Article

Digital rights management in a 3G mobile phone and beyond

Authors:

Thomas S. Messerges,

Ezzat A. DabbishAuthors Info & Claims

DRM '03: Proceedings of the 3rd ACM workshop on Digital rights management

Pages 27 - 38

https://doi.org/10.1145/947380.947385

Published: 27 October 2003 Publication History

Abstract

In this paper we examine how copyright protection of digital items can be securely managed in a 3G mobile phone and other devices. First, the basic concepts, strategies, and requirements for digital rights management are reviewed. Next, a framework for protecting digital content in the embedded environment of a mobile phone is proposed and the elements in this system are defined. The means to enforce security in this system are described and a novel "Family Domain" approach to content management is introduced. Our new approach uses key sharing to help alleviate bad user experiences that are associated with some rights management systems. Examples outlining the enrollment of devices and the acquisition, rendering, and superdistribution of content are shown. Our proposed system is not only applicable to a mobile phone system, but may also be extended to other embedded systems, such as personal digital assistants, set-top boxes, or personal computers.

References

[1]

3GPP TS 23.057, "3rd Generation Partnership Project; Technical Specification Group Terminals; Mobile Station Application Execution Environment (MExE); Functional description; Stage 2; (Release 4)".

[2]

3GPP TS 23.140, "Multimedia Messaging Service (MMS); Functional description; Stage 2".

[3]

"Advanced Encryption Standard (AES)," FIPS PUB 197, Nov. 2001, Available at: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

[4]

S. Araki, "The Memory Stick," IEEE Micro, vol. 20, issue 4, July-Aug. 2000, pp. 40--46.

Digital Library

[5]

P. Bhagwat, "Bluetooth: Technology for Short-Range Wireless Apps," IEEE Internet Computing, vol. 5, issue 3, May-June 2001, pp. 96--103.

Digital Library

[6]

Willms Buhse, "Implications of Digital Rights Management for Online Music - A Business Perspective," Proceedings of the ACM Workshop in Security and Privacy in Digital Rights Management, associated with ACM CCS'01, Philadelphia, PA, November 2001.

Digital Library

[7]

Business Software Alliance Report, Available: http://www.bsa.org/.

[8]

S. M. Cherry, "Making Music Pay," IEEE Spectrum, vol. 38, issue 10, Oct. 2001, pp. 41--6.

Digital Library

[9]

F. Dahlgren, "Future Mobile Phones - Complex Design Challenges from an Embedded Systems Perspective," Proceedings of the Seventh IEEE International Conference on Engineering of Complex Computer Systems, 2001, pp. 92--4.

Digital Library

[10]

K. Enoki, "i-mode: The Mobile Internet Service of the 21st Century," IEEE International Solid-State Circuits Conference (ISSCC), 2001, pp. 12--5.

[11]

Joan Feigenbaum, Michael J. Freedman, Tomas Sander, and Adam Shostack, "Privacy Engineering for DRM Systems," Proceedings of the ACM Workshop in Security and Privacy in Digital Rights Management, associated with ACM CCS'01, Philadelphia, PA, November 2001.

Digital Library

[12]

Xianjun Geng and A.B. Whinston, "Profiting from Value-Added Wireless Services," Computer, vol. 34, issue 8, Aug. 2001, pp. 87--9.

Digital Library

[13]

GSM 02.09 (ETS 300 506), "Digital Cellular Telecommunications System (Phase 2); Security Aspects," Aug. 2000.

[14]

Anita Hamilton, "The Pirates of Prime Time," Time.com, Feb. 16, 2002, Available: http://www.time.com/time/business/article/0,8599,203498,00.html.

[15]

F. Hartung and F. Ramme, "Digital Rights Management and Watermarking of Multimedia Content for M-Commerce Applications," IEEE Communications Magazine, vol. 38, issue 11, Nov. 2000, pp. 78--84.

Digital Library

[16]

"International Federation of the Phonographic Industry (IFPI) Music Piracy Report," June 2002, Available: http://www.ifpi.org/site-content/library/piracy2002.pdf.

[17]

International Intellectual Property Alliance, "USTR 2002 'Special 301' Decisions and Estimated Trade Losses Due to Copyright Piracy," April 30, 2002, Available: http://www.iipa.com/pdf/2002_Apr30_USTRLOSSES.pdf.

[18]

"JSR-000118 Mobile Information Device Profile Public Review Draft Specification 2.0," Available at: http://java.sun.com.

[19]

Jupiter Media Metrix - Press Release, "Subscriptions Will Account For Almost Two-Thirds Of US Digital Music Sales In 2006," Jan. 15, 2002, Available: http://www.jmm.com/xp/jmm/press/2002/pr_011502.xml.

[20]

N. Koblitz, "Elliptic Curve Cryptosystems," Mathematics of Computation, vol. 48, 1987, pp. 203--9.

[21]

David W. Kravitz, Kim-Ee Yeoh, and Nicol So, "Secure Open Systems Protecting Privacy and Digital Services," Proceedings of the ACM Workshop in Security and Privacy in Digital Rights Management, associated with ACM CCS'01, Philadelphia, PA, November 2001.

Digital Library

[22]

Calvin K. M. Lam and Bernard C. Y. Tan, "The Internet is Changing the Music Industry," Communications of the ACM, vol. 44, issue 8, August 2001, pp. 62--8.

Digital Library

[23]

B.M. Macq and J.-J. Quisquater, "Cryptology for Digital TV Broadcasting," Proceedings of the IEEE, vol. 83, issue 6, June 1995, pp. 944--57.

[24]

Anna Wilde Mathews, Martin Peers and Nick Wingfield, "Music Industry Finally Online - But Listeners Stay Away in Droves," Wall Street Journal, May 7, 2002.

[25]

Ryoichi Mori and Masaji Kawahara, "Superdistribution: The Concept and the Architecture," The Transactions of the IEICE, vol. E 73, no. 7, July 1990.

[26]

Walter S Mossberg, "Sony's Digital Music Clip is Cool, but Treats Users Like Criminals," Wall Street Journal, March 2nd, 2000.

[27]

M.W. Oliphant, "The Mobile Phone Meets the Internet," IEEE Spectrum, vol. 36, issue 8, Aug. 1999, pp. 20--8.

Digital Library

[28]

Benny Pinkas, "Efficient State Updates for Key Management," Proceedings of the ACM Workshop in Security and Privacy in Digital Rights Management, associated with ACM CCS'01, Philadelphia, PA, November 2001.

Digital Library

[29]

"Piracy Blamed for CD Sales Slump," BBC News, Feb. 26, 2002, Available: http://news.bbc.co.uk/hi/english/entertainment/new_media/newsid_1841000/1841768.stm

[30]

R. L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Crypto-systems," Comm. ACM, vol. 21, 1978, pp. 120--126.

Digital Library

[31]

Bill Rosenblatt, Bill Trippe, and Stephen Mooney, "Digital Rights Management: Technology and Business," M&T Books, New York, New York, 2002, pp. 62.

Digital Library

[32]

Thomas Sander, "Golden Times for Digital Rights Management?," Financial Cryptography : 5th International Conference, FC 2001, Grand Cayman, British West Indies, February 2001, pp. 64--74.

Digital Library

[33]

P.B. Schneck, "Persistent Access Control to Prevent Piracy of Digital Information," Proceedings of the IEEE, vol. 87 issue 7, July 1999, pp. 1239--50.

[34]

Secure Digital Music Initiative (SDMI), "SDMI Portable Device Specification," Part 1, ver. 1.0, 1999.

[35]

"Secure Hash Standard (SHS)," FIPS PUB 180-1, April 1995, Available at: http://www.itl.nist.gov/fipspubs/fip180-1.htm.

[36]

See http://odrl.net.

[37]

See: http://www.gnutella.com/.

[38]

See http://www.keitaide-music.org/.

[39]

See: http://www.musiccity.com/.

[40]

See: http://www.openmobilealliance.org/.

[41]

See http://www.xrml.org.

[42]

Mark Stefik, "Letting Loose the Light: Igniting Commerce in Electronic Publication," in Internet Dreams, Mark Stefik ed., MIT Press, 1997, pp. 219--254.

[43]

R Stern, "Napster: A Walking Copyright Infringement?" IEEE Micro, vol. 20 issue 6, Nov.-Dec. 2000, pp. 4--5, 95.

Digital Library

[44]

Wireless Application Protocol, Available: http://www.wapforum.org/.

Cited By

Verma GSingh B(2018)Efficient identity-based blind message recovery signature scheme from pairingsIET Information Security10.1049/iet-ifs.2017.034212:2(150-156)Online publication date: 1-Mar-2018
https://doi.org/10.1049/iet-ifs.2017.0342
Yang HYang CLin W(2013)Enhanced digital rights management authentication scheme based on smart cardIET Information Security10.1049/iet-ifs.2012.01917:3(189-194)Online publication date: Sep-2013
https://doi.org/10.1049/iet-ifs.2012.0191
Suoranta SAndrade AAura T(2012)Strong authentication with mobile phoneProceedings of the 15th international conference on Information Security10.1007/978-3-642-33383-5_5(70-85)Online publication date: 19-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-33383-5_5
Show More Cited By

Index Terms

Digital rights management in a 3G mobile phone and beyond
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Achieving media portability through local content translation and end-to-end rights management
DRM '05: Proceedings of the 5th ACM workshop on Digital rights management

The problem addressed in this paper is that of DRM interoperability. The term DRM interoperability, as used here, refers to approaches that provide for the transfer, from one "upstream" DRM system to another "downstream" DRM system, of DRM protected ...
Digital rights management using a mobile phone
ICEC '07: Proceedings of the ninth international conference on Electronic commerce

This paper focuses on the problem of preventing illegal copying of digital assets without jeopardising the right of legitimate licence holders to transfer content between their own devices, which make up a domain. Our novel idea involves the use of a ...
Experiencing Digital Rights Management in Mobile Environments
AXMEDIS '08: Proceedings of the 2008 International Conference on Automated solutions for Cross Media Content and Multi-channel Distribution

Content consumption in mobile devices is no longer limited to ringtones, games or images. The increasing capabilities of new mobile devices include now music and video clips. The content sent to the mobile device and even content created from devices ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DRM '03: Proceedings of the 3rd ACM workshop on Digital rights management

October 2003

161 pages

ISBN:1581137869

DOI:10.1145/947380

General Chairs:
Joan Feigenbaum
Yale University
,
Tomas Sander
HP Labs
,
Program Chair:
Moti Yung
Columbia University

Copyright © 2003 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2003

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS03

Sponsor:

CCS03: Tenth ACM Conference on Computer and Communications Security 2003

October 27, 2003

DC, Washington, USA

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

32
Total Citations
View Citations
4,308
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Verma GSingh B(2018)Efficient identity-based blind message recovery signature scheme from pairingsIET Information Security10.1049/iet-ifs.2017.034212:2(150-156)Online publication date: 1-Mar-2018
https://doi.org/10.1049/iet-ifs.2017.0342
Yang HYang CLin W(2013)Enhanced digital rights management authentication scheme based on smart cardIET Information Security10.1049/iet-ifs.2012.01917:3(189-194)Online publication date: Sep-2013
https://doi.org/10.1049/iet-ifs.2012.0191
Suoranta SAndrade AAura T(2012)Strong authentication with mobile phoneProceedings of the 15th international conference on Information Security10.1007/978-3-642-33383-5_5(70-85)Online publication date: 19-Sep-2012
https://dl.acm.org/doi/10.1007/978-3-642-33383-5_5
Furini M(2011)Mobile music distributionAdvances in Multimedia10.1155/2011/7061642011(6-6)Online publication date: 1-Jan-2011
https://dl.acm.org/doi/10.1155/2011/706164
Theera-angkananon KBhattarakosol P(2010)BENPro: A blinding protection method in digital right management5th International Conference on Computer Sciences and Convergence Information Technology10.1109/ICCIT.2010.5711113(533-538)Online publication date: Nov-2010
https://doi.org/10.1109/ICCIT.2010.5711113
Barhoush MAtwood J(2010)Requirements for enforcing digital rights management in multicast content distributionTelecommunications Systems10.1007/s11235-009-9231-445:1(3-20)Online publication date: 1-Sep-2010
https://dl.acm.org/doi/10.1007/s11235-009-9231-4
Sheppard N(2010)Distributing Sensitive Information in the MPEG‐21 Multimedia FrameworkThe Handbook of MPEG Applications10.1002/9780470974582.ch18(433-454)Online publication date: 4-Oct-2010
https://doi.org/10.1002/9780470974582.ch18
Sheppard NSafavi-Naini RJafari M(2009)A digital rights management model for healthcareProceedings of the 10th IEEE international conference on Policies for distributed systems and networks10.5555/1812664.1812689(106-109)Online publication date: 20-Jul-2009
https://dl.acm.org/doi/10.5555/1812664.1812689
Seong Oun Hwang (2009)Content and Service Protection for IPTVIEEE Transactions on Broadcasting10.1109/TBC.2009.202044655:2(425-436)Online publication date: Jun-2009
https://doi.org/10.1109/TBC.2009.2020446
Abbadi IAlawneh M(2009)Replay Attack of Dynamic Rights within an Authorised DomainProceedings of the 2009 Third International Conference on Emerging Security Information, Systems and Technologies10.1109/SECURWARE.2009.30(148-154)Online publication date: 18-Jun-2009
https://dl.acm.org/doi/10.1109/SECURWARE.2009.30
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents