towards a software architecture for drm [email protected] joint work with kristof...
TRANSCRIPT
Towards a Software Towards a Software Architecture for DRM Architecture for DRM
[email protected]@cs.kuleuven.be
Joint work with Kristof Verslype, Wouter Joosen, and Bart De DeckerDistriNet research group, K.U.Leuven, Belgium
DRM'05 Sam Michiels
Context Context DRM systems are complexDRM systems are complex
Diversity of devices, users, platforms, mediaDiversity of devices, users, platforms, media Wide variety of system requirements Wide variety of system requirements
Security, flexibility, manageabilitySecurity, flexibility, manageability
Complexity is increasingComplexity is increasing digital news papers, iPod/MP3, digital TV digital news papers, iPod/MP3, digital TV
Complexity poses 3 major challengesComplexity poses 3 major challenges Fragmentation of individual solutionsFragmentation of individual solutions Limited reuse & interoperability of DRM systemsLimited reuse & interoperability of DRM systems Lack of domain specific software architectureLack of domain specific software architecture
DRM'05 Sam Michiels
ContextContext DRM challenges in detailDRM challenges in detail
Fragmentation of individual solutionsFragmentation of individual solutions State-of-the-art DRM technologies often ad-hocState-of-the-art DRM technologies often ad-hoc This leads to fragmented point solutionsThis leads to fragmented point solutions Difficult to cover the complete DRM pictureDifficult to cover the complete DRM picture
Limited reuse & interoperabilityLimited reuse & interoperability Vertically integrated designsVertically integrated designs In-house developed components can interoperateIn-house developed components can interoperate Limited (no?) interoperability between different DRM systemsLimited (no?) interoperability between different DRM systems
Lack of domain specific software architectureLack of domain specific software architecture Need for a common DRM software architectureNeed for a common DRM software architecture Identify major service componentsIdentify major service components Define how they interactDefine how they interact
DRM'05 Sam Michiels
Context Context Research objectiveResearch objective
Enable integration of independent service components Enable integration of independent service components into a generic DRM software architectureinto a generic DRM software architecture
Analogy: TCP/IP architectureAnalogy: TCP/IP architecture Similar characteristicsSimilar characteristics
ComplexComplex Considerable evolution in technology, scale, and usageConsiderable evolution in technology, scale, and usage
Power does not lie in the elegance or efficiency of Power does not lie in the elegance or efficiency of individual components…individual components…
But in the ability to encompass growth in scale and But in the ability to encompass growth in scale and diversitydiversity
DRM'05 Sam Michiels
ContextContext Related workRelated work
DRM as a layered software architecture (Jamkhedkar DRM as a layered software architecture (Jamkhedkar and Heileman [JH04])and Heileman [JH04])
Detailed technology overview: Technical Report [MJT05]Detailed technology overview: Technical Report [MJT05] Research contributionResearch contribution
Propose a next step towards a software architecture for Propose a next step towards a software architecture for DRM that supports reuse and interoperabilityDRM that supports reuse and interoperability
Identify key DRM service componentsIdentify key DRM service components Locate them in the architectureLocate them in the architecture
[JH04] P. Jamkhedkar and G. Heileman. “DRM as a Layered System”. In Proceedings of DRM’04, pp. 11-21, 2004.[MJT05] S. Michiels, W. Joosen, E. Truyen, K. Verslype. “Digital Rights Management – A Survey of
Existing Technologies”. Technical Report K.U.Leuven, CW-428, Nov. 2005. In press.
DRM'05 Sam Michiels
OverviewOverview
Towards a DRM software architectureTowards a DRM software architecture Functional perspectiveFunctional perspective Security perspectiveSecurity perspective
Architectural overviewArchitectural overview ValidationValidation Discussion Discussion Conclusion & future workConclusion & future work
DRM'05 Sam Michiels
Functional perspectiveFunctional perspective
Typical DRM consumer use caseTypical DRM consumer use case
Content Consumer
DRM client
Content server
License server1.
Content request
2. Protected Content
3.License request
4. License
DRM'05 Sam Michiels
Functional perspectiveFunctional perspective Use cases based on 3 application view pointsUse cases based on 3 application view points
Consumer (E-paper reader, iPod user)Consumer (E-paper reader, iPod user) Browse content catalogBrowse content catalog Select license type and learn about usage rulesSelect license type and learn about usage rules Authenticate themselvesAuthenticate themselves Consume protected content in a user-friendly wayConsume protected content in a user-friendly way
Producer (EMI, Sony, Time Warner)Producer (EMI, Sony, Time Warner) Compose/update/manage licensesCompose/update/manage licenses Interpret logged information on content usage Interpret logged information on content usage
Publisher (iTunes music store)Publisher (iTunes music store) Deploy or revoke usage rightsDeploy or revoke usage rights Extract usage patterns Extract usage patterns Identify sources of abuseIdentify sources of abuse
DRM'05 Sam Michiels
Functional perspectiveFunctional perspective Six major service componentsSix major service components
License serviceLicense service License issuingLicense issuing
Content serviceContent service Packaging and distribution of contentPackaging and distribution of content
Access serviceAccess service Authentication and access controlAuthentication and access control
Tracking serviceTracking service Logging of usage informationLogging of usage information
Import service Import service Content preparationContent preparation
Identification serviceIdentification service Identification of the owner of particular content Identification of the owner of particular content
DRM'05 Sam Michiels
Functional perspectiveFunctional perspective
ContentService
LicenseService
Payment Service
ImportService
IdentificationService
TrackingService
Certification Authority
AccessService
Consumers
Producers
Publishers
Major DRMService
components
ExternalServices
DRM'05 Sam Michiels
Security perspectiveSecurity perspective
Locating security hot spotsLocating security hot spots LicenseLicense
Unforgeability, integrity, content bindingUnforgeability, integrity, content binding
ContentContent Integrity, authentication, confidentiality, non-repudiationIntegrity, authentication, confidentiality, non-repudiation
DRM clientDRM client Authentication, confidentiality, integrity, individualization, Authentication, confidentiality, integrity, individualization,
secure timesecure time
Publisher (online DRM system)Publisher (online DRM system) Confidentiality, integrity, authentication, anonymityConfidentiality, integrity, authentication, anonymity
DRM'05 Sam Michiels
Security perspectiveSecurity perspectiveSame security service,
different cryptographic
primitives
Same cryptographic
primitive,
applied in multiple services
Establishing security servicesEstablishing security services LicensesLicenses
Unforgeability, integrity => digital signaturesUnforgeability, integrity => digital signatures Content binding => fingerprinting, DOIContent binding => fingerprinting, DOI
ContentContent Integrity, authentication => digital signaturesIntegrity, authentication => digital signatures Confidentiality => encryptionConfidentiality => encryption Non-repudiation => digital signatures + certificates + watermarksNon-repudiation => digital signatures + certificates + watermarks
DRM clientDRM client Authentication, confidentiality => trusted computingAuthentication, confidentiality => trusted computing Integrity => self-checkingIntegrity => self-checking Individualization => code obfuscationIndividualization => code obfuscation Secure time => hardware clocksSecure time => hardware clocks
Publisher (online DRM system)Publisher (online DRM system) Confidentiality => encryptionConfidentiality => encryption Integrity => digital signaturesIntegrity => digital signatures
Anonymity => zero knowledge proofs (Anonymity => zero knowledge proofs (nono digital signatures!) digital signatures!) Authentication => certificatesAuthentication => certificates
DRM'05 Sam Michiels
OverviewOverview
Towards a DRM software architectureTowards a DRM software architecture Functional perspectiveFunctional perspective Security perspectiveSecurity perspective
Architectural overviewArchitectural overview ValidationValidation Discussion Discussion Conclusion & future workConclusion & future work
DRM'05 Sam Michiels
Architectural overviewArchitectural overview
Distributed viewDistributed view Matches 3 application view pointsMatches 3 application view points Client-server interactionClient-server interaction Parties interacting at different levelsParties interacting at different levels
Content Consumers/DRM clients
Content ProducersPublisher
Security levelcommunication
Service levelcommunication
Rights interpretation
Digitalnews paper
iPod
Mobilephone
DRM'05 Sam Michiels
Architectural overviewArchitectural overview Locating service components in a layered Locating service components in a layered
architecturearchitecture
Watermarking
DigitalSignatures
Certificates Encryption
…
…
Right Expression and Interpretation
Tracking Service
ContentService
LicenseService
AccessService
ImportService
IdentificationService
…
Digital NewsPaper
iTunes
Windows MediaPlayer
Application layer
NegotiationLayers
Right Expression & Interpretation Layer
Right Enforcement Layer (Type dependent)
Right Enforcement Layer (Type independent)
DRM'05 Sam Michiels
EvaluationEvaluation DRM does not completely adopt a layered structureDRM does not completely adopt a layered structure
DRM complexity often requires to customize service components DRM complexity often requires to customize service components Application specific requirementsApplication specific requirements Various business policiesVarious business policies
Yet, layering often implies virtualization Yet, layering often implies virtualization Functionality of lower layers is hidden to applicationsFunctionality of lower layers is hidden to applications This abstraction may prevent necessary customizationsThis abstraction may prevent necessary customizations
DRM architecture is asymmetricDRM architecture is asymmetric Not all nodes run the same functionality (as opposed to TCP/IP)Not all nodes run the same functionality (as opposed to TCP/IP) Rights expression layer is fully implemented at publisher’s side Rights expression layer is fully implemented at publisher’s side
to enable associating various business policies to contentto enable associating various business policies to content Yet, minimally implemented at consumer’s side Yet, minimally implemented at consumer’s side
To prevent clients from tampering with business policiesTo prevent clients from tampering with business policies
DRM'05 Sam Michiels
ValidationValidation
DRM Tech/ServiceDRM Tech/Service Content Content LicenseLicense AccessAccess TrackingTracking PaymentPayment ImportImport IdentificationIdentification
WMDRMWMDRM XX XX -- XX -- XX --
LWDRMLWDRM XX -- XX -- XX -- --
EMMSEMMS XX XX XX XX XX XX --
HelixHelix XX XX XX XX -- -- --
AegisAegis -- XX XX XX -- -- --
OMAOMA XX XX XX -- XX -- --
DRM'05 Sam Michiels
Discussion Discussion Three major DRM Challenges revisitedThree major DRM Challenges revisited
Reuse and interoperabilityReuse and interoperability Many DRM technologies implement the same limited set of Many DRM technologies implement the same limited set of
servicesservices High potential for reuse High potential for reuse
Green zoneGreen zone Highest reuse benefit for content, license and access servicesHighest reuse benefit for content, license and access services
Software architectureSoftware architecture Many services are implemented by few DRM technologiesMany services are implemented by few DRM technologies
Orange and red zoneOrange and red zone Difficult to standardize ‘the’ DRM technologyDifficult to standardize ‘the’ DRM technology More efficient to focus on particular servicesMore efficient to focus on particular services Enable to integrate them in a generic architecture Enable to integrate them in a generic architecture
DRM'05 Sam Michiels
Conclusion & Future Conclusion & Future work work
Paper proposed a next step towards a Paper proposed a next step towards a software architecture for DRMsoftware architecture for DRM
Evaluation based on 6 DRM technologiesEvaluation based on 6 DRM technologies Confirmed potential of applying software Confirmed potential of applying software
architectures architectures
DRM'05 Sam Michiels
Conclusion & Future Conclusion & Future workwork
Future workFuture work Refine interaction interfaces of identified Refine interaction interfaces of identified
componentscomponents Apply and validate architecture in a case Apply and validate architecture in a case
study, revealing additional issuesstudy, revealing additional issues Driven by non-functional requirements…Driven by non-functional requirements…
Efficiency of content distribution, content personalizationEfficiency of content distribution, content personalization
And solutions for thatAnd solutions for that In-network caching, load balancing, multicast/broadcast In-network caching, load balancing, multicast/broadcast
transport protocolstransport protocols
Towards a Software Towards a Software Architecture for DRM Architecture for DRM
[email protected]@cs.kuleuven.be
Joint work with Kristof Verslype, Wouter Joosen, and Bart De DeckerDistriNet research group, K.U.Leuven, Belgium