The Journal of Systems and Software 83 (2010) 24312440
Contents lists available at ScienceDirect
The Journal of Systems and Software
journa l homepage: www.e lsev ier .c
A robu t s
Heeyoula Kyonggi Univb Department o ac Hanyang Univ
a r t i c l
Article history:Received 17 NReceived in reAccepted 7 ApAvailable onlin
Keywords:Authorized doDigital rights mHome networkProxy certicaRight delegatio
nagees itslocaticaandof c
l of pr
Digital rights management (DRM) refers to technologies thatenforce pre-dened policies to control the access of digital media,such as digital movies and digital music. Since the advent of per-sonal computers and Internet le-sharing tools, it has become easyto make ancontentswirized use anthe benetsbecome ess
In homeas PCs andchases DRMfreely on anattention inconcept of a2002; Kim e2004; Smar2002). Accoa domain, abestowed obership of a(IBM Corpo
er inSmartRight, 2003), and the homedevices in a domain share a secretdomain key to render the content. This concept may be extendedto assign different access privileges to different devices in a homenetwork by establishing multiple domains having different privi-leges. However, this approach supports dynamic access control in
0164-1212/$ doi:10.1016/j.d distribute an unlimited number of copies of digitalthout any quality degradation. To prevent the unautho-d propagation of commercial content and to preserveof digital content providers, robust DRM systems haveential.network environments, where electronic devices suchdigital TVs are interconnected, if a consumer pur-content he or she will want to render the content
y of his or her home devices. This point has receivedthe literature, and many DRM systems based on then authorized domain (AD) have been proposed (Holtz,t al., 2006; Open Mobile Alliance, 2004; Popescu et al.,tRight, 2003; Sovio et al., 2003; van den Heuval et al.,rding to AD concept, home devices are registered innd the access permissions to render DRM content aren the domain instead of on a single device. The mem-domain is managed by either a centralized authority
ration, 2001; Open Mobile Alliance, 2004), or a local
ding author. Tel.: +82 53 810 3092.resses: firstname.lastname@example.org (H. Kim), email@example.com (Y. Lee),ng.ac.kr (Y. Park).
a very limited fashion and increases the cost of managing domains.For example, in an OMA DRM (Open Mobile Alliance, 2004) sys-tem, each device in a home network has to interactwith the centralauthority whenever it joins a domain.
In this paper, a robust and exible DRM system for homenetworks is presented that considers various scenarios that canoccur in home network environments. The term robust meansthat the system protects unauthorized consumption of digital con-tents for the benet of content providers, and the term exiblemeans that the system provides more ne-grained access con-trol for home devices. To provide compatibility with OMA DRM(Open Mobile Alliance, 2004), the proposed system assumes thesame environment as the OMA DRM, except for inside the homenetwork.
In the proposed system, the central authority delegates itsauthorization right to localmanagers located in the homenetworksby issuing proxy certicates that explicitly guarantee delegatedrights. Since a proxy key, which is associated to the correspond-ing proxy certicate, is assigned per each of the bestowed rightsseparately, a ne-grained control of delegated authorization rightsis possible. Based on the delegated rights, a local manager can pre-cisely control the access permissions of the DRM contents in thehome network. The proposed system also supports a temporary
see front matter 2010 Elsevier Inc. All rights reserved.jss.2010.04.064st and exible digital rights managemen
Kima, Younho Leeb,, Yongsu Parkc
ersity, Republic of Koreaf Information and Communication Engineering, Yeungnam University, Republic of Koreersity, Republic of Korea
e i n f o
ovember 2008vised form 1 March 2010ril 2010e 15 June 2010
a b s t r a c t
A robust and exible Digital RightsMasystem, the central authority delegatby issuing a proxy certicate, and theon digital contents with its proxy ceraccessing facility for external devicesof delegated rights and the revocationOCSP validation and periodic renewa
ction managom/ locate / j ss
ystem for home networks
ment system for home networks is presented. In the proposedauthorization right to the local manager in a home networkl manager exibly controls the access rights of home deviceste. Furthermore, the proposed system provides a temporaryachieves strong privacy for home devices. For the validationompromised local managers, a hybrid mechanism combiningoxy certicates is also presented.
2010 Elsevier Inc. All rights reserved.
the domain (Kim et al., 2006; Popescu et al., 2004;
2432 H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440
accessing facility, a term used here to indicate enabling an externaldevice to have a temporary access right to render specic contentwithin a home network. To efciently validate the delegated rightand to revoke compromised local managers, the system providesa hybrid mvalidation (ticates. Thbetween thsystems. Itvacy for hom
The restprevious DRsumption scare given inwith proxyproposed sproposed sthe certicaa functionadomain-basare made in
To proteauthorized2001; Kampin this areahouseholdvent the deanother hohome netwnetworks osuch as PCVideo Broadauthorizedery architecet al., 2006SmartRightEspecially,requiremenclearly pres
The Smason introduwhich is alssmartcard iand a registlicensing orPPN share aone devicebe changed
Popescufollows thesimilar to timproves thoperations,mechanism
The OpeAlliance, 20lic Key InfraRights Issueance devicethe domainheavy burdthe RI know
The xCP cluster protocol (IBM Corporation, 2001) proposed byIBM is an AD-based architecture where the broadcast encryption isapplied. Since this architecture utilizes only symmetric key encryp-tion, it requires low computational cost compared with others
g puinhees ay devexpDVBanaprodnismsh antistits bois trato erts.n aleent al.ctura sectiosemch isservtheabestgh itliedanwhtiumm wystemted cumere th. Thesup
ce aptioctions purwed
ser mme nbe ao otheviceeviceer th
netwechanism of Online Certicate Status Protocol (OCSP)Myers et al., 1999) and periodic renewal of proxy cer-is paper also presents a functionality comparison resulteproposed systemand thepreviousdomain-basedDRMshows that the proposed system achieves stronger pri-e devices.of the paper is organized as follows. In Section 2,M systems are reviewed. In addition, the expected con-enarios of the DRM contentswith the proposed systemSection 3. In Section 4, a proper delegation strategy
certicate is explained. In Section 5, the design of theystem is shown. Section 6 explains a prototype of theystem. In Section 7, the certicate validity check andte revocation mechanism are discussed. In Section 8,l comparison between the proposed system and othered DRM systems is provided. Lastly, some conclusionsSection 9.
ct DRM content in home networks, the concept of andomain (AD) has been developed (Eskicioglu and Delp,erman et al., 2001; Ripley et al., 2002). The main goalis to devise a mechanism enabling devices in the sameto share content without any restrictions and to pre-vices in one household from accessing the contents inusehold. The domain does not have to be restricted toork environments. It can be extended to personalizedr any networks that have several rendering devices,s, MP3 Players, PDAs, and Video Players. The Digitalcasting (DVB) standard rstly named this concept thedomain; subsequently, many domain content deliv-tures have been proposed (IBMCorporation, 2001; Kim; Open Mobile Alliance, 2004; Popescu et al., 2004;, 2003; Sovio et al., 2003; van den Heuval et al., 2002).in van den Heuval et al. (2002), the basic functionalts and the design guideline of an AD-based system areented.rtRight system (SmartRight, 2003) proposedby Thomp-ces the concept of a Personal Private Network (PPN),o based on the AD concept. Before joining the PPN, thencorporated into a device performs a compliance checkration process with a public key certicate issued by aganization. After joining the PPN, all devices in the samesymmetric domain key that protects digital contents. Ifin the domain is compromised, the domain key should.et al. (2004) proposed an AD security architecture thatspecications in van den Heuval et al. (2002) and ishe abovementioned SmartRight system. Their systeme compliance checking protocol to reduce public keyand it provides an efcient and exible revocationfor compromised devices.n Mobile Alliance (OMA) DRM standard (Open Mobile04) also supports the concept of a domain with a Pub-structure (PKI). However, in this standard, a centralizedr (RI)manages all authorizeddomains, i.e., each compli-joins a domainwith the approval of the RI and receiveskey from the RI. This centralized approach imposes aen on the RI, and domain privacy issues arise, becauses which devices are registered in which domains.
utilizinhas anincreasif manbe very
TheCopy Msumermechaestablially stacontensecretforcedconten
In ahave b(Nair earchiteaccessthe funand aapproatrusted(2005)tion toAlthoube app
MeConsorprobleDRM sproteca consconsumsystemture toand cotranspDRM s
Sinconsumthis sedeviceare allo
A uthe hoshouldthem teach drized dto rendhomeblic key operations. However, the broadcast encryptionrent limitation in that the size of the broadcast messages the total number of revoked devices increases. Thus,ices are compromised, this revocationmechanismmayensive.-CPCM (2009) is a system for Content Protection andgement of commercial digital content delivered to con-ucts. It provides the Authorized Domain Managementthat allows the devices belonging to a household tod join an AD. When a new AD is created, a new glob-
cally unique AD secret is generated to protected digitalund to that AD. If a new device joins the AD the ADnsmitted securely. And if the device leaves the AD it isase the AD secret to disable consumption of AD-bound
ternative research direction, a few DRM architecturesproposed supporting the delegation of authorization, 2005; Sovio et al., 2003). In Sovio et al. (2003), thee deals with delegating the right of authorization tocret key. To implement authorized domains, it utilizesn sharing technique between a device in the domaini-trusted network server. The main drawback of thisthat it always requires the cooperation of the semi-er to exercise the right. On the other hand, in Nair et al.rchitecturedealswithdelegating the right of authoriza-ow the access rights of DRM content on other entities.is proposed for content redistribution, this concept canto home networks as in Kim et al. (2006).ile, the Coral Interoperability Framework (CoralWhitepaper, 2006) tries to solve the interoperability
hich is another important issue in DRM systems. Mosts aremonolithic in the sense that they support a single
ontent format and system for enforcing access rights, sohaving a device that supports one DRM system cannote contentswithotherdevice that supports anotherDRMCoral framework is based on service-oriented architec-port interoperability between different DRM systemst formats with the goal of providing an intuitive andconsumer experience. The framework itself is not abut a mediator between different DRM systems.
ption scenarios of DRM contents for home
home network can include many home devices, then of DRM content can occur in a variety of ways. In, we provide various scenarios that describe whichchase and distribute DRM contents, and which devicesto access the contents.
sing and consuming contents within the home
ay want to consume DRM content via all devices inetwork. Thus, any device registered in a home networkble to purchase the contents and efciently distributeer devices in the home network, instead of requiringto contact the content provider separately. Only autho-s that are registered in a home network should be ablee purchased content. This case is a typical scenario inorks.
H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440 2433
3.2. Purchasing contents through a device residing out of thehome network
UsersmaypurchaseDRMcontent via amobile devicewhen theyare far awalike to purcor her ofcea connectioily wants toThen, oncetent with osatised in
Home dthey are in tbe dependeor may beadult conteaccess cont
Althoughthan thoseDRM systemple, a userwith a friethe user almay feel innal devicescan be anottomers. Howthe temporrestrictions
4. Right de
To suppdescribed acontents tocentral authexternal uscentral authcontent forwill bear awill arise idecentralizare handledsystem theright to issudomain meefciency a
To verifymanager anegated righwhich is a wment (Houskeypair andthe authoriticate signcerticate, tprivate keydevice with
The most important feature of the proxy certicate related tothe proposed system is that the proxy certicate makes it pos-sible to transform the rights management problem into a proxykey management problem. The proxy key is different from the
key that is used for identity authentication. Since the entityate is not relevant to the proxy certicate, the entity certi-ed not be reissued even if the proxy certicate is revoked.he use of the proxy certicate makes rights managementand can provide an efcient and exible way for rights
s section describes the detailed design of the proposed sys-he proposed system has been designed based on the OMAtandard, and it provides the rights delegation facility byying the proxy certicate. The main characteristic of theed system is that the authorization right to issue accessto DRM content is delegated from a centralized server toe network manager. Thus, the proposed system can locallyt the scenarios of Section 3 without the help of an outside
rk to-linecludeuppolize tthorie denameure aty. Me isshe hpose. Ba
Fy from the home network. For example, a user mayhase music content via a cellular phone while in his. In this case, the device cannot be guaranteed to haven with the home network. However, a user ordinar-consume the content immediately after purchasing it.home, a user may want to share the purchased con-ther home devices. These two requirements should bea non-conicting way.
lling access privileges of home devices
evices may have different access privileges althoughhe same home network. The privileges of a device maynt on the device owner, e.g., the host versus the guest,dependent on the content, e.g., music content versusnt. Since the access privileges can be altered, a dynamicrol mechanism should be provided.
g temporary access rights to external devices
consuming DRM content with external devices otherowned by the content owner violates the concept ofs, it is sometimes required in the real world. For exam-may want to render legally purchased DRM contentnds devices in the friends home. In this case, sinceready purchased the content access rights, he or shecompatible if rendering is not allowed. Enabling exter-to preview a part of DRM content as an advertisementher good example, because it increases potential cus-ever, to protect illegal distribution and consumption,
ary rights should be carefully controlled with explicit, such as consumption count and allowance period.
legation using proxy certicate
ort DRM facilities efciently in the various scenariosbove, delegating the right to authorize access of DRMlocal domain managers is useful. For instance, if theority directly manages the authorization granting aner a temporary right to render DRM content, or if theority directly controls the access permissions of DRMeach device in all home networks, the central authorityheavy management burden and a scalability problemn the DRM system. Thus, the proposed system takesed approach where each domain and its membershipby a local domainmanager. Moreover, in the proposedlocal domain manager is delegated the authorizatione new licenses on behalf of central authority for thembers. This kind of decentralized approach enhancesnd scalability of the proposed system.the delegated authorization right of a local domain
d to prevent a malicious manager from abusing its del-t, the proposed system employs the proxy certicateell-known method for delegation in the PKI environ-ley et al., 1999). The local manager generates a proxyrequests right delegation to the central authority. Then
ty delegates authorization right by issuing a proxy cer-ed by the authoritys private key. After receiving thehe local manager can issue new licenses with its proxy. Then the licenses validity is veried by each domaincorresponding proxy certicate.
entitycerticcate neThus, tsimpledelega
Thitem. TDRM semploproposrightsa homsupporserver.
Ahsuchasthe helthose phome nnetwophonethat in
To swe utiTheauto homwork,be secproperbecaustions. Tthe proof LDMwork.and m
network interconnects electronic products and systems,mobile phones, digital audio/video, anddigital TV.Withthe home network, both remote access to and control ofcts and systems are possible (Holtz, 2002). The typicalork consists of a home gateway that connects the homethe outside public network, in-home intranets such ass, power-lines, or wireless networks, and home deviceshome networking facilities.rt the various scenarios for homenetworks in Section3,he concept of rights delegation using proxy certicates.zation rights to issueaccesspermissionsofDRMcontentvices are delegated to a home manager in a home net-ly the Local Domain Manager (LDM). The LDM shouldnd reliable, and it also should have an always-onoreover, it should have reasonable computing power,uing access rights may require time-consuming opera-omegateway satises these requirements. Therefore, ind system, a home gateway is considered to play the rolesed on LDM, a domain is organized in each home net-vices in the home network are registered in a domain
ed by LDM in the domain.tional architecture of the proposed system is shown inhe descriptions of each functional entity are as follows.
ig. 1. DRM functional architecture for home networks.
2434 H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440
Content issuer (CI): The content issuer has responsibility for trans-ferring DRM content to home networks. For secure transfers, theDRM content is re-packaged so that only the purposed homedevice can obtain the content.
Rights issuer (RI): The rights issuer generates a Rights Object (RO)and issues it to the LDM, which legally purchases the associatedDRMcontent. In theRO, theaccesspermissionsof thecorrespond-ingDRMcontents are contained. The RO governs how the contentcan be consumed by the users home devices.
LDM: The LDM exists in a domain. The right to issue an RO to ahomedevice is delegated fromtheRI to the LDM.After delegation,the LDM acquires ROs for its domain from the RI, and issues ROsfor home devices based on the former ROs.
Home device: This refers to any device that is registered in adomain. A trusted DRM agent is embedded in each home device.The agent is responsible for enforcing access permissions speci-ed in the RO.
Each entitycorrespondactions betwPKI-based mauthorizatiothe RI by thin Section 5key distribuLDM manag
When apurchasingment. The Cwith a ContRO from wing on theLDM issuesdevices, anverifying thpermissionthe content
TheRI decontent to tis successfuing a proxyproxy certidepicted inis as follow
(1) LDMpublic k
the LM. Thverio sig
LDtproxht tons ofhts Lensileth SKM: vM chuestticauestthe Rices
regiopeticatviceviceuresion procedure are given in Section 6.
nsuming home content through LDM
en a user in a home network wants to purchase DRM con-purchasing process is executed through the LDM. After apayment, the LDM receives from the CI protected DRM con-hich is encrypted with a CEK, and receives from the RI aonding RO containing the rights to consume the content,
tions, and validity period. Based on the RO and the delegatedf Section 5.2, the LDM issues a Domain RO (DoRO) for homes and distributes it with the protected DRM content. Thecontains the CEK encrypted with a domain key known to allhas a private key and public key pair (SK,PK) and aing entity certicate issued by a trusted CA. The inter-een the two entities are performed after establishingutual authentication. Initially, the LDM acquires then right to issue access rights for home devices frome delegation by certicate strategy, which is described.2. The registration of home devices and the domaintion follow the OMA DRM standard, except that thees them instead of the RI.user in a home network wants DRM content, the
process is performed through the LDMwith a legal pay-I transfers the protected content, which is encryptedent Encryption Key (CEK). The RI issues a correspondinghich only the LDM can obtain the CEK. Then, depend-purposes described in Sections 5.4, 5.5 and 5.6, thea new access permission containing the CEK for homed distributes it with the LDMs proxy certicate. Aftere validity of both the proxy certicate and the access, the home device can obtain the CEK and then render.
legates the right to issue the access permissions ofDRMhe LDM after a negotiation between the RI and the LDMlly nished. The delegation is implemented by request-certicate from the LDM and consequent issuing of acate of RI. An overview of the delegation procedure is
Fig. 2.Adetaileddescriptionof thedelegationprocedures (Fig. 3).
Fig. 2. Authorization rights delegation process.
Thedard (Pauthenthe deThe deprocedvalidat
Whtent, apropertent, wcorresprestricright odeviceDoROg. 3. Examples of a proxy request and a proxy certicate.
RI: ProxyReqLDM. The LDM generates a private key andey pair (SKproxy, PKproxy) that will be used in proxy sig-generation and verication. It then generates a proxymessage ProxyReqLDM, including the identity of thed PKproxy. The message also includes two signaturesand SIGLDM: the former is generated with SKproxy toat theLDMhas theprivatekeycorresponding toPKproxy,latter is generated with SKLDM, the entity private keyDM, to prove that the delegation is requested from thee request message is sent to the RI.fy SIGproxy, SIGLDM in ProxyReqLDM. The RI veries thenatures in the request message with PKproxy and PKLDM.M: Certproxy. The RI generates a proxy certicatey, which binds PKproxy with the LDM and authorizes theissue RO for home devices. The conditions and restric-the delegated right are expressed by the Open Digitalanguage (2002), and are located in the ProxyCertInfoon eld, which is dened in the X.509 Proxy Certicate(Perlman et al., 2004). The proxy certicate is signedRI and sent to the LDM.erify Certproxy. After receiving the proxy certicate, theecks whether it is generated from the correspondingmessage by verifying that the public key in the proxyte is equal to the key previously sent in the proxymessage. Then, the LDM veries SIGRI, the signatureI. From this point, the LDM can delegate rights to home.
stration process is employed from the OMA DRM stan-scu et al., 2004). Each home device performs a mutualion with the LDM. The LDM checks the compliance ofby verifying the entity certicate of the home device.veries the entity certicate of the LDM. All vericationinclude the OCSP validation. The details of the OCSP
H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440 2435
Fig. 4. Consumption process of a home device with a Domain RO.
home devices, and thus home devices can consume the protectedDRM content. The procedure is as follows and is also depicted inFig. 4.
(1) CI, RI LDM: protected content, ROLDM. The CI sends protectedcontentRO whipublic k
(2) LDM: gthe RODoROLDkey andtions anThey shwhichwand disinstead
(3) LDMdevice wprotecte
(4) device:of the pright toand veries theobtainsdecryptsumes tDoROLD
Sometimdevice withhome netwLDM. In thi
other home devices upon returning home. The proposed systemcan manage this case; it can convert the previously purchased ROinto a DoRO that enables all home devices to access the content.The detailed process is described as follows and is also depictedin Fig. 5, assuming that the user purchases the content through adevice D1.
(1) CI, RID1:protected content, ROD1. TheCI sendsprotected con-tent encryptedwith the CEK, and the RI sends an RO for D1 thatcontains the CEK encrypted with the public key PKD1.
(2) D1 LDM: ROD1, protected content, EPKLDM (CEK). At the homenetwork, D1 requests the LDM to convert ROD1 into DoROLDM.D1 obtains the CEK by decrypting with SKD1. D1 again encryptsit with PKLDM and sends the encrypted result EPKLDM (CEK) andROD1 to the LDM.
(3) LDM: verify ROD1. The LDM veries the signature of the RI inROD1 and checks whether converting the RO into the DomainRO is allowed.
(4) LDM: generate Domain RO. The LDM obtains the CEK from
endinetwcessay setwagerespproac) forith
contnal co th
LDuestacceencrypted with the CEK, and the RI sends the LDM anch contains the CEK encrypted with PKLDM, the entityey of the LDM.enerate Domain RO. The LDM obtains the CEK fromby decrypting with its private key SKLDM, and issues aM containing both the CEK encrypted with the domainthe signature generatedwith SKproxy. The access condi-d restrictions are explicitly described in the DoROLDM.ould not exceed the scope of those in the original RO,as previously issued from theRI to the LDM. Theupdate
tribution of the domain key is performed by the LDMof the RI, according to the OMA DRM specication.device: DoROLDM, protected content, Certproxy. If a homeants to access the content, the LDM distributes thed contentwith a correspondingDoROLDM andCertproxy.verify Domain RO. The device rst checks the validityroxy certicate to conrm that the LDM has a properissue the Domain RO by investigating the descriptionifying the signature in the proxy certicate. It then ver-signature in the DoROLDM with the certicate and
the CEK by decrypting it with the domain key. Aftering the protected content with the CEK, the device con-he content according to the access permissions in theM.
ting an RO into a Domain RO for home networks
es a user may purchase DRM content for a specicout the help of the LDM if he or she is far from theork and his or her device cannot be connected with thes case, the user may want to share the content with
Dephomecan actems mhome nto manthe corent ap(DeROtively waccessadditioDeRO s
(1) D1reqtheFig. 5. Conversion from an individual RO into aEK) with SKLDM, and issues a corresponding DoROLDM.M includes theciphertext,which is a result of encryptingwith the domain key.device: DoROLDM, protected content, Certproxy. If anotherevice wants to consume the content, the LDM dis-the protected content with a corresponding DoROLDMproxy certicate.verifyDomain RO. The device checks the validity of bothOLDM and the proxy certicate. Then, it can obtain theconsume the content after decryption.
control of home devices
ng on the type of DRM contents or the policy of theork, it is desired that only a subset of home devicescertain contents. Aforementioned AD-based DRM sys-olve this problem by allowing multiple domains for aork. However, this approach requires additional effortsnot only the membership for each domain but alsoonding domain keys. The proposed system has a differ-h, in which the LDM separately issues a Delegated ROeach device to have a different access privilege respec-LDMs issuing right that is empowered by RI. Since therol is performed by the LDM, the RI does not require anyost. The following procedure describes how to issue aat can be used for only a specic home device, D1.
M: request for a DRM content. A home device D1s the LDM to send D1 DRM content on which D1 hasss privilege.
2436 H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440
(2) LDM: chaccess tthe ROL
(3) LDM: gthe ROLa DeROkey PKDkey SKp
(4) LDMthe proproxy c
(5) D1: verDeROD1DeROD1tected c
For theLDM allowsporarily. ThLDM to issurights and adevice thattion proces(see Fig. 6a)(see Fig. 6b)for deliverinan external
(1) LDMLDM geanonymLDM alsD1. Afte
(2) DexDtacts anit receiva physic
(3) D1Dex: TROanony, protected content, EPKDex (TK), Certproxy.After verication of CertDex, D1 sends the protected content andthe TROanony received from the LDM in Step 1 and also sends
encryption of TK with PKDex.x: veth SKen, itcon
ly anthis hses. Fhe cor fro
lidityom isyste.s secate as, thed soreus Led syvely
he prociation oion ps, it iate ismetacceFig. 6. Consumption process of a Temporary RO.
eck request. The LDM checks whether D1 is allowed tohe content, based on either the restrictions described inDM or the policy of the home network.enerate Delegated RO. The LDM obtains the CEK fromDM by decrypting it with LDMs private key, and issuesD1 containing both the CEK encrypted with D1s public1 and the signature generated with the private proxyroxy.D1:DeROD1, protected content, Certproxy. The LDMsendstected content with a corresponding DeROD1 and theerticate to D1.ify Delegated RO. D1 checks the validity of both theand the proxy certicate. Then, it obtains the CEK inby decrypting it with SKD1. After decrypting the pro-ontent with the CEK, D1 can consume the content.
g temporary consuming of external devices
Thetrust mto be aproperverifyproceswith tattackethe vaLDM frposedsystem
Thicerticsystemproposis far mmalicioproposeffecti
In tits assvalidatvalidatprocescertic
Thidevicecases described in Section 3.4, it is necessary that theexternal devices to consume intended content tem-
e proposed system provides this ability by allowing thee a Temporary RO (TRO), which has restricted accessvery short validity period. If the identity of the externalwill consume the contents is predictable, the consump-s of TRO is similar to the process of DeRO in Section 5.5. If it is notpredictable, the followingprocess is executed. In both cases, the internal device D1 has responsibilityg the protected content and TRO from the LDM to Dex,device.
D1: TROanony,protected content, EPKD1 (TK), Certproxy. Thenerates a temporary key TK and issues a TROanony for anous device where the CEK is encrypted with TK. Theo encrypts TK with D1s public key PKD1 and sends it tor receiving them, D1 obtains TK.1: CertDex.When outside the home network, if D1 con-external device Dex which will consume the content,es the certicate of Dex through a local connection oral connection.
verify the vonce per eaticate. Movalidity checan be limitFig. 7 showvalidity per
The folloOCSP validaprotocol. Sinects to thethrough the
(1) The devincludenonce t
(2) The LDM(3) The OC
which cOCSP seture of
(4) The LDMrify Temporary RO. Dex obtains the TK by decrypting itDex, and checks the validity of TROanony with Certproxy.obtains the CEK in TROanony with TK and can consumetent after decryption.
ion and certicate validation
t model of the proposed system follows the OMA DRMl except one additional hypothesis. The LDM is assumedted entity that acquires delegated authorization rightd does not issue illegitimate licenses maliciously. Toypothesis each device performs two kinds of checkingirst, the device checks the validity of received licenserresponding proxy certicate to prevent a maliciousm pretending a trusted LDM. Second, the device checksof the proxy certicate as below to prevent a revokedssuing illegal licenses. Therefore, we argue that the pro-m is not necessarily weaker than the base OMA DRM
tion describes how to check the validity of LDMs proxynd how to revoke it. Compared with the previous DRMe revocation and certicate validation process in theystem have been carefully designed, because the LDMpowerful than that of previous systems. How to detectDMs is beyond the scope of this paper; however, thestem provides a way to isolate known malicious LDMs
via a certicate validation and revocation process.
y checking of proxy certicates
oposed system, upon receiving a new access right anded proxy certicate, a rendering device performs thef the received proxy certicate via the OCSP certicaterotocol (Myers et al., 1999). If it passes the validations not revalidated until the validity period of the proxys expired.hod ismore efcient than an intuitive approach that thesses theOCSP serverper each renderingof the content toalidity, because thedevice accesses theOCSP server onlych content during the validity period of the proxy cer-reover, this method preserves the main objective of theck processwithOCSP; the lifetime of themalicious LDMed atmost to the validity period of the proxy certicate.s why the lifetime of themalicious LDM is limited to theiod of its proxy certicate.wingprotocol shows theway for eachdevice toperformtion protocol. Fig. 8 depicts an overview of the detailednce it cannot be assumed that the device directly con-OCSP server, themessages in the protocol are deliveredLDM.
ice sends the LDM an OCSP request message whichs the serial numberof theproxy certicate anda randomo prevent replay attacks by a malicious LDM.delivers the received OCSP request to the OCSP server.
SP server checks the validity of the proxy certicate,orresponds to the serial number in the request. Therver then responds with the check result and the signa-OCSP server to the LDM.
delivers the response to the device.
H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440 2437
(5) After reof the OAlso it vto the odeviceproxy ccate is vnot, therights o
The perithe validityperiod expiproxy certiauthenticatinteractingincluded inful, RI issuedifferencescerticate aLDM can kegenerationcerticate.
ate sof t
y, anrs ths quecati
protnux eodiecertienSSs thedepiyed Xnd itFig. 7. Relation between the lifetime of malicious LDM and th
ceiving the response, the device veries the signatureCSP server with the pre-shared certicate of the OCSP.eries whether the nonce in the response is the samene in the corresponding request message. Then the
investigates the response. If the response shows theerticate is valid, the device regards the proxy certi-alid and continues the content rendering procedure. Ifdevice erases the proxy certicate and its associated
bject in its memory.
cal renewal of proxy certicates
odic renewal of a proxy certicate is performed whenperiod of the proxy certicate is expired. If the validityration is recognized, an LDMrequests the renewal of thecate to RI. After receiving the renewal request, RI re-es the LDM by checking its black-list or white-list, andwith theOCSP server to verify theproxy certicate is notthe revocation list. If the re-authentication is success-s the renewed proxy certicate to the LDM. The onlybetween the old proxy certicate and the new proxyre the validity period and the signature of RI. Thus, the
If thruptioncerticmationidentitregistedeviceits revo
Theon a LiWe mproxythe OpdepictFig. 10emploright aep on using the current proxy private key without re-of a new private/public key pair for the renewed proxy
The folloprototype.certicate,Object). In F
Fig. 8. Certicate validation querying prity period of the proxy certicate.
ght of an LDM should be invalidated due to the cor-malfunctioning of the LDM, revocation of the proxyhould be performed. For this, the RI sends the infor-he proxy certicate (including serial number, subjectd proxy public key) to the OCSP server. Then the serveris entity in the revocation list. After this registration, therying the status of the proxy certicate are notied ofon status.
otype of the proposed system has been implementednvironment with the OpenSSL library (OpenSSL, 2010).d the ASN.1 encoding module, the X.509 entity andcate module, and used a cryptographic module inL library to implement the proposed system. Fig. 9functional architecture of the proposed system and
cts the componenthierarchyof our implementation.WeML in the proposed system to describe the delegateds condition.
wing screenshots show simple running results of theFig. 11 depicts the running result of issuing the proxyand Fig. 12 depicts a sample DoRO (Domain Rightig. 11, the proxy certicate includes a policy where the
2438 H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440
Fig. 9. Functional architecture.
scope and limitation of the delegated right is described. The policyis expressed as an XML description. In Fig. 12, a white-list, whichshows the entities that are permitted to use the DoRO, is containedin the DoRO.
8. Comparison with domain-based DRM systems
In this section, the proposed system is compared with otherAD-based DRM systems for home networks: SmartRight (2003),Popescu et al. (2004), xCP (IBM Corporation, 2001), OMA DRM(Open Mobile Alliance, 2004), and DVB-CPCM (2009). The com-
pared functionalities are described as follows, and the results aresummarized in Table 1.
Home content local sharing: All home devices registered in a homenetwork should be able to render home contents that are allowedto be consumed. This functionality is supported in all the aboveDRM systems, since they are based on the concept of authorizeddomain.
Home content access control: It should be possible to give differentaccess privileges to each device even in the same home network.
Table 1Functionality c
Home conteHome conteTemporary aAD managemAD privacyRevocation m
GDRL, global dFig. 10. Component hierarchy.
omparisons between the proposed system and the previous systems.
Popescu et al.(2004)
xCP (IBMCorporation, 2001)
nt local sharing nt access control ccessing ent policy Decentralized Decentralized Centralized
echanism GDRL GDRL/LDL MKB
evice revocation list; LRL, local revocation list; MKB, media key block; OCSP, online certiOMA (Open MobileAlliance, 2004)
Centralized Decentralized Decentralized OCSP GDRL OCSP/PRPC
cate status protocol; PRPC, periodical renewal of proxy certicate.
H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440 2439
xCP and Omultipleefcient aposed sys(DeRO).
Temporaran externagreemenrst time
AD manaclassiedformer mmembersmeans thager regiscalability
AD privacin a homerelated toby the conot be ke
mechanism for local domains is supported. For OMA DRM usingOCSP, depending on the online server can impose a heavy burden.
As shown in Table 1, the proposed system supports all functionalityEspevacy.CSPvke th
his phas bhorizcertintrorefuios ored wIn coersof t
s woce, [ig. 11. Prototype result: description of proxy certicate.
above.AD priwithOto revo
In tworksits autproxyibly cowas cascenarcompation 8.consumgrowth
ThiprovinPrototype result: description of Domain Right Objects (DoRO).
MA DRM can partially support this functionality withdomains; however, they do not support a exible andccess control mechanism. On the other hand, the pro-tem supports it by issuing a Delegated Rights Object
y accessing of external devices: This functionality enablesal device to render home contents temporarily with thet of the user. The proposed system supports it for theby issuing a Temporary Rights Object (TRO).gement policy: The management of domains can beinto two types: centralized and decentralized. Theeans that a centralized trusted server manages thehip of all domains and domain keys, and the latterat each domain is managed by each local man-stered in the domain. The latter type has better.y: The information about compliant devices registerednetwork should not be revealed. This is very closelythe AD management policy. If the domain is managednnection with an outside server, the information maypt secure.n mechanism: If a device in home networks is compro-nattacker, it shouldbeprevented fromrenderinghomeor the systemof Popescu et al., a lightweight revocation
Contents Seence Researof Korea(NTechnology
Eskicioglu, A.Mconsumer(5)), 6816
Holtz, R., 2002Housley, R., F
. xCP Cluster PKamperman, F
managemKim, H., Lee, Y
Myers,M., AnkKey Infras
Nair, S.K., PopDRM-presE-Comme
2002. Open DODRL Initi
. DRM Architehttp://ww
Perlman, L.,WKey Infras
Popescu, B.C., CarchitectuManagem
Ripley, M., Trahome. Inte
Sovio, S., Asokdevices. In
van den Heuvcontent m467474.
Digital Video BDecember
Coral Consorticially, it supports access control of home contents andMoreover, it applies the concept of periodical renewalalidation to validate theproxy certicate efciently ande certicate of a malicious AD manager.
aper a robust and exible DRM system for home net-een presented. In the proposed system the RI delegatesation right to the local domain manager by issuing acate, and the local domain manager robustly and ex-
ls the consuming rights of home devices. The systemlly designed in consideration of various consumptionf DRM contents for home networks, and its advantagesith previous domain-based systems are shown in Sec-nclusion, the system can reduce the inconvenience tousing DRM contents, and thus can contribute to thehe DRM market.
rk was supported by the GRRC program of Gyeonggi200911963, Software Technology for Effective Digitalrvice]. Also, This research was supported by Basic Sci-ch Program through the National Research FoundationRF) funded by the Ministry of Education, Science and(2009-0069740, 2010-0006355).
., Delp, E.J., 2001. An overview of multimedia content protection inelectronic devices. Signal Processing: ImageCommunication16 (April99.. Guide to Home Networks. Consumer Electronics Association.ord, W., Polk, W., Solo, D., 1999. Internet X.509 Public Key Infras-RFC 2459, The Internet Engineering Task Force (IETF). Availablew.ietf.org/rfc/rfc2459.txt.rotocol DVB-CPT-716, October. IBM Corporation..L.A.J., van den Heuvel, S.A.F.A., Verberkt, M.H., 2001. Digital rightsent in home networks. In: Proc. IBC, September, pp. 7077.., Chung, B., Yoon, H., Lee, J., Jung, K., 2006. Digital rights managementdelegation for home networks. In: Proc. ICISC 2006, LNCS, vol. 4296,, pp. 233245.ney, R.,Malpani, A., Galperin, S., Adams, C., 1999. X.509 Internet Publictructure Online Certicate Status Protocol OCSP. RFC 2560.escu, B.C., Gamage, C., Crispo, B., Tanenbaum, A.S., 2005. Enablingerving digital content redistribution. In: Proc. 7th IEEE Int. Conf. onrce, pp. 151158.igital Rights Language (ODRL), Version 1.1, Technical Specication.ative, available: http://odrl.net/1.1/ODRL-11.pdf.cture Candidate Version 2.0, July. Open Mobile Alliance, available:w.openmobilealliance.org.e Open Source Toolkit for SSL/TLS, 2010. Available:w.openssl.org.elch, V., Foster, I., Kesselman, C., Tuecke S., 2004. Internet X.509 Publictructure (PKI) Proxy Certicate Prole. RFC 3820.rispo, B., Kamperman, F.L.A.J., Tanenbaum, A.S., 2004. ADRMsecurityre for home networks. In: Proc. 4th ACM Workshop on Digital Rightsent, October.w, C.B.S., Balogh, S., Reed, M., 2002. Content protection in the digitall Technology Journal 6 (9), 4956.echnical white paper, January 2003. Available: http://www.t.org/images/SMR/content/SmartRight tech whitepaper jan28.pdf.an, N., Nyberg, K., 2003. Dening authorization domains using virtual: Proc. SAINT Workshops 2003, pp. 331336.al, S.A.F.A., Jonker, W., Kamperman, F.L.A.J., Lenoir, P.J., 2002. Secureanagement in authorized domains. In: Proc. IBC, September, pp.
roadcasting Content Protection and CopyManagement (DVB-CPCM),2009. DVB Document A094r4-7.um Whitepaper, February 2006. http://www.coral-interop.org.
2440 H. Kim et al. / The Journal of Systems and Software 83 (2010) 24312440
Heeyoul Kim received the B.E. degree in Computer Science from KAIST, Korea, in2000, theM.S. degree in Computer Science fromKAIST in 2002, and the Ph.D. degreein computer science fromKAIST in 2007. From2007 to 2008,with the Samsung Elec-tronics as a senior engineer. Since 2009 he has been a faculty member of Division ofComputer Science at Kyonggi University. His main research interests include appli-cation security such as secure group communication anddigital rightsmanagement.
Younho Lee received the B.E., M.S., and Ph.D. degree in Computer Science fromKAIST, Korea, in 2000, 2002, and 2006, respectively. He worked as a visiting pos-toctoral researcher and research staff under the supervision of the Prof. AlexandraBoldyreva at the GeorgiaTech Information Security Center from 2007 to 2009. He
has been a faculty member in the department of Information and CommunicationEngineering, Yeungnam University, Korea, since 2009. His reserch interests includenetwork security, applied cryptography, and multimedia security.
Yongsu Park received the B.E. degree in Computer Science from Korea AdvancedInstitute of Science and Technology (KAIST), South Korea, in 1996. He received theM.E. degree and the Ph.D. degree in Computer Engineering from Seoul NationalUniversity in 1998 and 2003, respectively. He is currently an assistant professorin the Division of Computer Scince and Engineering at Hanyang University, Seoul,Korea. His main research interests include program security, network security, andcryptography.
A robust and flexible digital rights management system for home networksIntroductionRelated workConsumption scenarios of DRM contents for home networksPurchasing and consuming contents within the home networkPurchasing contents through a device residing out of the home networkControlling access privileges of home devicesAllowing temporary access rights to external devices
Right delegation using proxy certificateSystem designSystem overviewRights delegationRegistrationConsuming home content through LDMConverting an RO into a Domain RO for home networksAccess control of home devicesAllowing temporary consuming of external devices
Revocation and certificate validationValidity checking of proxy certificatesPeriodical renewal of proxy certificatesRevocation
ImplementationComparison with domain-based DRM systemsConclusionAcknowledgementReferences