Music on the Internet and the intellectual property protection problem

Lacy, Jack; Snyder, James H.; Maher, David P.

doi:10.1109/isie.1997.651739

Cited by 18 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The key would be bound to a license that indicated to the trust management engine that the holder of the license was authorized to access the content per the terms of the license and the local policy of the application hosting the trust management engine. An early version of these so-called DRM systems explicitly based on trust management is described in [3].…”

Section: Octopus: An Application Independent Drm Toolkitmentioning

confidence: 99%

Octopus: An Application Independent DRM Toolkit

Boccon-Gibod¹,

Boeuf²,

Lacy³

2009

2009 6th IEEE Consumer Communications and Networking Conference

View full text Add to dashboard Cite

Digital Rights Management systems originally arose as an example of a solution to one of the most basic problems associated with secure systems design, the problem of governing access by a credentialed entity to a resource in the context of a set of policies established to restrict or define such access. Most DRMs that are in use today are based on DRMspecific declarative rights expression languages and authorization mechanisms that have strong semantic coupling to the application in which they are employed. A notable exception to this approach can be found in the Octopus system described in this paper. Octopus employs several concepts from the trust management philosophy originally posited by Blaze, et al. in 1996, but perhaps its most striking similarity can be found in its clear separation of authorization mechanism from application semantics.

show abstract

Section: Octopus: An Application Independent Drm Toolkitmentioning

confidence: 99%

Octopus: An Application Independent DRM Toolkit

Boccon-Gibod¹,

Boeuf²,

Lacy³

2009

2009 6th IEEE Consumer Communications and Networking Conference

View full text Add to dashboard Cite

show abstract

“…PolicyMaker was introduced in the original trust-management paper by Blaze et al [1], and its compliance-checking algorithm was later fleshed out in [4]. A full description of the system can be found in [1,4], and experience using it in several applications is reported in [5][6][7]. PolicyMaker credentials and policies (collectively referred to as assertions) are fully programmable: they are represented as pairs…”

Section: Policymakermentioning

confidence: 99%

Experience with the KeyNote Trust Management System: Applications and Future Directions

Blaze

Ioannidis

Keromytis

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Access control in distributed systems has been an area of intense research in recent years. One promising approach has been that of trust management, whereby authentication and authorization decisions are combined in a unified framework for evaluating security policies and credentials. In this paper, we report on our experience of the past seven years using the PolicyMaker and the KeyNote trust management systems in a variety of projects. We start with a brief overview of trust management in general, and KeyNote in particular; we describe several applications of trust management; we then discuss various features we found missing from our initial version of KeyNote, which would have been useful in the various applications it was used. We conclude the paper with our plans for future research.

show abstract

“…We give a high-level overview of the design decisions that went into PolicyMaker in this section and some technical details of the PolicyMaker compliance checker in Appendix A below. A full description of the system can be found in [5,7], and experience using it in several applications is reported in [6,18,21].…”

Section: Policy Makermentioning

confidence: 99%

The Role of Trust Management in Distributed Systems Security

Blaze

Feigenbaum

Ioannidis

et al. 1999

Secure Internet Programming

336

190

View full text Add to dashboard Cite

Abstract. Existing authorization mechanisms fail to provide powerful and robust tools for handling security at the scale necessary for today's Internet. These mechanisms are coming under increasing strain from the development and deployment of systems that increase the programmability of the Internet. Moreover, this "increased flexibility through programmability" trend seems to be accelerating with the advent of proposals such as Active Networking and Mobile Agents. The trust-management approach to distributed-system security was developed as an answer to the inadequacy of traditional authorization mechanisms. Trust-management engines avoid the need to resolve "identities" in an authorization decision. Instead, they express privileges and restrictions in a programming language. This allows for increased flexibility and expressibility, as well as standardization of modern, scalable security mechanisms. Further advantages of the trust-management approach include proofs that requested transactions comply with local policies and system architectures that encourage developers and administrators to consider an application's security policy carefully and specify it explicitly. In this paper, we examine existing authorization mechanisms and their inadequacies. We introduce the concept of trust management, explain its basic principles, and describe some existing trust-management engines, including PoHcyMaker and KeyNote. We also report on our experience using trust-management engines in several distributed-system applications.

show abstract

Music on the Internet and the intellectual property protection problem

Cited by 18 publications

References 8 publications

Octopus: An Application Independent DRM Toolkit

Octopus: An Application Independent DRM Toolkit

Experience with the KeyNote Trust Management System: Applications and Future Directions

The Role of Trust Management in Distributed Systems Security

Contact Info

Product

Resources

About