research-article

AtDRM: a DRM architecture with rights transfer and revocation capability

Authors:
Richa Garg

Infosys Labs, Infosys Limited, Hyderabad, India

Infosys Labs, Infosys Limited, Hyderabad, India
View Profile

,
Ravi Sankar Veerubhotla

Infosys Labs, Infosys Limited, Hyderabad, India

Infosys Labs, Infosys Limited, Hyderabad, India
View Profile

,
Ashutosh Saxena

Infosys Labs, Infosys Limited, Hyderabad, India

Infosys Labs, Infosys Limited, Hyderabad, India
View Profile

Compute '13: Proceedings of the 6th ACM India Computing ConventionAugust 2013Article No.: 2Pages 1–6https://doi.org/10.1145/2522548.2522599

Published:22 August 2013Publication History

Compute '13: Proceedings of the 6th ACM India Computing Convention

Pages 1–6

ABSTRACT

This work presents a new Digital Rights Management (DRM) architecture to address rights transfer and revocation aspects of protected content using a threshold Attribute-Based Encryption scheme. We considered two scenarios for rights transfer, here. In first case, a legitimate user needs to consume the protected content on multiple devices, while in second case the user wants to transfer the rights on the content to another user. These scenarios are significant in today's context with the proliferation of smart gadgets and shared cloud services. The architecture is flexible, offers individual or group level access to the protected content and does not require any pre-binding of the devices for consumption. The design inherits this feature from ABE scheme itself and therefore, it is possible to enforce controlled access for individuals as well as groups. Simultaneously, the architecture presents an efficient revocation scheme that eliminates the need of issuing new keys to users or re-encrypting the existing content, either for rights transfer or access revocation. Further, no specific revocation list is to be maintained for revoked users.

References

Dropbox - A Cloud based file hosting service, Available at: www.dropbox.comGoogle Scholar
Google Drive - A Cloud based file storage and synchronization service, Available at: https://drive.google.comGoogle Scholar
A. Sahai and B. Waters. "Fuzzy Identity-Based Encryption". In Proc. of EUROCRYPT'05, Aarhus, Denmark, 2005. Google ScholarDigital Library
A. Shamir, "Identity-Based Cryptosystems and Signature Schemes". In Proc. Of Advances in Cryptology: CRYPTO 84, Lecture Notes in Computer Science, 1984. Google ScholarDigital Library
D. Boneh and M. Franklin. "Identity-Based Encryption from the Weil Pairing". In Proc. of CRYPTO'01, Santa Barbara, California, USA, 2001. Google ScholarDigital Library
D. Boneh, X. Boyen and E. Goh. "Hierarchical Identity based encryption with constant ciphertext". In Proc. of EUROCRYPT'05. LNCS 3494, pp. 440--456, springer, 2005. Google ScholarDigital Library
J. Li, Q. Wang, C. Wang and K. Ren, "Enhancing Attribute-based Encryption with Attribute Hierarchy". In Proc. of IEEE, fourth international conference on Communications and Networking, ChinaCOM 2009, pp. 1--5, Aug 2009.Google ScholarCross Ref
S. Michiels, W. Joosen, E. Truyen, and K. Verslype, "Digital rights management - a survey of existing technologies," Department of Computer Science, Katholieke Universiteit Leuven, Tech. Rep., Nov. 2005.Google Scholar
Q. Liu, R. S. Naini and N. P. Sheppard, "Digital Rights Management for Content Distribution", Australian Information Security Workshop (AISW2003), 2003. Google ScholarDigital Library
S. Michiels, K. Verslype, W. Joosen and B. D. Decker, "Towards a Software Architecture for DRM". In Proc. of ACM, the fifth ACM workshop on Digital Rights Management, DRM'05, November 7, Virginia, USA, 2005 Google ScholarDigital Library
M. Tereda, H. Kuno, M. Hanadate, K. Fujimura, "Copy prevention scheme for rights trading infrastructure" IPIF, CARDIS, 2000. Google ScholarDigital Library
I. Abbadi, C. Mitchell, "Digital Rights Management using Mobile Phones". In Proceedings of ACM, ICEC'07, pp. 185--194, August 2007. Google ScholarDigital Library
3rd Generation Partnership Project (3GPP), Organizational Partners. Available at: http://www.3gpp.org/Google Scholar
S. Müller and S. Katzenbeisser, "A New DRM Architecture with Strong Enforcement". In Proc. of IEEE, International Conference on Availability, Reliability and Security, 2010.Google ScholarCross Ref
H. Kim, Y. Lee, B. Chung, H. Yoon, J. Lee and K. Jung, "Digital Rights Management with Rights Delegation for Home Networks". In Proc. of LNCS, ICISC-2006, Vol 4296, pp. 233--245, 2006. Google ScholarDigital Library
T. Gaber and S. Canal, "A License Revocation Protocol Supporting Digital Rights License Reselling in Consumer to Consumer Model". In Proc. of International Journal of Online Marketing, 2(1), 38--49, January-March 2012.Google ScholarCross Ref
V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-Based Encryption for Fine-grained Access Control of Encrypted Data, In Proc. of CCS'06, Alexandria, Virginia, USA, 2006. Google ScholarDigital Library
J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-Policy Attribute-Based Encryption, In Proc. of SP'07, Washington, DC, USA, 2007. Google ScholarDigital Library
"String User Authentication on the Web", by Entrust. Available at: http://www.entrust.com/wp-content/uploads/2013/05/DS_MSO_UserWebAuth_web_July2012.pdfGoogle Scholar
Malware, Man-in-the-Middle & Other Online Mischief, by Entrust. Available at: http://www.entrust.com/wp-content/uploads/2013/05/WP_MITM_June09.pdfGoogle Scholar
A. Sahai and B. Waters. Fuzzy Identity Based Encryption. In Advances in Cryptology -- Eurocrypt, volume 3494 of LNCS, pages 457--473. Springer, 2005. Google ScholarDigital Library

Index Terms

AtDRM: a DRM architecture with rights transfer and revocation capability
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Intellectual property
      1. Copyrights
      2. Licensing

Recommendations

Self-updatable encryption

Revocation and key evolving paradigms are central issues in cryptography, and in PKI in particular. A novel concern related to these areas was raised in the recent work of Sahai, Seyalioglu, and Waters (CRYPTO 2012) who noticed that revoking past keys ...
Read More
TRO-CP-ABE: a secure and flexible layer with traceability and easy revocation in ciphertext-policy attribute-based encryption

Attribute-based encryption (ABE) is a very efficient way of authorising users to access confidential data in organisations without public-key validation from external trusted authorities or complex login processes. Ciphertext-policy attribute-based ...
Read More
An Efficient Attribute Based Encryption Scheme with Revocation for Outsourced Data Sharing Control
IMCCC '11: Proceedings of the 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control

Cipher text-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. However, when CP-ABE is used to control outsourced data sharing, it confronts two obstacles. Firstly, the data ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
Compute '13: Proceedings of the 6th ACM India Computing Convention
August 2013
196 pages
ISBN:9781450325455
DOI:10.1145/2522548
General Chairs:
R. K. Shyamasundar
TIFR, Mumbai
,
Lokendra Shastri
Infosys Labs, Infosys Ltd
,
Program Chairs:
D Janakiram
IIT Chennai
,
Srinivas Padmanabhuni
Infosys Labs
Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 22 August 2013
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
attribute-based encryption
digital content security
digital rights management
group access controls
revocation
rights transfer
Qualifiers
- research-article
Conference

Acceptance Rates
Compute '13 Paper Acceptance Rate24of96submissions,25%Overall Acceptance Rate114of622submissions,18%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 118
  Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

AtDRM: a DRM architecture with rights transfer and revocation capability

Compute '13: Proceedings of the 6th ACM India Computing Convention

ABSTRACT

References

Cited By

Index Terms

Recommendations

Self-updatable encryption

TRO-CP-ABE: a secure and flexible layer with traceability and easy revocation in ciphertext-policy attribute-based encryption

An Efficient Attribute Based Encryption Scheme with Revocation for Outsourced Data Sharing Control