A personal mobile DRM manager for smartphones

doi:10.1016/j.cose.2009.03.001

Computers & Security

Volume 28, Issue 6, September 2009, Pages 327-340

https://doi.org/10.1016/j.cose.2009.03.001 Get rights and content

Abstract

In this paper we report on our experience in building the experimental Personal Digital Rights Manager for Motorola smartphones, an industry first.

Digital Rights Management allows producers or owners of digital content to control the manner in which the content is consumed. This may range from simply preventing duplication to finer access policies such as restricting who can use the content, on what devices, and for how long. In most commercial DRM systems, the average end user plays the role of content consumer, using DRM protected content made available by a service. Here we present a personal digital rights system for mobile devices where the end user has the ability to place DRM protection and controls on his or her own personal content.

We designed the personal DRM system to allow users of a mobile device to transparently define controls and generate licenses on custom content and securely transfer them to other mobile devices. A user is able to define and restrict the intended audience and ensure expiration of the content as desired. Compatible devices automatically detect each other and exchange credentials. The personal DRM system on each device safely enforces the content usage rules and also handles moving licenses between devices while preventing leakage of content. We implemented a prototype of our system on Motorola E680i smartphones.

Introduction

Digital Rights Management (DRM) refers to a collection of technologies used to control access to digital data. It is generally used by copyright owners or publishers of digital content to specify who can access the data and in what manner. This is accomplished by specifying the rights that the user of the content has, and the restrictions on the consumption of the content.

For instance, an online movie rental service that lets users download video files to a personal computer for a certain period uses DRM protection to enforce the terms of the rental license. Thus, even though the downloaded file is on the user's computer and may be seen as being under the “user's control”, DRM is used to lock the file and essentially make it difficult to play after the expiration of the rental period.

DRM is also used in mobile devices where, driven by huge advances in network infrastructure support as well as a boom in the number of interconnected personal devices, the modern mobile customer experience has become increasingly compelling. A large set of novel communication and content streaming services have become accessible, ranging from simple SMS messaging to live TV broadcasts. This trend is likely to accelerate with the eventual introduction of fully packet switched 4G networks featuring increased bandwidth and global mobility.

Mobile devices are increasingly being used as personal media centers. Traditional boundaries between the roles of information “producer” and “consumer” are blurring as device users produce and distribute content such as personal pictures and videos on their mobile devices. In such a scenario, it makes sense to have technology that lets the individual user retain control over the dissemination of such personal content. It is essential to enable user-level DRM controls for content access, data integrity and rights management.

Currently, most DRM technologies are geared toward the end user being the content consumer, and the DRM protected content coming from a commercial service. The model can be viewed as analogous to a client–server system, with the end user being the client that consumes the content provided by the server, e.g. an online music store. In contrast, we see the need for a personal DRM system that can be viewed as analogous to a peer-to-peer model, with every end user being able to act as content producer, and assert rights and retain control of his or her own content. Any given device can act as both sender (content producer) and recipient (content consumer).

In this paper we discuss a new personal digital rights management system for mobile devices in which a user is able to transparently define, generate, package and migrate content licenses between mobile devices on demand. Our system lets a user select a certain piece of content on a mobile device and associate various controls with it and specify who can consume the content. The controls may include restrictions such as how many times the content can be played etc, as well as whether the content may be exported to other devices.

We designed the personal DRM system and developed a prototype on the Motorola E680i smartphone. Each device automatically detects other personal DRM enabled devices in its proximity and exchanges credentials with them. It presents the user with an efficient graphical user interface that can be used to specify restrictions on any digital content on the phone, and lets the user select a target device to send the content to. Files are transferred between devices using a secure transfer protocol. Each device can play any content it is authorized to, and safely enforces the controls associated with the protected content.

Section snippets

Background

The core entities in a Digital Rights Management system are the users, the content and the rights. A DRM system design models these entities and the relationships between them, as shown in Fig. 1. A DRM system can also be modeled by more complex relationships between finer-grained entities, as described in Iannella (2001). For instance, the “rights” entity can be broken down into usage rules which include the obligations of the rights holder, such as paying for use, and permissions and

Design

In broad overview, the personal DRM system lets a user lock a content file, associate certain controls with it and send it to another device. The recipient device allows the file to be unlocked and played only after enforcing the controls. Therefore, the design of the personal DRM system involves designing the following central aspects of the system.

•
Securing i.e. encrypting the content
•
Specifying the controls on the content i.e. the license
•
Securely transferring the files between devices
•
Checking

Implementation

We implemented a prototype of our design on Motorola E680i smartphones. The E680i is a multi-feature palm-size embedded Linux-based cell phone with direct MPEG4 video capture and playback, a real-time 3D sound engine and 3D stereo speakers, an integrated MP3 player, a large capacity internal memory of up to 2 GB, a 240 × 320 color screen, and an integrated VGA camera with 8× zoom. It features an Intel XScale 300 MHz processor with 50 MB shared memory.

The full-featured Linux kernel on the phone

Conclusions

The main contributions of this work are twofold. First, it proposes a first personal DRM system that allows users to retain control over how the content they have produced is consumed, even when this takes place on devices other than their own. The second contribution consists of the implementation of a prototype system on several Motorola E680i smartphones. Our observations resulting from extensive testing of the system are that the content packaging and license generation operations are quite

Siddharth Bhatt is a graduate student in Computer Science at Stony Brook University. His research interests are in network and computer security.

References (39)

Apple Fairplay DRM
Chong CN, Corin R, Etalle S, Hartel P, Jonker W, Law YW. LicenseScript: a novel digital rights language and its...
Content scrambling system, DVD copy control association
Cooper A, Martin A. Towards an open, trusted digital rights management platform. In: DRM ’06: proceedings of the 6th...
W. Diffie et al.
New directions in cryptography
IEEE Transactions on Information Theory, IT
(1976)
W. Diffie et al.
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
(1992)
J.S. Erickson
Fair use, DRM, and trusted computing
Communications of the ACM
(2003)
S. Gilbertson
Windows media drm hacked yet again
Gunter C, Weeks S, Wright A. Models and languages for digital rights. In: 34th annual Hawaii international conference...
Guo H. Digital Rights Management (DRM) using XrML. In: T-110.501 Seminar on Network Security 2001;...

Halderman JA. Evaluating new copy-protection techniques for audio CDs. In: DRM ’02: proceedings of the 2nd ACM workshop...

How to break itunes drm

How to break drm (itunes, dvd, etc) for lawful purposes

R. Iannella

Digital Rights Management (DRM) architectures

D-Lib Magazine

(2001)

International Telecommunication Union

Recommendation X.509

Kravitz DW, Messerges TS. Achieving media portability through local content translation and end-to-end rights...

S.H. Kwok

Digital rights management for the online music business

ACM SIGecom Exchanges

(2002)

Leung YY, Peinado M, Strom CP. Binding digital content to a portable storage device or the like in a digital rights...

Liu Q, Safavi-Naini R, Sheppard NP. Digital rights management for content distribution. In: ACSW Frontiers ’03:...

Cited by (23)

SFPM: A Secure and Fine-Grained Privacy-Preserving Matching Protocol for Mobile Social Networking
2016, Big Data Research
In emerging big data era, mobile social networking (MSN) is an important data source, which provides an attractive proximity-based communication platform for mobile users with similar interests, attributes, or background to communicate with each other. In this kind of proximity-based MSN, profile matching protocol, which enables a mobile user to break the ice and start a conversation with someone attractive, is one of important components for its success. However, profile matching may occasionally leak the sensitive information, hence privacy concerns often hinder users from enabling this functionality. Aiming at this problem, in this paper, we present a new secure and fine-grained privacy-preserving matching protocol, called SFPM. Differently from those previously reported private profile matching schemes, our proposed SFPM can fine-grainedly differentiate users with the same value of matching metrics by two phases of profile matching. In addition to the personal privacy preservation through secure and efficient cryptographic algorithm, SFPM also achieves the flexibility of profiles changing at the same time. Extensive performance evaluations via smartphones with android system are conducted, and experimental results demonstrate the effectiveness of the SFPM protocol.
DRMFS: A file system layer for transparent access semantics of DRM-protected contents<sup>1</sup>
2012, Journal of Systems and Software
Citation Excerpt :
To protect DCFs while allowing random searching, we use AES in ECB mode. Our license format is an XML format that follows the OMA DRM version 2.1 (Open Mobile Alliance, 2008c) and (Bhatt et al., 2009) (see Table 1) and the application certificate's format is similar to the license format (see Table 2). The <type> field of an application certificate is required to prevent accesses by applications to the contents that cannot be rendered by the applications.
In many digital rights management (DRM) schemes, only a specialized application can decode DRM-protected contents. This restriction is harmful to users because they want to use their purchased digital contents with their preferred applications. To relax this restriction, DRM technology should provide transparent access semantics of DRM-protected contents to authorized applications. Some previous schemes achieve limited transparent access semantics but have efficiency and applicability problems. In this paper, we propose a DRM control scheme at the file system layer (DRMFS) that achieves transparent access semantics of DRM-protected contents with efficiency, applicability, and portability. Since DRMFS is working at the file system layer, any authorized application can access DRM-protected content in the same way as using general files. To implement a prototype of DRMFS, we use the Filesystem in Userspace (FUSE) library that is a well known library used to develop user level file systems. We explain details of the implementation and evaluate its performance. The evaluation results show that DRMFS has acceptable overheads.
EDU-DRM: A digital rights management (DRM) system for K-12 education
2019, Scientia Iranica
A novel identicication scheme for post-quantum secure digital right management
2017, 2nd International Conference on Computer Science and Engineering, UBMK 2017
A flexible and lightweight user-demand DRM system for multimedia contents over multiple portable device platforms
2017, Software - Practice and Experience
A survey of challenging issues and approaches in mobile cloud computing
2016, Parallel and Distributed Computing, Applications and Technologies, PDCAT Proceedings

View all citing articles on Scopus

Siddharth Bhatt is a graduate student in Computer Science at Stony Brook University. His research interests are in network and computer security.

Radu Sion is an assistant professor of Computer Science in Stony Brook University, heading the Network Security and Applied Cryptography Laboratory. His research focuses on data security and information assurance mechanisms. He has been applying practical cryptography and strong assurance mechanisms to achieve practical data privacy solutions, develop efficient regulatory compliant systems, cellular DRM solutions and conditional micro-payment schemes. Sion also directs the Stony Brook Trusted Hardware Laboratory, a central expertise and research knowledge repository on secure hardware. Collaborators and funding partners include Motorola Labs, Xerox/Parc, IBM Research, the IBM Cryptography Group, the Center of Excellence in Wireless and Information Technology CEWIT, the Stony Brook Office for the Vice-President for Research and the National Science Foundation. Sion serves on the organizing committee and steering boards of conferences such as CCS, NDSS, FC, USENIX Security, SIGMOD, ICDE, S&P, ICDCS, a.o.

Bogdan Carbunar is a senior staff member in the Applied Research and Technology Center of Motorola. His main work focus is on (i) devising secure applications for mobile devices and (ii) improving the scalability of video on demand services. His broader interests also span the areas of applied cryptography, data and network security and distributed algorithms, with particular applications in private information retrieval and electronic payment technologies.

¹: Supported by Motorola, NSF (IIS-0803197, CNS-0627554,0716608,0708025), IBM, Xerox, CEWIT.

View full text

A personal mobile DRM manager for smartphones

Abstract

Introduction

Section snippets

Background

Design

Implementation

Conclusions

Apple Fairplay DRM

Content scrambling system, DVD copy control association

New directions in cryptography

IEEE Transactions on Information Theory, IT

Authentication and authenticated key exchanges

Designs, Codes and Cryptography

Fair use, DRM, and trusted computing

Communications of the ACM

Windows media drm hacked yet again