Security and Privacy in Digital Rights Management: ACM CCS-8 Workshop DRM 2001, Philadelphia, PA, USA, November 5, 2001. Revised Papers (Lecture Notes in Computer Science (2320))
معرفی کتاب «Security and Privacy in Digital Rights Management: ACM CCS-8 Workshop DRM 2001, Philadelphia, PA, USA, November 5, 2001. Revised Papers (Lecture Notes in Computer Science (2320))» نوشتهٔ Tomas Sander (editor)، منتشرشده توسط نشر Springer Berlin Heidelberg : Imprint: Springer. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
The Acm Workshop On Security And Privacy In Digital Rights Management Is The ?rst Scienti?c Workshop With Refereed Proceedings Devoted Solely To This Topic. The Workshop Was Held In Conjunction With The Eighth Acm Conference On Computer And Communications Security (ccs-8) In Philadelphia, Usa On November 5, 2001. Digital Rights Management Technology Is Meant To Provide End-to-end So- Tions For The Digital Distribution Of Electronic Goods. Sound Security And Privacy Features Are Among The Key Requirements For Such Systems. Fifty Papers Were Submitted To The Workshop, Quite A Success For A ?rst-time Workshop. From These 50 Submissions, The Program Committee Selected 15 Papers For Presentation At The Workshop. They Cover A Broad Area Of Relevant Techniques, Including Cryptography, System Architecture, And Cryptanalysis Of Existing Drm Systems. Three Accepted Papers Are About Software Tamper Resistance, An Area About Which Few Scienti?c Articles Have Been Published Before. Another Paper Addresses Renewability Of Security Measures. Renewability Is Another Important Security Technique For Drm Systems, And I Hope We Will See More Publications About This In The Future. I Am Particularly Glad That Three Papers Cover Economic And Legal Aspects Of Digital Distribution Of Electronic Goods. Technical Security Measures Do Not Exist In A Vacuum And Their E?ectiveness Interacts In A Number Of Ways With The Environment For Legal Enforcement. Deploying Security And An- Piracy Measures Adequately Requires Furthermore A Good Understanding Of The Business Models That They Are Designed To Support. Discouraging Software Piracy Using Software Aging / Markus Jakobsson And Michael K. Reiter -- New Iterative Geometric Methods For Robust Perceptual Image Hashing / M. Kivanc Mihcak And Ramarathnam Venkatesan -- On Crafty Pirates And Foxy Tracers / Aggelos Kiayias And Moti Yung -- Efficient State Updates For Key Management / Benny Pinkas -- Collusion Secure Q-ary Fingerprinting For Perceptual Content / Raihaneh Safavi-naini And Yejing Wang -- Privacy Engineering For Digital Rights Management Systems / Joan Feigenbaum, Michael J. Freedman And Tomas Sander / [and Others] -- Secure Open Systems For Protecting Privacy And Digital Services / David Kravitz, Kim-ee Yeoh And Nicol So -- Mpeg-4 Ipmp Extensions / James King And Panos Kudumakis. Tomas Sander (ed.). Includes Bibliographical References And Index. Security and Privacy in Digital Rights Management Preface Conference Organizers Table of Contents Discouraging Software Piracy Using Software Aging Introduction Model and Requirements Approach Related Work Updating Method Software Aging Claims References New Iterative Geometric Methods for Robust Perceptual Image Hashing Introduction Problem Definition and Notation Proposed Algorithms Algorithm A Algorithm B Experimental Results Conclusions and Future Work References On Crafty Pirates and Foxy Tracers Introduction Background: Decoder Types and Our Results Resettable vs. History Recording Pirate Decoders Available vs. Abrupt Pirate Decoders Types of Pirate Decoders Previous Work and Motivation in Light of the Decoder Types Our Results Preliminaries Multicast Encryption Schemes The Straightforward Scheme Colorings Black-Box Traitor Tracing Schemes Hybrid Colorings: Generic Black-Box Traceability of Abrupt/Resettable Pirate Decoders List-Tracing of Abrupt/Resettable Pirate Decoders with Sublinear Ciphertext Size Tracing Abrupt/History-Recording Pirate Decoders in Multimedia Multicast References Efficient State Updates for Key Management Introduction and Motivation The LKH Scheme The State Update Problem Contributions Related Work A Concise Representation of Keys A Method with no Security Against Collusions A Method Secure Against Collusions Updating Keys on the Path from a Leaf to the Root LKH Based Schemes The LKH Scheme The Scheme of Canetti et. al me More Efficient Key Update Collusion Secure q-ary Fingerprinting for Perceptual Content Introduction q-ary c-Secure Codes Constructing c-Secure Codes from Error-Correcting Codes Bound for c-TAq(L,N) and c-TAq(L,N;e) Comparison and Trade-Offs Removing Segments Constructing c-TAq(L,N;e,r) Using Buffer Blocks Using Deletion/Insertion-Correcting Codes Preliminaries Tracing with Shortened Fingerprint Concluding Remarks References Privacy Engineering for Digital Rights Management Systems Introduction How Digital Distribution and DRM Affect User Privacy Why Cryptography Is Insufficient Technological Failures of Privacy Solutions Our Abstractions Don't Model Our Reality Technical Limitations: Security Breaches and Usability Legacy System Integration Excessive Technical Costs? Economic Aspects of Privacy Engineering Network Externalities Asymmetries, Moral Hazard, and Demand Business Incentives Approaches to Practical Privacy Engineering The Fair Information Principles Approach Why the FIPs apply to DRM Simple Principles for Privacy Engineering Customizable Privacy Collection Limitation Database Architecture and Management Purpose Disclosure (Notice) Choice Client-Side Data Aggregation Transferring Processed Data Competition of Services Keeping Business Interests in Mind Enforcement and Auditability of Privacy Solutions Adding Higher Tech Solutions Proxies P3P Monitoring Tools Outlook References A Generic Architecture for a DRM Content-Distribution System Basic Architecture and Extensions Basic Protocols and Operations to Support Installation and Initialization of the DRM Client Searching for Content and Content Delivery Content Acquisition Rights Delivery Accessing and Playing Content Risk Management Data Collection in DRM Systems Secure Open Systems for Protecting Privacy and Digital Services Introduction Architectural Components The Coprocessor The SAC The Trust Server Privacy without Containment. Containment without Privacy. Trust Server Rationale. Individualization Notation Assumptions Regarding the Trust Server Minimal Assumptions on Secure Communications between Coprocessors and the Trust Server Method 1: SAC Individualization by Application Server Method 2: SAC Individualization by Trust Server Conclusion References MPEG-4 IPMP Extensions Introduction The MPEG-4 IM-1 IPMP ‘hooks’ Why the ‘hooks’ Need to Be Extended? How the MPEG-4 IPMP Extensions Work? User Requests Specific Content IPMP Tools Description Access IPMP Tools Retrieval Instantiation of IPMP Tools IPMP Initialisation and Update – In Parallel with Content Consumption The IPMP Extension Components The Content class IPMP_ToolListDescriptor class IPMP_Tool Alternate Tools Parametric Tools Parametric Aggregation Parametric Description IPMP Information IPMP Tool Manager Overview Acquiring Tools via Content Tool Creation Message Router Authentication Certification Routing Messages Function Structure [1] Creation and Notification Messages IPMP Information Delivery Messages Processing Messages Intent Messages User Messages Authentication Messages A Comparison with OPIMA (Open Platform Initiative for Multimedia Access) Message Routing vs. Scheduler IPMP Tools vs. OPIMA IPMPS Manufacturer and Consumer-Interoperability vs. Limited Complexity Similarities and Differences Interoperability between OCCAMM and the IPMP Extensions A Walkthrough in an OCCAMM System Using MPEG-4 IPMP Extension Capable Player Conclusions References Dynamic Self-Checking Techniques for Improved Tamper Resistance Introduction Related Work Design Objectives and Threat Model Functionality Security Discovery Disablement Algorithm Design Components and Embedding Process Testers Testing Pattern Correctors and Intervals Tamper Response Tester Design and Placement Design Objectives Linear Hash Functions Tester Construction and Customization Tester Placement Interval Construction Corrector Placement Interval Definition Assignment of Testers to Intervals Summary and Future Work References Protecting Software Code by Guards* Introduction Related Work The Guarding Framework Guards Guards Network Security Strengthening the Guards Network Strengthening Individual Guards Description of System Experimental Results Impacts on Program Size Impacts on Program Performance Conclusion and Further Remarks References How to Manage Persistent State in DRM Systems Introduction System Model Persistent State Management Requirements Fault Tolerance Security Performance Resource Consumption Scalability Mechanisms for Managing Persistent State Secure Memories Secure Audit Logs Secure File Systems Encrypted File Systems Tamper Detection Secure Database Systems TDB GnatDb A Retrospective on DRM Database System Design References A Cryptanalysis of the High-Bandwidth Digital Content Protection System Introduction Related Work The HDCP Authentication Protocol Linear Algebra over Z/256Z The Authority's Secret Forging Key Pairs Conclusion References Implications of Digital Rights Management for Online Music - A Business Perspective The Need for Digital Rights Management in the Evolving Online Music Industry The Demand-Side Perspective: Influences on Cost Structure and Revenue Models The Supply-Side Perspective: Differentiation between Public and Private Goods through Digital Rights Management Four Business Model Scenarios Assumptions First Scenario: Open Source File Sharing Systems Second Scenario: Music Service Provider Third Scenario: Digital Rights Management-Based Subscription Models Fourth Scenario: Super-Distribution Conclusions Regarding Positioning and Privacy References From Copyright to Information Law - Implications of Digital Rights Management Introduction Protection by Technology Overview Supporting Protection by Anti-circumvention Regulations Protection by Contracts Overview Supporting Protection by Technology Supporting Protection by Anti-circumvention Regulations Protection by Technology Licenses Paradigm Shift in Protection Legal Perspective Intertwining Means of Protection Creation of a Privatized ŁProperty RightŁ Law and Economics Perspective Necessity of Copyright Law Limitations to DRM Protection Law and Economics Perspective Legal Perspective Copyright Law as a Safety Net Law as a Limitation to the Paradigm Shift in Protection Limitation of the Protection by Contracts Limitation of the Protection by Technology Licenses Limitation of the Protection by Technology Direct Influence on the Design of Technological Protection Measures Limiting the Anti-circumvention Protection "Key Escrow" Approach Conclusion References Taking the Copy Out of Copyright Copyright Is Not About Copying First Sale Doctrine – Physical Property Only Fair Use The Right of Public Distribution Conclusion Author Index According to a recent study [3], the computer industry loses $11 billion annually to piracy, with 40 percent of all software programs pirated.
دانلود کتاب Security and Privacy in Digital Rights Management: ACM CCS-8 Workshop DRM 2001, Philadelphia, PA, USA, November 5, 2001. Revised Papers (Lecture Notes in Computer Science (2320))