Presentation is loading. Please wait.

Presentation is loading. Please wait.

The role of trusted computing in Internet-scale DRM Geoffrey Strongin AMD Fellow Platform Security Architect

Published byLeona Dickerson Modified over 9 years ago

Similar presentations

Presentation on theme: "The role of trusted computing in Internet-scale DRM Geoffrey Strongin AMD Fellow Platform Security Architect"— Presentation transcript:

1 The role of trusted computing in Internet-scale DRM Geoffrey Strongin AMD Fellow Platform Security Architect geoffrey.strongin@amd.com

2 2 Overview of this talk Personal background Brief introduction of XRI and XDI XDI link contracts Standardized contracts Trusted computing and barriers to trusted computing Trusted computing and link contracts How Internet-scale DRM may evolve

3 3 Personal background ISTPA – Privacy Framework XNS  XRI, XDI Trusted Computing Group AMD’s Presidio Technology DRM has been a controversial topic in Trusted Computing circles but … a rising tide lifts all boats. DRM is a big boat! Important Data - policy binding work Bringing Trusted Computing to the PC

4 4 Introduction of XRI and XDI Both XRI and XDI trace back to XNS XRI (eXtensible Resource Identifier) XRI: A URI compatible scheme for abstract identifiers with lots of 3 rd generation features –XRI is being developed at OASIS (XRI TC)  See http://en.wikipedia.org/wiki/XRIhttp://en.wikipedia.org/wiki/XRI  XDI (XRI Data Interchange)  XDI: is a general extensible service for sharing, linking, and synchronizing data over the internet using XRI’s and XML documents

5 5 The primary goals of XDI To develop a standardized data interchange schema and protocol based on Extensible Resource Identifiers (XRIs) and XML  This format can do for machine-readable data what HTML did for human-readable content To enable “link contracts” – machine-readable data sharing agreements that bind shared data to policies governing its use  Not immediatly a “standarized” DRM, but the plumbing for “general purpose” DRM

6 6 The XDI “Dataweb” model Applies the Web model to machine-readable data sharing  XDI documents are XRI-addressable the same way HTML documents are URI-addressable  URI addressing/linking goes down only to the document fragment level; XRI addressing/linking goes all the way down to the atomic element level  XDI addressing can reference and link elements across XDI documents just like HTML hyperlinks  XDI addressing also supports persistent XRIs, so all nodes can be persistently referenced

7 7 Core Dataweb Concept

8 8 XDI link contracts A link contract is an XDI document governing an XDI data sharing relationship between two XDI data authorities  It “binds” XRI-addressable data to XRI-addressable policies governing its use Link contracts can cover any type of XDI data (including other link contracts) Link contracts can associate any type of data sharing policy

9 9 Link contracts can include policies for: Identification Authentication Authorization and access control Privacy and usage control Synchronization Termination Recourse

10 10 Policy elements Every policy referenced by a link contract has its own XRI (or set of XRI synonyms) The policy itself need not be an XDI document; it might be:  Human-readable text document (e.g., Creative Commons licenses, www.creativecommons.org)www.creativecommons.org  A document in machine-readable policy expression language (XACML, WS-Policy, etc.)  Any other XRI-addressable resource to which the parties can agree

11 11 Meaningful link contracts Unless the party relying on a link contract can reasonably expect the referenced policy to be honored it is valueless  There are already lots of “implied” and “explicit” contracts that operate within the Internet –Many have marginal value since enforcement can be difficult  click-through licensees are enforceable under specific conditions, but the overall story is murky and varies from one polity to another –Policy-containing contracts are not often bound to the data exchanged in a persistent way  XDI helps with some of these issues and trusted computing can help with enforcement –Enforcement from trusted computing implies a policy engine capable of enforcement

12 12 Standardized link contracts (referenced policies) Custom contracts are possible with XDI but like all custom legal work they will be expensive  Enforceability is at least a question  Real computer-to-computer negotiation of such contracts remains a challenge  In brief, this won’t scale The use of standardized and pro forma contracts appears to be the way to scale the use of link-contracts The Internet has already spawned lots of standard contracts that are widely referenced  The most obvious example of this are open source licenses XDI will likely spawn a whole range of new standardized contracts that will come into broad usage  The availability of a pool of such contracts will enable “automatic” contract negotiation where parties are able to identify acceptable contracts in advance

13 13 What is “Trusted Computing” A simplified definition of trusted or trustworthy computing: The combination of:  A self protecting trusted computing base (TCB)  Reliable measurement agents  Reliable attestation or reporting capability The foundation blocks for this are in place today, and we are waiting for the whole structure to be built  Some of the reasons that this is slow to emerge are worth noting…

14 14 Barriers to the adoption of trusted computing are falling (if slowly!)  Cost – no longer a significant barrier  Availability of the building blocks – mostly solved now –Software TCB elements lagging  Secure Hypervisors and –Credentials still lagging (a chicken and egg game)  Ease of use  Liability issues  Scalability (surprise!)– why we are here  Clear understanding of delivered value

15 15 Ease of use as a barrier Attestation information as originally defined by TCG is difficult to consume  The abstraction level of the elements in the “stored measurement log” has to be raised –The hashes of software objects are “brittle”  More fundamentally – identification and validation don’t directly predict behavior –Attestation needs to move beyond “code signatures” into the behavioral (semantic) realm  We need a standardized language or metrics to express the intersection of the robustness of implementation of a TCB in a platform and the nature of the policies enforced by the TCB  Common Criteria can address the former (at high cost)  We are still lacking a good solution for the latter We need the equivilent of a credit score for trustworthy platforms

16 16 Liability issues as a barrier Bad things happen! No one wants to be left holding the bag when they do Providing attestation data, credentials and other infrastructure components that support trusted computing could result in increased liability on the part of the “supply chain” providers We may need regulatory relief to foster the growth of trusted computing (PKI) We may also be able to manage the risk by using XDI link contracts within the attestation infrastructure to establish and allocate liability

17 17 XDI and trusted computing XDI benefits from trusted computing: Policy enforcement Authentication Non repudiation Trusted Computing benefits from XDI: Establishes value in attestation XDI plumbing for attestation information with “liability” management Revocation push/pull

18 18 Trusted computing as part of the link contract Attestation of the recipients computing environment and DRM engine can be a data-exchange prerequisite  DRM systems are based on the assumption that the DRM engine has not been hacked  Reliable assessment of the enforcement capabilities of remote platforms becomes possible with trusted computing technology  Participation remains voluntary, but there are public policy implications as this becomes ubiquitous –Powerful tools can always be misused –The link-contracts can work both ways  Assessment for the data provider, and limitations on the use of the attestation information for the data recipient –Privacy principles can become part of the lexicon of standardized link contracts where law and regulation don’t suffice

19 19 Link contracts and trusted computing Some of the factors that come into play:  The level of knowledge about the other party  The value of the transaction  The level of automation involved –How much direct human involvement is present? –Already a factor in lots of transactions (funny text tests) Tools outside of trusted computing that enable data interchange  Reputation services (expected XDI global services)  Law and policy context  Insurance and recourse

20 20 How Internet scale DRM may evolve A little prognostication… Initial use of XDI will have to depend on established trust relationships  Most data today flows using this kind of model –Consumer “knows” provider –Commercial partners “know” each other  Standardized link contracts will be developed to serve the existing models of data exchange As XDI evolves it will start to leverage trusted computing where it does exist –This will open the door to some more spontaneous data sharing and will in turn help validate the benefits of trusted computing Over time a virtuous cycle may emerge where XDI link contracts increasingly use trusted computing and where trusted computing relies more and more on XDI

21 21 Our challenge Break down the remaining barriers to trusted computing adoption  Foster the development and deployment of the technology building blocks (if we build it…)  Focus significant corporate and academic resources on the “ease of use” problem My request: Keep an eye on XRI and XDI as they develop Share your critical views on this work with the OASIS XRI and XDI TC’s My hope is that you will leverage these technologies to foster the scale-out of trusted computing

22 22 Links for more information on XDI http://en.wikipedia.org/wiki/XDI http://www.oasis-open.org Google for the XDI FAQ

Download ppt "The role of trusted computing in Internet-scale DRM Geoffrey Strongin AMD Fellow Platform Security Architect"

Similar presentations

© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.

Federated Digital Rights Management Mairéad Martin The University of Tennessee TERENA General Assembly Meeting Prague, CZ October 24, 2002.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.
Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA 15213-3890 Dennis Smith, David Carney and Ed Morris DEAS.

Sponsored by the U.S. Department of Defense © 2005 by Carnegie Mellon University 1 Pittsburgh, PA Dennis Smith, David Carney and Ed Morris DEAS.
The ABA’s Digital Signature Guidelines: An Imperfect Solution to Digital Signatures on the Internet By: Edward D. Kania.

The ABA’s Digital Signature Guidelines: An Imperfect Solution to Digital Signatures on the Internet By: Edward D. Kania.
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research

Minding Your Own Business The Platform for Privacy Preferences Project and Privacy Minder Lorrie Faith Cranor AT&T Labs-Research
Systems Engineering in a System of Systems Context

Systems Engineering in a System of Systems Context
OASIS Reference Model for Service Oriented Architecture 1.0

OASIS Reference Model for Service Oriented Architecture 1.0
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
Understanding Active Directory

Understanding Active Directory
UKOLN is supported by: OAI-ORE a perspective on compound information objects (www.openarchives.org/ore/)www.openarchives.org/ore/ Defining Image Access.

UKOLN is supported by: OAI-ORE a perspective on compound information objects ( Defining Image Access.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.

Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.

Web Service Architecture Part I- Overview and Models (based on W3C Working Group Note Frank.
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
SOA Reference Model Generic Presentation DRAFT: Not approved by the OASIS SOA RM TC.

SOA Reference Model Generic Presentation DRAFT: Not approved by the OASIS SOA RM TC.

Similar presentations

Ads by Google