Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phosphor A Cloud based DRM Scheme with Sim Card 2010 12 th International Asia-Pacific Web Conference Author : Peng Zou, Chaokun Wang, Zhang Liu, Dalei.

Published byHarvey Preston Modified over 8 years ago

Similar presentations

Presentation on theme: "Phosphor A Cloud based DRM Scheme with Sim Card 2010 12 th International Asia-Pacific Web Conference Author : Peng Zou, Chaokun Wang, Zhang Liu, Dalei."— Presentation transcript:

1 Phosphor A Cloud based DRM Scheme with Sim Card 2010 12 th International Asia-Pacific Web Conference Author : Peng Zou, Chaokun Wang, Zhang Liu, Dalei Bao

2 Outline Digital Right Management(DRM) –Traditional Access control/Cryptography model –DRM solutions –Typical DRM Model Phosphor A Cloud based DRM Scheme with Sim Card –Introduction –Differences between sim card and smart card –Actor –Notations –License State Word –Phase –Security Analysis –Cloud of Phosphor’s Backend –Conclusions

3 Copyright by 陳政潔學姐 Traditional Access control/Cryptography model Trusted Zone authorized userunauthorized user Data authorized center

4 Traditional Access control/Cryptography model Trusted Zone unauthorized user Data authorized center authorized user unauthorized user authorized user Copyright by 陳政潔學姐

5 DRM solutions Trusted Zone authorized userunauthorized user Data authorized center Copyright by 陳政潔學姐

6 Typical DRM Model Content ProviderClient Content Distributors License Server Four kinds of roles in the DRM. Copyright by 陳政潔學姐

7 Typical DRM Model Content ProviderClient Content Distributors License Server Content Provider 1.2 the usage rights is specified 1.3 the content is encrypted by using content key and then packed 1.4 content package is send to Content Distributors. But content key is not send to Content Distributors 1 1.1 the content and content key are generated Copyright by 陳政潔學姐

8 Typical DRM Model Content ProviderClient Content Distributors License Server Content Provider 2.1 the usage rights and content key are delivered to License Server, because License Server is trusted. Copyright by 陳政潔學姐

9 Typical DRM Model Content ProviderClient Content Distributors License Server 3.1 The user purchases legal content package from Content Distributor Content Distributors 3 Copyright by 陳政潔學姐

10 Typical DRM Model Content ProviderClient Content Distributors 4.1 The user had paid for content. License Server Purchase Proof 4 4.2 The corresponding usage rights and content key should be securely send to the Client. 4.3 License Server generate appropriate License for the Client. Copyright by 陳政潔學姐

11 Typical DRM Model Content ProviderClient Content Distributors Client License Server 5.1 Usage rights and content key form License + 5.2 the protected content is decrypted by content key Copyright by 陳政潔學姐

12 Phosphor A Cloud based DRM Scheme with Sim Card

13 Introduction Fewer works pay attention to data management issues for the DRM backend (servers), which are extremely important for the efficiency of a DRM system when the number of users scales up. The cloud based DRM with an efficient unstructured data management service can satisfy performance requirements with high elasticity and low cost.

14 Smart card follows the Standard ISO7816 which defines the physical and electrical characteristics of smart card. Sim card is produced according to the Specification GSM11.11 and GSM 11.14 besides Standard ISO7816. All these characteristics make sim card a more efficient, secure platform than normal smart card. Differences between sim card and smart card GSM11.11 GSM 11.14

15 Actor Content Provider Content Server License Server Sim Card DRM Agent User(Client)

16 Notations NotationDecription KiKi a secret key stored in the hardware of sim card. In our scheme, its copy is also stored in the storage of license service. A8(.) the algorithm for generating K c. K c is the cryptographic key used by A5. The inputs are K i and a random number. A5(.) the algorithm for enciphering/ deciphering data. The inputs are Kc and data. K cek the key by which content service encrypts the digitalcontent. UK the key by which license server encrypts K cek. A uk (.) the algorithm for generating algorithm UK. Ek(.) a symmetric encryption algorithm by key k. Dek(.) a symmetric decryption algorithm by key k. H(.) a public one-way hash function. || concatenation operation.

17 License State Word Propose a data structure License State Word (LSW) –Stored in the sim card file system. –LSW = (License_ID||Rand||License_Hash) The LSW protocol –Designed for privacy and security on the basis of APDU command. –The instructions of the ADPU command for LSW are CREATE_LSW, UPDATE_LSW,DELETE_LSW and GENERATE_UK. We apply data hiding technology proposed in [11] on the LSW to make sure that the LSW is invisible.

18 Preparation Phase Content Provider Content Server License Server (1) (2) (3) (4) (1)Upload contents by SSL (2)Generate K cek, Encryption the content by K cek using Symmetric encryption (3)E PKls (content_id || K cek || I content_id ) (4)License Server stores the content_id, K cek, I contnet_id (5)Transmit content_id, url (5) User(Client)

19 Right Customization Phase DRM Agent Content Server User(Client)License Server (1)Check Content_id existed? Case Y : Check LSW and Play Case N : Go to (2) (2)Request for url (3)Transmit the url (4)Link url to custom the right (5)DRM Agent received TI = { content_id, License_ID, right } Content Provider (1) (3) (2) (4) (5)

20 License Acquisition Phase License Server Sim CardDRM Agent (1)Generate Random number Rand (2)Pass Rand to Sim Card for K c =A8(K i,Rand) and CK=A5(K c,Rand) ※ CK is for the sim card authentication (3)Combine Rand,IMSI,CK ※ IMSI is 國際移動用戶識別碼 (4)CK* calculate by the same method using IMSI and Rand. Check CK*=CK? UK=A uk (Rand || K c ) EK=E UK (K cek ) (5)Create license={License_ID, right, EK, Rand, H(Right||EK||Rand)} (6)LSW=(License_ID||Rand||License _Hash) Content Provider Content Server User(Client) (1)(2) (3) (4) (5) (6)

21 Play Pahse DRM Agent Sim Card (1)Check Hash with LSW in sim card ※ H(Right||EK||Rand)} = license_Hash? (2)If equal, send Rand and License_ID (3)Generate UK (4)Transmit UK (5)K cek =DE UK (EK) Content=DE Kcek (Content) Store K cek and Content in the device secure memory (6)If user stop, K cek and Content will be deleted (1) (2)(3) (4) User(Client) (5) (6)

22 Download Phase (1)Insert sim card to another device (2)Download license according to LSW (3)Check new license against LSW in sim card If verification fail, deleted new license DRM Agent License Server User(Client) (3) (1) (2)

23 Security Analysis Phosphor’s security is based on the sim card and LSW. The data hiding approach applied on the sim card file system makes LSW invisible. The interaction between sim card and DRM Agent has been protected by the LSW protocol designed based on APDU command. The algorithms used in sim card are covert by the mobile operator.The authentication between sim card and License Server protects Phosphor from imposter attacks.

24 Cloud of Phosphor’s Backend Phosphor is a cloud based DRM scheme whose backend is based on Cloud Computing.It inherits advantages of cloud computing such as low cost and high elasticity. Phosphor’s backend consists of two parts. One is the logic implementation cloud and the other is the unstructured data management system (USDMS) cloud as shown in Fig.1.

25 Implementation

26 Conclusions LSW is used to ensure the license’s integrity,by which Phosphor can protect licenses from being abused and illegally modified. Phosphor has great many advantages such as the physical and logical protection of the sim card,the secure protocols as well as the Cloud Computing with unstructured data management system applying on the Phosphor’s backend. All these characteristics make Phosphor a more secure, efficient, stable Mobile DRM scheme, especially for the mobile operator.

Download ppt "Phosphor A Cloud based DRM Scheme with Sim Card 2010 12 th International Asia-Pacific Web Conference Author : Peng Zou, Chaokun Wang, Zhang Liu, Dalei."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Installation & User Guide

Installation & User Guide
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
GSM Security and Encryption

GSM Security and Encryption
Data Integrity Proofs in Cloud Storage Sravan Kumar R, Ashutosh Saxena Communication Systems and Networks (COMSNETS), 2011 Third International Conference.

Data Integrity Proofs in Cloud Storage Sravan Kumar R, Ashutosh Saxena Communication Systems and Networks (COMSNETS), 2011 Third International Conference.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
A Content Protection Scheme Using MPEG-21 Concepts and Tools Chia-Hsien Lu Feng-Cheng Chang Hsueh-Ming Hang Dept. Electronics Engineering National Chiao.

A Content Protection Scheme Using MPEG-21 Concepts and Tools Chia-Hsien Lu Feng-Cheng Chang Hsueh-Ming Hang Dept. Electronics Engineering National Chiao.
1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.

1 Jeremy Wyant W3C DRM Workshop 23 January 2001 Establishing Security Requirements For DRM Enabled Systems.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Digital Rights Management with Consumer Interests 逢甲大學資工系 教授 李維斌 Nov. 06, 2009.

Digital Rights Management with Consumer Interests 逢甲大學資工系 教授 李維斌 Nov. 06, 2009.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

Similar presentations

Ads by Google