for Digital Content

Enter the iphone challenge.

Content Protection in Silverlight. Microsoft Corporation

E-Books and E-Book Readers

Private Copying. Roberto Camerani, Nicola Grassano, Diego Chavarro, Puay Tang

Pryvate App User Manual

Ecosystems Mini Project Apple in the Digital Music Industry. Matthew Hooks, Parrish Isaacs, Eli Miles, Micah Moreau

Ocean County Library policies concerning Computer and Internet Use and Rules of Conduct apply to guest users as well as library card holders.

Downloadable ebooks and Audiobooks at McKinney Public Library

Three short case studies

"ASM s INTERNATIONAL E-Journal on Ongoing Research in Management and IT"

International Journal of Advance Foundation and Research in Computer (IJAFRC) Volume 2, Special Issue (NCRTIT 2015), January 2015.

How Apple s Corporate Strategy Drives High Growth. Blue Ocean Strategic Moves from ipod to ipad

Ben F. Anderson. Eric J. Renzulli. 5 May Professor George T. Heineman, Major Advisor

Online music distribution Core-Edge Working Group Meeting, September 28-29, 2004 Natalie Klym Research Associate, MIT CFP

2013 USER GROUP CONFERENCE

A Robust Multimedia Contents Distribution over IP based Mobile Networks

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

Digital Rights Management

Ensuring the security of your mobile business intelligence

Lab 7: Sharing and Syncing Digital Media, Using Windows Media Center,Researching an Error Event

PDF security - a brief history of development

Opalum FLOW series Opalum STREAM series Wireless setup guide. Wireless setup guide

'Namgis First Nation. 1.0 Overview. 2.0 Purpose. 3.0 Scope. 4.0 Policy

Creating an Apple ID on an iphone, ipad, or ipod touch with a Credit / Debit Card

bbc Overview Adobe Flash Media Rights Management Server September 2008 Version 1.5

Music and the Internet. A guide for parents and teachers

Digital Rights Management for the Online Music Business

Technology Requirements for Using Video Conferencing with Victims

Consumer Cloud Demand

Joseph Guarino Owner/CEO/Sr. Consultant Evolutionary IT CISSP, LPIC, MCSE 2000, MCSE 2003, PMP

Using itunes in Schools


Digital Rights Management. Introduction

Encryption and Digital Signatures

Deploying iphone and ipad Security Overview

Comparison of Enterprise Digital Rights Management systems

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013

IC L10: Seamless Encryption of Data Sync'ing to Dropbox Using Symantec File Share Encryption

Analyzing the Security Schemes of Various Cloud Storage Services

Digital Rights Management

Understanding Digital Signature And Public Key Infrastructure

ACTRA SUBMISSION CONCERNING GST/HST ON E-COMMERCE

Chromecast $ Where do I buy it? Online at Amazon.com or in stores like Best Buy, Target or Walmart.

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Enjoy Music over Your Wi-Fi Network

How to wipe personal data and from a lost or stolen mobile device

DIGIMARC CORPORATION 9405 SW Gemini Drive Beaverton, Oregon

Mercury VirtualTerminal ios Application

Patron Assistance: Become an OverDrive Download Library Specialist

Cloud computing: the lowdown

Introduction to Information Security

Unless otherwise stated, our SaaS Products and our Downloadable Products are treated the same for the purposes of this document.

INTRODUCTION TO CLOUD STORAGE

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & POLICY AND CODE

USB Portable Storage Device: Security Problem Definition Summary

Clarity Middle School Survey

Azure Media Service Cloud Video Delivery KILROY HUGHES MICROSOFT AZURE MEDIA

Data Protection: From PKI to Virtualization & Cloud

Add library banner image here. Browse, Check Out, Download!

The Cloud On A Clear Day. Neal Juern

Freedom and Trust. in the Internet Era. Dr Andrew John Hughes Software Engineer, Red Hat FREEDOM AND TRUST - DR ANDREW JOHN HUGHES

Secure Mail Message Retrieval Instructions

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

Instructions for Secure Cisco Registered Envelope Service (CRES)

SOLITEC products or services for which a separate privacy policy is provided.

Digital Music Services Core-Edge Working Group Semi-Annual Workshop May 13, 2005

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Workflow description of digital rights management systems

(ISC)2 Twin Cities Area Chapter 2013 Annual Meeting 18 June 2013, Cloud Security

Agile IT Empowers Business Success

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

BYOD Guidance: BlackBerry Secure Work Space

HP PROTECTTOOLS RELEASE MANAGER

Sharing Your Media Library with Roxio Streamer

Apple Deployment Programs Apple ID for Students: Parent Guide

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

The End is Near. Options for File Management and Storage

Peer to Peer File Sharing and Copyright Infringement Policy

Fragmentation versus Standardization in the Market for. Digital Rights Management Solutions

Backup ipad. Withdrawing from LISD. Before turning in your ipad,

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Google Holy Family University

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services

There are a variety of ways to read ebooks from the Stirling Libraries and Archives ebooks Collection.

CONTENTS PAGE. c) Our Recommended Settings d) Overview...7. i. Check Out and Download a book... 27

Audio Technologies on the Internet

Bring Your Own Device Policy

T-BOX MY MEDIA WINDOWS 7 QUICK START GUIDE

File sharing: consumers, creators, welfare and business models

Step-by-Step Instructions Download and Transfer of OverDrive Titles to Devices!

Transcription:

Digital Rights Management Past and Present Ben Wells

Digital Rights Management: Goals To extend "analog" copyright techniques to the digital world. Give content Creators some control over the use of the media they produce.

Applications where DRM is present: Basically every single major digital media distributor!!

Different Generations of DRM: Generation 1 (80's, early 90's) Sensitive Material wrapped in container file. (ex. zip, pgp (pretty good privacy) files) Container is encrypted with a key or password. PGP often uses RSA & hash functions public-key encryption system. Digital Signature provides authentication hash function guarantees that the contents have not been tampered with.

Different Generations of DRM: Generation 2 Native Files encrypted within a native application (based on shared password) Access Control Permissions added disable print, copy number of views Permissions the same for all users. File based. Problem: shared passwords can be, well...shared.

Different Generations of DRM: Generation 3 AC Permissions can now vary with each user Each transaction generates a private key known only by the user who purchases the content. Problem: Permissions are difficult to change once the file has been sent to user.

Different Generations of DRM: Today: AC, Authentication, Permissions moved from native application "into the cloud" Server maintains list of policies that map users and groups to permissions. Permissions can be dynamically managed. User's Actions can be logged and recorded.

DRM History: A Brief Timeline 1983-1998 Software: Most digital content was stored in password-protected container files. Hardware: CD's and DVD's used DRM techniques to prevent copies from being made.

1998 Digital Millenium Copyright Act (DMCA) First legislation aimed to curb illegal piracy of digital media. Made illegal to circumvent DRM or otherwise bypass any access controlled media Made DRM Circumvention tools illegal

Copyright gone wrong Sony Rootkit Scandal of 2005 Sony once included a rootkit in every CD they sold. Allows user information to be sent to Sony. Problem: Hackers could manipulate this code to work for them maliciously. Initial public response: "Most people, I think, don't even know what a Rootkit is, so why should they care about it" Thomas Hesse, Sony CEO Just an example of how DMCA protects consumers as well as content providers

First Response: 2001: Rhapsody reveals subscription-based, unlimited music streaming service. Allows customers to manage personal "libraries" without actually downloading files. RealNetworks follows example in 2003

2003 itunes First Digital Music Store All files protected with FairPlay DRM Restrictions Downloads can only be accessed from 3 authorized computers. Users cannot make more than 10 copies of a CD.

Example Followed By 2006, Apple controlled 88% of the legal US music download market Next step for competitors: Offer DRM-free downloads.

Market-Share call and response emusic subscription-based DRM free downloads Apple announced "itunes Plus" DRM-free downloads for additional charge Amazon Offers DRM-free music for cheaper than itunes Apple Drops DRM-free premium price

2009 All music sold on Amazon and Apple's itunes will be offered DRM-free Apple: Users can convert previously purchased music for a small fee ($.30/song) Marks "Death" of DRM-protected Audio Video, Apps, Audiobooks, and ebooks still remain protected.

How FairPlay DRM works: List of authorized machines for each user kept on servers. Generates Unique authorization ID: User Creates itunes Account 74FB-89GT-5T67 User: jsmith1234 Password: ******* List of Authorized Machines (up to 5) 1.... 2.... 3.... User: jsmith1234 Password: ******* User: jsmith1234 Password: ******* Apple

How FairPlay DRM works User Apple 1. Media Purchased from itunes Store. 2. Unique, File-Specific User Key Generated Locally 3. One copy of user key stays on local machine 4. 2nd copy sent to Apple Servers along with proof of transaction 5. Transaction and User key logged 6. File encrypted with Master Key sent to user 7. File Authorized and decrypted with User Key Note: All key generation and decryption is done locally. This minimizes relying on the network to authorize users for each purchase and speeds up transaction time significantly. A list of keys for each file is stored locally, on Apple's servers, as well as on any ipod or iphone containing the media files.

DRM Basic Concepts Content Creator License Creator Content Binding User Content Processor/Auth orization Content Creation License Creation Content Renderer

DRM Basic Concepts Cont... Access Control Operates on a Mandatory, Implicit Deny Policy Access is denied by default unless user is explicitly authorized. permissions granted to user can vary from user to user Allows for Premium Services Varied price points

DRM Basic Concepts Cont... Enforcing the Three Security Requirements: 1. Integrity: It needs to be guaranteed that content is accessed by untampered software/hardware developed by official content creators. 2. Availability: Creators need to precisely deliver what has been requested, in a consumable form, at the desired time for the user. 3.Confidentiality: The license creator must only save the personal data for which the user has given permission and only use this data for purposes for which the user has given permission.

Project Contributions: Analyze DRM circumvention methods of audio. How they were done in past vs. present Use results to form conclusions about other forms of media Gather facts about the music industry and DRM, including consumer attitudes from previous research. Perform a risk assessment and threat analysis to: Forecast what will happen with DRM and other forms of media. Suggest possible solutions based on potential forecast paths.

Analog Hole In order for digital media to be consumed, it must first be converted into an analog signal.

Analog Hole Problem: This signal can be intercepted, recorded, or otherwise replicated. Creating a copy of the original.

Analog Hole The analog hole is unavoidable. A simple byproduct of human beings consuming digital products. DRM can't "fix piracy" because there will always be ways around it.

What Else Went Wrong? Vs.

Adaptation vs. Resistance In the case of the music industry. Consumers began to demand digital music. The music industry was not prepared Record companies and media producers chose resistance over adaptation.

What Consumers wanted: Digital audio, anywhere. What was sold: DRM-Restricted audio

Radical Thinking Open Music Model (2002) The only way for DRM to be successful is if there existed only one, universal system used by all content creators. Problem: Market is already too segmented. Apple, Amazon, Microsoft, etc...

Amazon Kindle Solution that combines DRM Protection with Consumer demand. Why does it work?

Cross-Platform Support photo source: amazon.com

Example 2: Netflix photo source: netflix.com

Is there still hope for music and DRM? Best Attempt: Amazon Cloud Player photo source: amazon.com

Problems: 1. There has been so much uproar about DRM-protected music that it has already been removed from audio sold on Amazon. (Too late to bring it back) 2. Apple and itunes

All of your devices? photo source: apple.com

Reality: icloud lets you play music on all of your devices if and only if all of your devices are Apple devices. also: Amazon Cloud Player not allowed in Apple's App Store

Final Thoughts Too Late for Music Industry?

Final Thoughts The bright side: Knowledge gained. An example has been set for other forms of media.

References Haber, S., Horne, B., Pato, J., Sander, T., & Tarjan, R.E., If Piracy is the Problem, is DRM the answer?, In Digital Rights Management: Technological, Economic, Legal and Political Aspects, ed. Erberhard Becker, Willms Buhse, Dirk Günnewig, Niels Rump, Springer-Verlag, 2003. Jonker, H.L., Mauw, S., Vershuren, J.H.S., & Schoonen, A.T.S.C. (2004, June). Security Aspects of DRM Systems. 25th Symposium on Information Theory in the Benelux: The Netherlands. Loebbecke, Claudia, Bartscher, Philipp, Weiss, Thomas, & Weniger, Sandra. (2010). Consumers' Attitudes to Digital Rights Management (DRM) in the German Trade ebook Market. IEEE Ninth International Conference on Mobile Business. Mauw, S., & Jonker, H.L. (2007). Core Security Requirements of DRM Systems. ICFAI Book series, ICFAI, India. Sicker, Douglas C., Ohm, Paul, & Gunaji, Shannon. (2007). The Analog Hole And The Price of Music: An Empirical Study. Journal on Telecommunications & High Technology Law. Smith, Matt, Wilson, Lakaii, & Gunaji, Shannon. (2005, August). Sidestepping DRM: A Look into the Analog Hole. University of Colorado at Boulder. Retreived from http://en.scientificcommons.org/43486934. Stamp, Mark, Sebes, E. John. (2007). Solvable Problems in Enterprise Digital Rights Management Information Management & Computer Security.

References Suehle, Ruth. (2011). The DRM Graveyard: A Brief History of Digital Rights Management in Music. Red Hat, Inc. Retreived April 1, 2012 from http://www.opensource.com/life/11/11/drm-graveyard-brief-history-digital-rights-management-music Torres, Víctor, Serrão, Carlos, Dias, Miguel Sales & Delgado, Jaime. (2008, June). Open DRM and the Future of Media. IEEE Multimedia, vol. 15, no. 2, pp. 28-36. Watermarking World (2009), Digital Watermarking, http://www.watermarkingworld.com/digital_watermarking. Accessed 5 April, 2012.

Thank You!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information