Abstract
This paper focuses on the problem of preventing the illegal copying of digital content whilst allowing content mobility within a single user domain. This paper proposes a novel solution for binding a domain to a single owner. Domain owners are authenticated using two-factor authentication, which involves “something the domain owner has”, i.e. a Master Control device that controls and manages consumers domains, and binds devices joining a domain to itself, and “something the domain owner is or knows”, i.e. a biometric or password/PIN authentication mechanism that is implemented by the Master Control device . These measures establish a one-to-many relationship between the Master Control device and domain devices, and a one-to-one relationship between domain owners and their Master Control Devices, ensuring that a single consumer owns each domain. This stops illicit content proliferation. Finally, the pros and cons of two possible approaches to user authentication, i.e. the use of a password/PIN and biometric authentication mechanisms, and possible countermeasures to the identified vulnerabilities are discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abbadi, I.: Digital asset protection in personal private networks. In: 8th International Symposium on Systems and Information Security (SSI 2006), Sao Jose dos Campos, Sao Paulo, Brazil (November 2006)
Carden, N.: iTunes and iPod in the enterprise. The Journal of the International Systems Security Association, 22–25 (May 2007)
Chen, L., Pearson, S., Vamvakas, A.: On enhancing biometric authentication with data protection. In: Proceedings of the Fourth International Conference on Knowledge-Based Intelligent Engineering Systems and Allied Technologies, vol. 1, pp. 249–252. IEEE, Los Alamitos (2000)
Dabbish, E.A., Messerges, T.S.: Digital rights management in a 3G mobile phone and beyond. In: Feigenbaum, J., Sander, T., Yung, M. (eds.) Proceedings of the 3rd ACM workshop on Digital Rights Management, pp. 27–38. ACM Press, New York (2003)
Gallery, E., Tomlinson, A.: Secure delivery of conditional access applications to mobile receivers. In: Mitchell, C.J. (ed.) Trusted Computing, ch. 7, pp. 195–237. IEEE, Los Alamitos (2005)
Trusted Computing Group.: Trusted platform module FAQ
Günther, A., Hoene, C.: Measuring round trip times to determine the distance between WLAN nodes. In: Boutaba, R., Almeroth, K.C., Puigjaner, R., Shen, S., Black, J.P. (eds.) NETWORKING 2005. LNCS, vol. 3462, pp. 768–779. Springer, Heidelberg (2005)
Huffaker, B., Fomenkov, M., Plummer, D.J., Moore, D., Claffy, K.: Distance metrics in the Internet. In: IEEE International Telecommunications Symposium (2002), http://www.caida.org/publications/papers/2002/Distance/distance.pdf
IBM Research Division Almaden Research Center.: xCP cluster protocol (2003), http://www-03.ibm.com/solutions/digitalmedia/doc/content/bin/xCPWhitepaper_final_1.pdf
International Organization for Standardization.: ISO/IEC 21481: Information technology — Telecommunications and information exchange between systems — Near Field Communication Interface and Protocol -2 (NFCIP-2) (2005)
International Organization for Standardization.: ISO/IEC 18033-2, Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers (2006)
Liu, S., Silverman, M.: A practical guide to biometric security technology. IT Professional 3(1), 27–32 (2001)
Maltoni, D., Maio, D., Jain, A.K., Prabahakar, S.: Handbook of Fingerprint Recognition. Springer, Berlin (2003)
Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of artificial ‘gummy’ fingers on fingerprint systems. In: Proceedings of SPIE, vol. 4677, pp. 275–289 (2002)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol — OCSP. RFC 2560, Internet Engineering Task Force (June 1999)
Open Mobile Alliance.: DRM Specification — Version 2.0 (2006)
Pinkas, B., Sander, T.: Securing passwords against dictionary attacks. In: Proceedings of the 9th ACM conference on Computer and communications security, pp. 161–170. ACM Press, New York (2002)
Popescu, B.C., Kamperman, F.L.A.J., Crispo, B., Tanenbaum, A.S.: A DRM security architecture for home networks. In: Feigenbaum, J., Sander, T., Yung, M. (eds.) Proceedings of the 4th ACM workshop on Digital Rights Management, pp. 1–10. ACM Press, New York (2004)
Rowell, L.F.: The ballad of DVD JON. netWorker 10(4), 28–34 (2006)
Thomson.: SmartRight technical white paper (2003), http://www.smartright.org/images/SMR/content/SmartRight_tech_whitepaper_jan28.pdf
Toth, B.: Biometric liveness detection. The International Journal For Information Assurance Professionals 10(8), 291–298 (2005)
Trusted Computing Group.: Infrastructure Working Group Architecture, Part II, Integrity Management. Specification version 1.0 Revision 1.0 (2006)
Trusted Computing Group.: TPM Main, Part 1, Design Principles. Specification version 1.2 Revision 94 (2006)
Trusted Computing Group.: TPM Main, Part 2, TPM Structures. Specification version 1.2 Revision 94 (2006)
Trusted Computing Group.: TPM Main, Part 3, Design Principles. Specification version 1.2 Revision 94 (2006)
Weiss, A.: Will the open, unrestricted PC soon become a thing of the past? Journal of Trusted Computing 10(3), 18–25 (2006)
Wiedenbeck, S., Birget, J.-C., Brodskiy, A., Waters, J., Memon, N.: Authentication using graphical passwords: Effects of tolerance and image choice. In: Proceedings of the 2005 symposium on Usable privacy and security, pp. 1–12. ACM Press, New York (2005)
Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: Proceedings of the working conference on Advanced visual interfaces, pp. 177–184. ACM Press, New York (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Abbadi, I.M. (2007). Digital Rights Management Using a Master Control Device. In: Cervesato, I. (eds) Advances in Computer Science – ASIAN 2007. Computer and Network Security. ASIAN 2007. Lecture Notes in Computer Science, vol 4846. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76929-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-76929-3_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76927-9
Online ISBN: 978-3-540-76929-3
eBook Packages: Computer ScienceComputer Science (R0)