Abstract
Digital transactions are usually based on mutual trust. In case of DRM (Digital Rights Management) this initial trust is missing on both sides. Neither do the content providers trust their clients – therefore DRM was established. Nor do the clients trust the content providers and react with not using these systems. The release of an open DRM standard by the Open Mobile Alliance (OMA) was a first step to increase the trustworthiness of DRM. But from the content providers’ perspective a secure implementation for PC Platforms was missing. Especially the mechanisms to obfuscate and install the device private key which is the security anchor were not established there. This paper shows a software solution for that. A more riskless way to solve this problem is the involvement of Trusted Computing which is also shown by the authors. Finally the authors claim the necessity not to leave the users’ security behind.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ausge. Ergeb. der Online-Umfrage IZV7, Inst. f. Wirtschaftspolitik u. Wirtschaftsforschung, Universität Karlsruhe (2004), www.iww.uni-karlsruhe.de/izv/pdf/izv7_auswertung.pdf
Singh, S., Jackson, M., Waycott, J., Beekhuyzen, J.: Downloading vs Purchase: Music Industry vs Consumers. In: Safavi-Naini, R., Yung, M. (eds.) DRMTICS 2005. LNCS, vol. 3919, pp. 52–65. Springer, Heidelberg (2006), www.titr.uow.edu.au/DRM2005/presentations/drm05-beekhuyzen.pps
Petrovic, O., Fallenböck, M., Kittl, C., Wolkinger, T.: Vertrauen in digitale Transaktionen. WIRTSCHAFTSINFORMATIK 45(1), 53–66 (2003)
Pfitzmann, A., Pfitzmann, B., Schunter, M., Waidner, M.: Trustworthy User Devices in Multilateral Security in communications. In: Technology, Infrastructure, Economy, vol. 3, Addison Wesley, München u.a (1999)
Website of the Open Mobile Alliance, http://www.openmobilealliance.org
Iannella, R.: Digital Rights Management (DRM) Architectures. DRM 2001 7(6) (2001), www.dlib.org/dlib/june01/iannella/06iannella.html
OMA Digital Rights Management V1.0, DRM Specification, Approved Enabler (release Date: June 25, 2004), http://www.openmobilealliance.org/release_program/drm_v1_0.html
Website of the ODRL initiative, http://www.odrl.org
OMA Digital Rights Management V2.0, DRM Specification, Candidate Enabler (release Date: September 15, 2005), www.openmobilealliance.org/release_program/drm_v2_0.html
Rosenblatt, B., Trippe, B., Mooney, S.: Digital Rights Management. Business and Technology. M&T Books, New York (2002)
Nützel, J., Beyer, A.: How to Increase the Security of Digital Rights Management Systems Without Affecting Consumer’s Security. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 368–380. Springer, Heidelberg (2006)
Website of the Trusted Computing Group (TCG), http://www.trustedcomputinggroup.org
Eilam, E.: Reversing: Secrets of Reverse Engineering. Wiley Publishing, USA (2005)
Cerven, P.: Crackproof Your Software. No Starch Press, San Francisco (2002)
Website of Microsoft’s Windows Vista, http://www.microsoft.com/windowsvista/
TPM v1.2 Specification Changes (October 2003), http://www.trustedcomputinggroup.org
TCG Specification Architecture Overview, Specification Revision 1.2 (April 28, 2004), http://www.trustedcomputinggroup.org/groups/TCG_1_0_Architecture_Overview.pdf
TCG Infrastructure Workgroup, Subject Key Attestation Evidence Extension, V1.0, Rev. 7 (June 16, 2005), www.trustedcomputinggroup.org/specs/IWG/IWG_SKAE_Extension_1-00.pdf
Russinovich, M.: www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
World of warcraft hackers using Sony BMG rootkit, HYPERLINK, http://www.securityfocus.com/brief/34
Website of Common Criteria, http://www.commoncriteriaportal.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Nützel, J., Beyer, A. (2006). Towards Trust in Digital Rights Management Systems. In: Fischer-Hübner, S., Furnell, S., Lambrinoudakis, C. (eds) Trust and Privacy in Digital Business. TrustBus 2006. Lecture Notes in Computer Science, vol 4083. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11824633_17
Download citation
DOI: https://doi.org/10.1007/11824633_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-37750-4
Online ISBN: 978-3-540-37752-8
eBook Packages: Computer ScienceComputer Science (R0)