Key Challenges in DRM: An Industry Perspective

LaMacchia, Brian A.

doi:10.1007/978-3-540-44993-5_4

Key Challenges in DRM: An Industry Perspective

Brian A. LaMacchia⁵

Conference paper

917 Accesses
3 Citations

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2696))

Abstract

The desires for robust digital rights management (DRM) systems are not new to the commercial world. Indeed, industrial research, development and deployment of systems with DRM aspects (most notably crude copy-control schemes) have a long history. Yet to date the industry has not seen much commercial success from shipping these systems on top of platforms that support general-purpose computing. There are many factors contributing to this lack of acceptance of current DRM systems, but I see three specific areas of work that are key adoption blockers today and ripe for further academic and commercial research. The lack of a general-purpose rights expression/authorization language, robust trust management engines and attestable trusted computing bases (TCBs) all hamper industrial development and deployment of DRM systems for digital content. In this paper I briefly describe each of these challenges, provide examples of how the industry is approaching each problem, and discuss how the solutions to each one of them are dependent on the others.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Ayars, J.: XMCL–the eXtensible Media Commerce Language, draft as of June 2001, Available at http://xmcl.org/specification.html
Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust Management for Public Key Infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)
Chapter Google Scholar
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings 1996 IEEE Symposium on Security and Privacy, May 1996, pp. 164–173 (1996)
Google Scholar
Chu, Y.-H., Feigenbaum, J., LaMacchia, B., Resnick, P., Strauss, M.: REFEREE: Trust Management for Web Applications. In: Proceedings of the Sixth International World Wide Web Conference, Santa Clara, CA (April 1997); Reprinted in Computer Networks and ISDN Systems 29, 953-964 (1997)
Google Scholar
eXtensible Rights Markup Language (XrML) 2.1, submission by ContentGuard to the OASIS Rights Language Technical Committee (May 2002), Available at http://www.oasis-open.org/committees/rights/documents/xrml200205.zip
Fox, B., LaMacchia, B.: A Safe Harbor for Designers of DRM Systems. Communications of the ACM (to appear)
Google Scholar
Godik, S., Moses, T. (eds.): OASIS eXtensible Access Control Markup Language (XACML). OASIS eXtensible Access Control Markup Language Technical Committee, Working Draft (September 2002)
Google Scholar
Hallam-Baker, P., Maler, E. (eds.): Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). OASIS XML-Based Security Services Technical Committee (May 2002)
Google Scholar
Iannella, R. (ed.): Open Digital Rights Language (ODRL), Version 1.1, Available at http://odrl.net/1.1/ODRL-11.pdf
LaMacchia, B., Lange, S., Lyons, M., Martin, R., Price, K.: .NET Framework Security. Addison-Wesley, Reading (2002)
Google Scholar
Moving Picture Experts Group (MPEG), ISO/IEC JTC1/SC29/WG11. Working documents, available at http://mpeg.telecomitalialab.com/working_documents.htm
Pearson, S. (ed.): Trusted Computing Platforms, TCPA Technology in Context. Prentice Hall PTR, Englewood Cliffs (2002)
Google Scholar
Housley, R., Ford, W., Polk, W., Solo, D. (eds.): PKIX Working Group, Internet Engineering Task Force. RFC 3280, Internet X.509 Public Key Infrastructure: Certificate and Certificate Revocation List (CRL) Profile (April 2002), Available at http://www.ietf.org/rfc/rfc3280.txt
Reddy, H. (Chairperson): OASIS Rights Language Technical Committee. Charter and documents, availabe at http://www.oasis-open.org/committees/rights/
Stefik, M.: The Digital Property Rights Language, Manual and Tutorial, Version 1.02. Xerox Palo Alto Research Center, Palo Alto (1996)
Google Scholar
Trusted Computing Platform Alliance, TCPA Main Specification, Version 1.1b, Available at http://www.trustedcomputing.org/docs/main%20v1_1b.pdf
Trusted Computing Platform Alliance, TCPA PC Specific Implementation Specification, Version 1.00, Available at http://www.trustedcomputing.org/docs/TCPA_PCSpecificSpecifcation_v100.pdf

Download references

Author information

Authors and Affiliations

Microsoft Corporation, One Microsoft Way, Redmond, WA, 98052-6399, USA
Brian A. LaMacchia

Authors

Brian A. LaMacchia
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Yale University,
Joan Feigenbaum

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

LaMacchia, B.A. (2003). Key Challenges in DRM: An Industry Perspective. In: Feigenbaum, J. (eds) Digital Rights Management. DRM 2002. Lecture Notes in Computer Science, vol 2696. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-44993-5_4

Download citation

DOI: https://doi.org/10.1007/978-3-540-44993-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40410-1
Online ISBN: 978-3-540-44993-5
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics