Digital Inheritance of Personal and Commercial Content Using DRM

H. Li, NXP Research M. Petkovic, Philips ResearchCCNC’07 DRM workshop, Jan 11 2007

NXP Research, 11/01/07, H. Li 2

Content

• Introduction• Private content protection model

using DRM• Inheritance protocols• Digital last will• Conclusions

NXP Research, 11/01/07, H. Li 3

People own and manage exploding amount of digital content in the whole life• Personal content and commercial content

– Personal digital history: photos and video, health info, financial info, behaviours, …

– Music, movies…

Hackers & UsersHackers & Users& Observers& Observers

• More will be protected for privacy and for copyright

NXP Research, 11/01/07, H. Li 4

How to regulate inheritance of digital property?

• Traditional ways insufficient– Free copy or paper last will: usage rights

issues– Not easy for managing a huge collection

• Traditional ways may fail for confidential content protected by cryptography– His keys, private knowledge and biometric

authentication may be lost forever, if a person is dead

NXP Research, 11/01/07, H. Li 5

Secure digital inheritance solutions are required

• Requirements:– Trusted posthumous transaction of the inheritance– Secure process for encrypted personal confidential

content– Secure process for transferring usage rights of

commercial content– Options for testator to assign conditions and rights to a

beneficiary for a particular digital bequest – Non-repudiation– Ease of use

NXP Research, 11/01/07, H. Li 6

Content

• Introduction• Private content protection model

using DRM• Inheritance protocols• Digital last will• Conclusions

NXP Research, 11/01/07, H. Li 7

Private content protection model using DRM

Content key Protected Content

stored Owner Rights

User Rights

Personal Key of User2

Personal Key-pair

Personal Key of User1

Licenses

OL of User1

UL of User2 License protected by Personal key

• Personal keys and license process capability are in compliant devices

• Ownership secured in Owner Licenses– Owner License (OL): full rights, incl. to grant rights to others– User License (UL): usage rights given by the owner

NXP Research, 11/01/07, H. Li 8

Ownership and ownership transfer

OL1 = {PK o1, PK o1, EPK o1 [O-Rights, K a], EPK o1 [O-Rights, K a]}signPriK o1

ULx : TakeOwnership UL

ULClean : Clean-up UL

Secured by compliant personal devices (keys)

UL x = {PK o2, PK o1, EPK o2 [TO-Rights, K a], EPK o1 [TO-Rights, K a]}signPriK o1

Owner 1 grants ‘takeOwnership’ UL

OL2 = {PK o2, PK o2, EPK o2 [O-Rights, K a], EPK o2 [O-Rights, K a]}signPriK o2

Owner 2 takes ownership

ULClean = {PK o1, PK o2, EPK o1 [C-Rights, K a], EPK o2 [C-Rights, K a]}signPriK o2

Owner 2 asks to clean-up the old ownership

Owner 1 cleans the old ownership

NXP Research, 11/01/07, H. Li 9

Content

• Introduction• Private content protection model

using DRM• Inheritance protocols• Digital last will• Conclusions

NXP Research, 11/01/07, H. Li 10

Digital Inheritance Protocols

• Principles for inheritance of digital content using DRM – by adding inheritance information

(including conditions) to content licenses– by binding activation of inheritance to a

death certificate

• Two examples of protocols for personal content

• One example for commercial content

NXP Research, 11/01/07, H. Li 11

Inheritance protocols of personal content (1)• Put inheritance information in an ownership

license and coupling inheritance activation with the death certificate of the testator

C om pliant device 1

C om pliant device 2

(1)

(2)

(3)

(3)

(4)

D eathC ertificate Pk1

O w nershipC ertificate

O w nershipC ertificate

O w ner = Pk1Inheritor = Pk2

O w ner = Pk2Inheritor = ?

NXP Research, 11/01/07, H. Li 12

Inheritance protocols of personal content (2)• Put inheritance information in a usage license and

coupling inheritance activation with the death certificate of the testator

(1)

(2)

(3)

D eathC ertificate Pk1

O w nershipC ertificate

U sageLicense

O w nershipC ertificate

O w ner = Pk1(Inheritor = Pk2)

R ights for Pk2 Inheritor = Pk2 F ina l w ill

O w ner = Pk2Inheritor = ?

Com pliant device 1

Com pliant device 2

NXP Research, 11/01/07, H. Li 13

Inheritance of commercial content

• Append an additional license with inheritance information and conditions

Content P rovider

(2)

(3)

(4)

(1)

L1, L2

L1, L2

U sage L icense L1

U sage L icense L3

Attached L icense L2

U ser Pk1R ightscontent ID 1

U ser Pk2R ightscontent ID 1

Attached to L1 Inheritor = Pk2

D eathC ertificate Pk1

Com pliant device 1

Com pliant device 2

NXP Research, 11/01/07, H. Li 14

Content

• Introduction• Private content protection model

using DRM• Inheritance protocols• Digital last will• Conclusions

NXP Research, 11/01/07, H. Li 15

Using a digital last will Last Will

Encrypted Content

Container to Kate

Testator Identity

Benefi. Kate Identity

Executor Identity

Benefi. Bob Identity

Prepare

Open posthumously

Complete Inheritance

Death Certificate

Container to Bob

• Using containers to secure the rights-transfer licenses• Selected executor / TTP opens the containers with the death certificate• Beneficiaries complete the inheritance using the right-transfer licenses

NXP Research, 11/01/07, H. Li 16

Conclusions

• Secure inheritance solutions required for protected digital content

• Several protocols presented for transferring the ownership and usage rights posthumously

• A digital last will solution presented• More work needed to introduce

ownership and inheritance protocols in a real DRM standard / system