Presentation is loading. Please wait.

Presentation is loading. Please wait.

DRM 1 Digital Rights Management the Good, the Bad and the Ugly Mark Stamp Department of Computer Science San Jose State University DRM.

Published byMuriel Copeland Modified over 8 years ago

Similar presentations

Presentation on theme: "DRM 1 Digital Rights Management the Good, the Bad and the Ugly Mark Stamp Department of Computer Science San Jose State University DRM."— Presentation transcript:

1

2 DRM 1 Digital Rights Management the Good, the Bad and the Ugly Mark Stamp Department of Computer Science San Jose State University stamp@cs.sjsu.edu DRM resources at http://www.cs.sjsu.edu/faculty/stamp/DRM/

3 DRM 2 Who Am I?  1992: PhD, Texas Tech  1992-1993: WPI  1993-2000: NSA  2000-2002: MediaSnap, Inc.  2002-Present: SJSU

4 DRM 3 What was MediaSnap?  Silicon Valley startup company o Founded June 2000 o I joined in December 2000  Maximum of 15 employees  Not a dot-com  Funded by In-Q-Tel (CIA VC fund)  Digital rights management (DRM) product

5 DRM 4 Why MediaSnap?  NSA provided o Job security o “Tenure” after 1 year o Interesting work, good people, etc., etc.  Why leave NSA for startup company?  Three reasons… 1. Money 2. Money 3. Money (salary) (benefits) (worthless stock options)

6 DRM 5 Outline of Talk  What is DRM?  Overview of MediaSnap DRM system  Overview of streaming media DRM model  MediaSnap’s competitors  TCG/NGSCB  Non-technical issues  Enterprise DRM  Conclusions

7 DRM 6 DRM Overview

8 DRM 7 What is DRM?  “Remote control” problem  Digital book example  Digital music, video, etc.  Enterprise document protection  Privacy-enhancing technology?

9 DRM 8 Persistent Protection  Restrictions on use after delivery  For example o No copying o Limited number of reads/plays o Time limits: do not open until Christmas o No forwarding o Etc.

10 DRM 9 What to Do?  The honor system? o Stephen King’s, The Plant  Give up? o Internet sales? HIPAA? SOA? etc.  If you can’t beat ‘em, join ‘em...  Lame software-based DRM? o The standard DRM system today  Better software-based DRM? o MediaSnap’s goal  Tamper-resistant hardware? o Closed systems: Game Cube, etc. o Open systems: TCG/NGSCB for PCs

11 DRM 10 Is Crypto the Answer?  Attacker’s goal is to recover the key  In standard crypto scenario, attacker has o Ciphertext, some plaintext, side-channel info, etc.  In DRM scenario, attacker has o Everything in the box (if not more)  Crypto was not designed to solve DRM problem!

12 DRM 11 Current State of DRM  At best, security by obscurity o A derogatory term in the security world  Secret designs oIn violation of Kerckhoffs Principle  Crypto is king o“Whoever thinks his problem can be solved using cryptography, doesn’t understand his problem and doesn’t understand cryptography.” --- Attributed by Roger Needham and Butler Lampson to each other

13 DRM 12 Rules to the DRM Game  The analog hole o When content is rendered, it can be captured in analog form o DRM cannot prevent attack via the analog hole  Human nature matters o Absolute DRM security is impossible o Want something that “works” in practice o What works depends on context  DRM lives in no man’s land o Somewhere between CS and MIS

14 DRM 13 Software-based DRM  Strong software-based DRM is impossible  We can’t really hide a secret in software  To do so, we would have to prevent software reverse engineering (SRE)  User of system with full admin privilege can break anti-SRE protection  Bottom line: The killer attack on software- based DRM is software reverse engineering

15 DRM 14 MediaSnap DRM

16 DRM 15 MediaSnap DRM Overview  Server side o Secure Document Server (SDS)  Client side o PDF plugin (reader)

17 DRM 16 Protecting a Document SDS Recipient Sender encrypt persistent protection

18 DRM 17 Accessing a Document in Tethered Mode SDS Recipient Sender key Request key

19 DRM 18 Accessing a Document in Untethered Mode SDS Recipient Sender key

20 DRM 19 Tethered vs Untethered  Tethered advantages o Server controls access o Document can be “shredded” (Authentica) o Key is less exposed  Untethered advantages o Can access data without network connection o Key is “more exposed”  MediaSnap implemented both modes

21 DRM 20 Security Issues  Server side (SDS) o Protect keys, authentication data, etc. o Apply persistent protection  Client side (Reader/PDF plugin) o Protect keys, authenticate user, etc. o Enforce persistent protection  Remaining discussion concerns client

22 DRM 21 Security Overview Obscurity Tamper-resistance

23 DRM 22 Anti-debugger Encrypted code Tamper-Resistance

24 DRM 23 Obscurity  Applied to o Key management o Authentication o Caching (keys, authentication, etc.) o Encryption and “scrambling” o Key parts (data and/or code) o Multiple keys/key parts  Obscurity can only slow down attacker --- the persistent attacker wins!

25 DRM 24 Other MediaSnap Features  Code tamper checking (hashing) o Must know what code is executing  Anti-screen capture o Prevent most obvious attack on documents  Watermarking o In theory, can trace stolen content o In practice, watermarking is disappointing  “Unique-ification” (or metamorphism) o Break once, break everywhere (BOBE) resistant

26 DRM 25 Other Measures/Concerns  General code obfuscation o Collberg and Thomborson o Questions concerning actual strength  Code “fragilization” (guards) o Code hash checks itself o Any change should cause code to break  Can we trust OS? o How can we protect ourselves?

27 DRM 26 DRM for Streaming Media

28 DRM 27 Attacks on Streaming Media  Spoof stream between endpoints  Man in the middle  Capture stream o Malicious software stealing stream at client end  Replay/redistribute data

29 DRM 28 Design  Scrambling algorithms o Encryption-like algorithms o Many such algorithms avaliable  Negotiation of random algorithm o Server and client must share algorithm  Decryption at receiver end o Remove strong encryption  De-scrambling in device driver o Remove scrambling just prior to rendering

30 DRM 29 Scrambling Algorithms  Server has a large set of scrambling algorithms: M = {1,2,3,4,…,N}  A client has a subset of algorithms, LIST = {12,45,2,37,23,31}  The LIST is stored on client, encrypted with server’s key: E(LIST,K server )

31 DRM 30 Server-side Scrambling  On server side data scrambled data encrypted scrambled data  Server must scramble data with an algorithm the client supports  Server must securely communicate algorithm choice to client

32 DRM 31 Scrambling Selection  Scrambling algorithm “database” distributed to clients  List is random subset of algorithms Alice (client) Bob (server) E(LIST, K) E(m,K s ) scrambled (encrypted) data using Alice’s m-th algorithm

33 DRM 32 Client-side De-scrambling  On client side data scrambled data encrypted scrambled data  Keep plaintext away from attacker  Proprietary device driver o Scrambling algorithms “baked in” o Able to de-scramble at last moment

34 DRM 33 Why Scrambling?  Uniqueness or metamorphism  If a scrambling algorithm is known to be broken, server does not choose it  If client has too many broken algorithms, server can force upgrade  Proprietary algorithm harder to reverse engineer  We cannot trust crypto strength of proprietary algorithms, so we also encrypt

35 DRM 34 Why Uniqueness?  The threat is reverse engineering (SRE)  Reverse engineering a standard crypto algorithm is easy (unnecessary)  Reverse engineering a scrambling algorithm is potentially much more difficult  We also encrypt so not violating Kerchoffs Principle (at least not too much…)  This is clearly security by obscurity and I’m not ashamed to admit it!

36 DRM 35 Exploit Systems and DRM

37 DRM 36 Exploit Systems  Exploit Systems (ES) management consists entirely of musicians Exploit Systems o Not all of them are on drugs o They offered me a job with huge salary… o Payable as soon as the get funding  Exploit Systems international office? o A coffee shop in Palo Alto  Only in Silicon Valley…

38 DRM 37 Exploit Systems  Exploit Systems is a “peer offering service”  Their web site is (purposely?) vague on the definition of “peer offering service”  But I happen to know what they are doing...  ES tries to gently coerce people into paying for content obtained from a peer-to-peer (P2P) network

39 DRM 38 P2P File Sharing: Query  Suppose Alice requests “Hey Jude”  Black arrow: query  Red arrow: positive response Frank Ted Carol Pat Marilyn Bob Alice Dean Fred  Alice can select from: Carol, Pat Carol Pat

40 DRM 39 P2P File Sharing with ES  Suppose Alice requests “Hey Jude”  Black arrow: query  Red arrow: positive response Exploit Systems Ted Carol Pat Marilyn Bob Alice Dean Fred  Alice selects from: Bill, Ben, Carol, Joe, Pat  Bill, Ben, and Joe have legal content! Bill Ben Joe Carol Pat

41 DRM 40 Exploit Systems  Bill, Ben and Joe look legitimate  Goal is to have at least half of top 10 be Exploit Systems (ES) responses  If “victim” clicks on ES response o DRM protected (legal) content downloaded o Then small payment required to play  Victim can choose not to pay o But then must download again o Is it worth the hassle to avoid paying $0.25? o ES content also offers extras

42 DRM 41 Exploit Systems  A very clever idea  Piggybacking on P2P network  Weak DRM works well here o Pirated content already exists o DRM only needs to be more hassle to break than hassle of clicking and waiting (a few times)  Current state of Exploit Systems? o Very little interest from the music industry o Lots of interest from the “adult” industry

43 DRM 42 Enterprise DRM

44 DRM 43 Why Enterprise DRM?  Health Insurance Portability and Accountability Act (HIPAA) o Medical records must be protected o Fines of up to $10,000 “per incident”  Sarbanes-Oxley Act (SOA) o Protect documents of interest to SEC o Also Draconian penalties  DRM required for regulatory compliance

45 DRM 44 What’s Different in Enterprise DRM?  Technically, it is similar to e-commerce  But motivation for DRM is different o Regulatory compliance o Not to make money, but to not lose money!  Human dimension is also much different o Legal threats are far more plausible  Legally, corporation is probably off the hook provided active attack is necessary

46 DRM 45 Enterprise DRM  Moderate DRM security is sufficient  Policy management issues o Easy to set policies for groups, roles, etc. o Yet policies must be flexible  Authentication issues o Must interface with existing system o Must prevent network authentication spoofing (authenticate the authentication server)  Enterprise DRM is a solvable problem

47 DRM 46 Case Study I  Sarbanes-Oxley Act (SOA)  Requires retention/tagging of all documents related to SEC disclosure  DRM software o Tag new documents created by SOA authors o Allow any SOA author to modify tagged doc’s o Read-only access for non-SOA authors  Transparent to users --- comply by default!

48 DRM 47 Case Study II  Access control without authentication  Example: A large automotive company wants to limit access to documents to o Company employees authoring documents o Partner company employees to whom documents are electronically distributed o Other partner company employees to whom the documents are purposely re-distributed

49 DRM 48 Case Study II  Accomplished via simple shared password  Modest security requirement o Met with minimal complexity o Works with any partner’s system  Risk of unauthorized password sharing o Acceptable due to legal obligations  Deployment will reach 10’s of thousands  Modest DRM software suffices

50 DRM 49 DRM Nonsense

51 DRM 50 Silly DRM  We’ll only consider a few examples o Patently obvious o Crypto claims o Extremely silly stuff o Adobe’s “Respect” model o Microsoft’s MS-DRM

52 DRM 51 InterTrust “…a company whose business model appears to rely entirely on legal filings against Microsoft.”

53 DRM 52 Absurd Crypto Claims Q: How does Atabok security compare to the competition? A: The majority of service providers offer the ability to encrypt at 128 bits. Atabok encrypts your content with 256-bit encryption, which is exponentially more secure.

54 DRM 53 Extremely Silly  SecretSeal’s five radical innovations o Hieroglyphic passwords o Variable-length encrypted keys o “Morphogenetic” encryption algorithm o No encryption formula in software o The use of public keys  Do these guys still exist?

55 DRM 54 Adobe’s “Respect” Model  Adobe eBooks and PDF protection  Adobe documentation: “It is up to the implementors of PDF viewer applications to respect the intent of the document creator by restricting access to an encrypted PDF file according to passwords and permissions contained in the file.”  Fail to “respect the intent” and goto jail! o First prosecution under DMCA

56 DRM 55 MS-DRM (version 2)  MS-DRM: an early Microsoft DRM attempt  MS-DRM employed o Weak proprietary block cipher (MultiSwap) o Multiswap used for hashing o No controlled execution o No obfuscation, no individualization, etc.  Hard to believe this was serious DRM effort!

57 DRM 56 Microsoft’s NGSCB

58 DRM 57 Next Generation Secure Computing Base  NGSCB pronounced “n scub” (the G pronounces like a U after migrating to the right)  Will be part of Microsoft’s Longhorn OS  TCG (Trusted Computing Group) o Led by Intel, TCG makes special hardware  NGSCB is the part of Windows that will interface with TCG hardware  TCG/NGSCB formerly TCPA/Palladium o Why the name changes? Why the name changes?

59 DRM 58 NGSCB  The original motivation for TCG/NGSCB was digital rights management (DRM)  Today, it is promoted as general security- enhancing technology o DRM just one of many potential applications  Depending on who you ask, TCG/NGSCB is o Trusted computing Trusted computing o Treacherous computing Treacherous computing

60 DRM 59 Motivation for TCG  Closed systems: Game consoles, smartcards, etc. o Good at protecting secrets (tamper resistant) o Good at forcing people to pay o Limited flexibility  Open systems: PCs o Incredible flexibility o Poor at protecting secrets o Poor at protecting their own software  TCG goal is to provide closed system security benefits on an open system  “A virtual set-top box inside your PC” --- Rivest

61 DRM 60 TCG/NGSCB  TCG provides tamper-resistant hardware o Secure place to store cryptographic key o Keys (or other secrets) secure even from a legitimate user with full admin privileges  TCG hardware is in addition to ordinary hardware, not in place of it  PC has two OSs --- usual OS and special “trusted” OS to deal with TCG hardware  NGSCB is Microsoft’s version of secure OS

62 DRM 61 NGSCB Design Goals According to Microsoft  Provide high assurance o High confidence that system behaves correctly o Correct behavior even if system is under attack  Provide authenticated operation  Protection against hardware tampering is not a design goal of NGSCB o Hardware tampering is the domain of TCG

63 DRM 62 Disclaimer  NGSCB details are sketchy  Based on talk presented at RSA Conference 2004, Microsoft has not worked out all of the details  What follows are my best guesses  This should all become much clearer in the not-too-distant future

64 DRM 63 NGSCB Architecture  Nexus is the Trusted Computing Base in NGSCB  The NCA (Nexus Computing Agents) talk to Nexus and LHS Left-hand side (LHS)Right-hand side (RHS) untrusteduntrusted trustedtrusted Nexus NCA User space Kernel Regular OS Drivers Application

65 DRM 64 NGSCB  NGSCB “feature groups” 1. Strong process isolation oProcesses do not interfere with each other 2. Sealed storage oData protected (tamper resistant hardware) 3. Secure path oPaths to and from I/O protected 4. Attestation o“Things” securely authenticated oAllows TCB to be extended via NCAs r 1.,2. and 3. aimed at malicious code

66 DRM 65 Process Isolation  Curtained memory  Process isolation and the OS o Trusted OS protected from insecure OS o Isolate trusted OS from BIOS, device drivers  Process isolation and NCAs o NCAs isolated from software they do not trust o Trust determined by users --- to an extent… o User can disallow a trusted NCA o User cannot allow an untrusted NCA

67 DRM 66 Sealed Storage  Sealed storage contains secret data o If code X wants access to secret, a hash of X must be verified (must be sure X is trusted) o Implemented via symmetric key cryptography  Confidentiality of secret is protected since only accessed by trusted software  Integrity of secret is assured since it’s in sealed storage

68 DRM 67 Secure Path  Secure path for input o From keyboard to Nexus o From mouse to Nexus  Secure path for output o From Nexus to the screen  Details are vague

69 DRM 68 Attestation (1)  Secure authentication of things o Authenticate devices, services, code, etc. o Separate from user authentication  Public key cryptography used o Certified key pair required o Private key not user-accessible o Sign and send result to remote system  Nexus “extended” via attestation of NCAs o This is a major feature

70 DRM 69 Attestation (2)  Public key required to verify attestation o Verification (i.e., public key) reveals the user o Anonymity is lost  Trusted third party (TTP) can be used o TTP verifies signature o Then TTP vouches for signature to recipient o Anonymity preserved (except to TTP)  Claimed support for zero knowledge proofs o Verify knowledge of a secret without revealing it o Anonymity “preserved unconditionally”

71 DRM 70 NGSCB Compelling Apps (1)  Type a Word document in Windows  Move document to RHS o Trusted area  Read document carefully  Digitally sign the document  What you see is what you sign o Virtually impossible to assure this on your PC!

72 DRM 71 NGSCB Compelling Apps (2)  Digital Rights Management (DRM)  DRM problems solved by NGSCB  Protect secret --- sealed storage o Impossible without something like NGSCB  Scraping data --- secure path o Can’t prevent without something like NGSCB  Positively ID users --- attestation o Higher assurance with NBSCB

73 DRM 72 NGSCB Design Principles According to Microsoft  Everything in Windows must work in NGSCB  User is in charge of o Which Nexuses (Nexii?) will run on system o Which NCAs will run on system o Which NCAs allowed to identify the system, etc.  No external process can enable Nexus or NCA  Nexus does not block, delete or censor any data (NCA does, but NCAs must be authorized by user)  Nexus source code publicly available

74 DRM 73 NGSCB Critics  There are many critics --- we consider two  Ross Anderson o Perhaps the most influential critic o One of the harshest (extreme?) critics  Clark Thomborson o Lesser-known critic o More rational (IMHO)

75 DRM 74 Anderson’s NGSCB Criticism (1)  Digital object controlled by its creator, not user of machine where it currently resides  Why? o Creator can specify the NCA o If user does not accept NCA, access is denied o Aside: Such control is good in MLS applications  MS Word could encrypt documents with key only available to Microsoft products, then… o Very difficult to stop using Microsoft products!

76 DRM 75 Anderson’s NGSCB Criticism (2)  Files from a compromised machine could be blacklisted (e.g., to prevent music piracy)  Suppose “everyone in China uses same copy of Microsoft Word” o If you stop this copy from working on all NGSCB machines, Chinese users will not use NGSCB o Instead, make all NGSCB machines refuse to open documents created with this instance of Word!  I’m not convinced…

77 DRM 76 Anderson’s NGSCB Criticism (3)  Going off the deep end?  “The Soviet Union tried to register and control all typewriters. NGSCB attempts to register and control all computers.”  “In 2010 President Clinton may have two red buttons on her desk --- one that sends missiles to China and another that turns off all of the PCs in China…”

78 DRM 77 Thomborson’s NGSCB Criticism  NGSCB acts like a security guard  By passive observation, NGSCB “security guard” can see lots of sensitive information  How to know NGSCB is not spying on you?  According to Microsoft o Nexus software will be public o NCAs can be debugged (for app development) o NGSCB is strictly “opt in”  But… release version of NCA not debuggable and versions have different hash values!

79 DRM 78 NGSCB Bottom Line (1)  TCG/NGSCB provides a trusted OS buried within an open platform  Without something similar, PC may lose out o Particularly in entertainment-related areas  With NGSCB it is claimed that users will lose some control over their PCs  But users must choose to “opt in” o If user does not opt in, what has been lost?

80 DRM 79 NGSCB Bottom Line (2)  NGSCB is a trusted system  Only a trusted system can break security o By definition, an untrusted system is not trusted with security critical tasks o If untrusted system does not perform as expected, security is not at risk o Also by definition, a trusted system is trusted with security critical tasks o If trusted system does not perform as expected, security is at risk

81 DRM 80 DRM Conclusions

82 DRM 81 My DRM Theories  My theories, which are mine…  DRM for e-commerce o Strong DRM in software is impossible o Moderate DRM is possible in some cases o Weak DRM is OK if business model supports it o Charging $1/song is not supportable given P2P, high speed Internet connections, etc. o NGSCB may tilt the balance somewhat  DRM in enterprise o Legal mandates driving adoption o Realistic legal threat enhances DRM greatly

83 DRM 82 Conclusions  Current DRM systems are weak o Ironically, weak systems have worked better than (moderately) strong systems, at least so far o Stronger systems more complex/cumbersome  Ideal software-based DRM… o Individual content is non-trivial to attack o Overall system survives repeated attacks o In other words, BOBE-resistant o Is this possible?

84 DRM 83 DRM References  M. Stamp, Digital rights management: The technology behind the hype, Journal of Electronic Commerce Research, http://www.csulb.edu/web/journals/jecr/issues/20033/paper3.pdf http://www.csulb.edu/web/journals/jecr/issues/20033/paper3.pdf  M. Stamp, Risks of digital rights management, Communications of the ACM, http://www.csl.sri.com/users/neumann/insiderisks.html#147 http://www.csl.sri.com/users/neumann/insiderisks.html#147  M. Stamp, Digital rights management: For better or for worse?, ExtremeTech, http://www.extremetech.com/article2/0,3973,1051610,00.asp http://www.extremetech.com/article2/0,3973,1051610,00.asp  E.J. Sebes and M. Stamp, Enterprise digital rights management: ready for prime time? http://www.bcr.com/bcrmag/2004/03/p52.asp http://www.bcr.com/bcrmag/2004/03/p52.asp  P. Biddle, et. al., The darknet and the future of content distribution, http://crypto.stanford.edu/DRM2002/darknet5.doc http://crypto.stanford.edu/DRM2002/darknet5.doc

85 DRM 84 NGSCB References  NGSCB: Trusted Computing Base and Software Authentication, http://www.microsoft.com/resources/ngscb/documents/ngscb_tcb.doc http://www.microsoft.com/resources/ngscb/documents/ngscb_tcb.doc  P. England, et al, A Trusted Open Platform, http://www.cs.cornell.edu/People/egs/syslunch-spring04/palladium.pdf http://www.cs.cornell.edu/People/egs/syslunch-spring04/palladium.pdf  E. Cram, Migrating Applications to NGSCB, http://www.intel.com/idf/us/fall2003/presentations/F03USSCMS22_OS.pdf http://www.intel.com/idf/us/fall2003/presentations/F03USSCMS22_OS.pdf  R. Merritt, Cryptographers Sound Warnings on Microsoft Security Plan, http://www.eetimes.com/sys/news/OEG20030415S0013 http://www.eetimes.com/sys/news/OEG20030415S0013

Download ppt "DRM 1 Digital Rights Management the Good, the Bad and the Ugly Mark Stamp Department of Computer Science San Jose State University DRM."

Similar presentations

Trusted Operating System Lecture slides from Dr Mark Stamp San Jose State University September 2006 http://www.cs.sjsu.edu/~stamp/CS166/my_ppt/4_Software.ppt.

Trusted Operating System Lecture slides from Dr Mark Stamp San Jose State University September
Vpn-info.com.

Vpn-info.com.
Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 

Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Rights Management: The Technology behind the Hype Mark Stamp Department of Computer Science San Jose State University.

Digital Rights Management: The Technology behind the Hype Mark Stamp Department of Computer Science San Jose State University.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Startup 1 The Life and Death of a Silicon Valley Startup Company Mark Stamp Department of Computer Science San Jose State University.

Startup 1 The Life and Death of a Silicon Valley Startup Company Mark Stamp Department of Computer Science San Jose State University.
Cryptographic Technologies

Cryptographic Technologies
The MediaSnap ® Digital Rights Management System Priti Sabadra and Mark Stamp Department of Computer Science San Jose State University.

The MediaSnap ® Digital Rights Management System Priti Sabadra and Mark Stamp Department of Computer Science San Jose State University.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Similar presentations

Ads by Google