Enforcing P3P Policies Using a Digital Rights Management System

Salim, Farzad; Sheppard, Nicholas Paul

doi:10.1007/978-3-540-75551-7_13

Cited by 11 publications

(8 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [31], the authors proposed a secure solution to suit DRM in home networks consisting of consumer electronic devices. One issue is that licences can leak information about the enterprise data; and in order to overcome this issue, the Platform for Privacy Preferences Language (P3P) is used to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses [32]. DRM concept can also be extended to the health domain in order to protect the privacy of patient's electronic health records stored in a cloud storage [22].…”

Section: Our Workmentioning

confidence: 99%

Broadcast encryption with dealership

Gritti

Susilo

Plantard

et al. 2015

Int. J. Inf. Secur.

View full text Add to dashboard Cite

In this paper, we introduce a new cryptographic primitive called broadcast encryption with dealership. This notion, which has never been discussed in the cryptography literature, is applicable to many realistic broadcast services, for example subscription-based television service. Specifically, the new primitive enables a dealer to bulk buy the access to some products (e.g., TV channels) from the broadcaster, and hence, it will enable the dealer to resell the contents to the subscribers with a cheaper rate. Therefore, this creates business opportunity model for the dealer. We highlight the security consideration in such a scenario and capture the security requirements in the security model. Subsequently, we present a concrete scheme, which is proven secure under the decisional bilinear Diffie-Hellman exponent and the Diffie-Hellman exponent assumptions. Abstract In this paper, we introduce a new cryptographic primitive called Broadcast Encryption with Dealership (BED). This notion, which has never been discussed in the cryptography literature, is applicable to many realistic broadcast services, for example subscription-based television service. Specifically, the new primitive enables a dealer to bulk buy the access to some products (e.g. TV channels) from the broadcaster and hence, it will enable the dealer to resell the contents to the subscribers with a cheaper rate. Therefore, this creates business opportunity model for the dealer. We highlight the security consideration in such a scenario, and capture the security requirements in the security model. Subsequently, we present a concrete scheme, which is proven secure under the Decision Bilinear Diffie-Hellman Exponent (DBDHE) and the Diffie-Hellman Exponent (DHE) assumptions.

show abstract

Section: Our Workmentioning

confidence: 99%

Broadcast encryption with dealership

Gritti

Susilo

Plantard

et al. 2015

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…P3P is not designed to support automated enforcement, however, and later systems introduced hybrids of P3P and XrML [56,93] or extended forms of MPEG REL [100]. Other DRM-like systems support very limited rights expressions using their own notation [22,61].…”

Section: Privacy Protectionmentioning

confidence: 99%

“…In a privacy scenario, each grant may represent whether or not the information owner wishes to be added to a mailing list, participate in research, etc. [100,93].…”

Section: Rights Negotiationmentioning

confidence: 99%

Digital Rights Management

Sheppard¹

2010

Chapman &Amp; Hall/CRC Cryptography and Network Security Series

View full text Add to dashboard Cite

Digital rights management allows information owners to control the use and dissemination of electronic documents via a machine-readable licence. Documents are distributed in a protected form such that they may only be used with trusted environments, and only in accordance with terms and conditions stated in the licence. Digital rights management has found uses in protecting copyrighted audio-visual productions, private personal information, and companies' trade secrets and intellectual property. This chapter describes a general model of digital rights management together with the technologies used to implement each component of a digital rights management system, and desribes how digital rights management can be applied to secure the distribution of electronic information in a variety of contexts.

show abstract

“…At the same time as they submitted their information, individuals could create a licence that gave permission to use that information only to the people who filled particular roles within the organisation that received the information. It is difficult to make MPEG REL accessible to ordinary users, however, and the system was later adapted to generate MPEG REL licences from P3P policies that could be rendered in a more familiar way [29]. Finally, we applied SITDRM to an enterprise DRM scenario that allowed employees of an organisation to create governed items that could only be read by other employees located within a particular area (Figure 10).…”

Section: Sitdrm Applicationsmentioning

confidence: 99%

On implementing mpeg-21 intellectual property management and protection

Sheppard

2007

Proceedings of the 2007 ACM Workshop on Digital Rights Management

Self Cite

View full text Add to dashboard Cite

The MPEG-21 Intellectual Property Management and Protection (&lquot;IPMP&rquot;) Components specify a framework for inter-operable and renewable digital rights management based on IPMP tools that implement proprietary digital rights management features. MPEG-21 defines the mechanism by which protected multimedia objects are associated with proprietary IPMP tools, but does not specify the interface through which IPMP tools and MPEG-21 terminals communicate. This paper describes an implementation of the IPMP components including an interface to IPMP tools based on the MPEG Rights Expression Language; dynamic construction of authorisation proofs that permit a principal to carry out an action; and a cryptographic architecture bound to the existence of authorisation proofs. This implementation has been applied to scenarios in copyright protection, privacy protection and corporate document protection, suggesting that &lquot;IPMP&rquot; may be useful in applications other than intellectual property. AbstractThe MPEG-21 Intellectual Property Management and Protection ("IPMP") Components specify a framework for inter-operable and renewable digital rights management based on IPMP tools that implement proprietary digital rights management features. MPEG-21 defines the mechanism by which protected multimedia objects are associated with proprietary IPMP tools, but does not specify the interface through which IPMP tools and MPEG-21 terminals communicate.This paper describes an implementation of the IPMP components including an interface to IPMP tools based on the MPEG Rights Expression Language; dynamic construction of authorisation proofs that permit a principal to carry out an action; and a cryptographic architecture bound to the existence of authorisation proofs. This implementation has been applied to scenarios in copyright protection, privacy protection and corporate document protection, suggesting that "IPMP" may be useful in applications other than intellectual property.

show abstract

Enforcing P3P Policies Using a Digital Rights Management System

Cited by 11 publications

References 12 publications

Broadcast encryption with dealership

Broadcast encryption with dealership

Digital Rights Management

On implementing mpeg-21 intellectual property management and protection

Contact Info

Product

Resources

About