Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

Published byRandolph Arnold Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems."— Presentation transcript:

1 1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems

2 2 NTRU provides next generation public key technology with all the same basic security capabilities as RSA or ECC Public key authentication, digital signature and encryption capabilities are critical technologies for complete DRM solutions NTRU provides the fastest and smallest public key technology –Enables the only practical technology for the widest range of wired and wireless content capable devices and client solutions –Meets server side performance requirements for normal and peak security transaction loading –Facilitates establishing trusted devices and enhancing the user experience without sacrificing performance NTRU Background W3C DRM WORKSHOP NTRU delivers the fastest and most efficient security solutions which are especially well suited to complement DRM technologies and provide end-to-end content protection.

3 3 Content Owner: Strong protection of content and strong authentication of end user End User: Ease of use, portability, transparency Leverage Internet economies and paradigms (e.g. Napster) Support all media types: text, video, audio Support all platform types, PC, PDA, Mobile, CE Support wired and wireless, tethered and untethered players Support streaming and download models Standards: interoperability for broader adoption, competition and economies of scale Business Requirements W3C DRM WORKSHOP

4 4 Security at the system level Security needs to be designed into the system; only as good as its weakest link Public scrutiny of algorithms Renewability of security Protection of key material in storage and use Management and distribution of key material System Security Practices W3C DRM WORKSHOP

5 5 Digital Rights Languages Digitals Rights Management Systems and components Public Key based technology Symmetric key cryptographic components Watermarking Fingerprinting Available Technologies W3C DRM WORKSHOP

6 6 Three fundamental Public Key based services apply in this space: Authentication –Users –Devices –Servers –Trusted components Digital Signature –Data authenticity –Data integrity –Binding of content, metadata and rights –Non-repudiation, e.g. of payment authorization –Proof of purchase, e.g. for the user Key exchange (symmetric key typically used for bulk content encryption) –Content encryption Public Key Technology W3C DRM WORKSHOP

7 7 What components in the system need to be authenticated? And for what purposes? What is the value of the content being protected and the damage that might result from disclosure? What type of transactions and/or data are being signed? Who relies on the signature? Who are the potential trusted third parties? Who will assume liability if content or other sensitive information is disclosed? Public Key Related Requirements Analysis W3C DRM WORKSHOP

8 8 End User Example End User System Content Request Distribution Server Content/Rights Description, Payment Options Payment Rights Management Content Packaging Authenticate Server/Client Signed Purchase Authorization Signed Content Protection Public Key Transaction Log ID “Token” Packaged Content w/key(s) and signed receipt Media Client Rights Filters Key Management Content Player Purchase Log Establish Secure Session Green, bold text indicates transactions involving the use of Public Key W3C DRM WORKSHOP

9 9 End User Example with Trusted Device End User System Content Request Trusted Media Device Distribution Server Content/Rights Description, Payment Options Payment Rights Management Content Packaging Authenticate Server/Client Signed Purchase Authorization Signed Content Protection Public Key Transaction Log ID “Token” Packaged Content w/key(s) and signed receipt Media Locker Rights Filters Purchase Log Establish Secure Session W3C DRM WORKSHOP Green, bold text indicates transactions involving the use of Public Key

10 10 Learn from other PKI projects - SET, Identrus, US NACHA Pilot End User Experience –Performance – affected by local and server components –Portability of content between devices and users –Trust Scalability –Communications –Operational –Server Performance – e.g. cryptographic operations Key Lessons Learned W3C DRM WORKSHOP

11 11 Jeremy Wyant jwyant@ntru.com www.ntru.com For more information, please contact:

Download ppt "1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems."

Similar presentations

CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.

CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE. CONFIDENTIAL DIGITAL WATERMARKING ALLIANCE 2 Digital Watermarking Alliance Charter The Digital Watermarking.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

Similar presentations

Ads by Google