数字版权管理系统的安全英文文献翻译原文 译文

数字版权管理系统的安全英文文献翻译原文 译文 文献翻译 2010年4月10日 数字版权管理系统的安全 1 引言 最近年通过互联网获取数字媒体已成为普遍现象。公司正在研究如何在互联网上出售其内容(音乐,电影等)而买方不能够进一步销售其产品。数字版权管理(DRM)系统处理这个问题;他们的主要目标是使授权用户能够接受一份数字内容版本的有关条款,为的是使他们被授权而防止所有其他人访问数字内容。这当然并非总是可能的,因此数字版权管理领域也有兴趣在实际的安全,即安全在理论上可能是易碎的,但在实际操作上是可行的(因为成本大于其利润)。 因此,数字版权管理系统立志实现一个安全的目标。他们如何达到这个目标还不明确。尽管各种安全技术正在被数字版权管理系统所使用的,并在DRM系统的使用中被研究,似乎没有评估整个DRM系统的安全性的研究。作为一个系统的各个组成部分的安全不能保证整个系统安全性,这意味着,目前很难了解什么样的安全级别是由数字版权管理系统提供。 应用科学研究组织ITSEF进行硬件和软件产品的安全评价。本文的研究是初步的,浓缩为评价DRM系统安全的。本研究的主要目标是制订一套安全评估,包括一致、相互可比的结果。 2 数字版权管理 本节描述了一般意义上的DRM系统。第一,他们的目标已经被提到,而紧随其后的是数字版权管理系统的技术说明。一个数字版权管理系统的设计当然受 到其在部署过程中的影响。因此,接下来的小节在这方面仔细看看。在最后一个小节,是审查各种用来加强数字版权管理系统安全的技术。 2.1 通用突破式的数字版权管理系统 DRM系统在客户服务器环境下运作。一个分销商提供内容(如音频(音乐),视频(电影),文字(籍),图片(照片))给客户。一般来说,执行分销商实施严密安全测量要比用户容易得多。因此,这边可以被认为是“安全”的而用户的一方可以被认为是“不安全”的。网络作为一个传播媒介。出于安全评价目的,该网络可以被认为是不安全的。 2.2 分销商端 为了保护本系统以外的访问内容,内容存储在一个“安全的容器”里。要访问的内容,需要一个有效的许可证(可以包含在容器里或单独交付)。许可证均以权限表达语言来表达。这些语言(主要基于XML语言)只允许授予的许可权以及拒绝任何其他访问。为了保证互操作性,REL的语义可以被定义在另外基于XML的语言的一个权限数据字典(RDD)里。 保密通信被使用是为了确保内容保持秘密并且可以正确接收。这样可以确保攻击者无法获得安全的容器和陪同执照,这些内容可以被发送到一个合法用户,并确保他们能够正确的接收。 2.3 用户端 几乎在所有情况下,使用了数字版权管理系统的内容提供商需要一个安全的用户端。内容提供商要在用户端执行DRM组件。这些组件包括代码,数据和状态。由于用户端被认为是敌对领域,这些元件在敌对的环境下执行。必须采取措施,以保证代码的正确执行,数据的完整性和状态的完整性。一个防篡改环境, 可以提供这一点。这防篡改环境称为可信计算机(TCB)。一个TCB的职能是作为用于计算的可信赖的第三方。 一个DRM系统可以确保,从开放和包括转换成模拟制式货柜了所有的安全操作步骤按牌照要求。如果没有一个TCB在用户端,有没有办法保证,根据该用户被允许访问内容方面得到满足的方式。 当DRM系统只发送数字内容到用户的版本时,这不需要(或不能)受到保护,用户端也不需要TCB。 3 网络对数字版权管理的影响 DRM在网络上运行,这个网络可能是互联网或手机网络,其他的网络也是有可能(如,电视电缆网络),但是这些并没有在本论文中所提到,一个DRM系统需要考虑的装置,为用户方的行为所约束。一个重要的问题是如何的强大和巩固一个设备上的实施。对于上述网络,这些设备通常是一台电脑和一部手机。这些网络的每一个研究如下。 3.1 互联网 由于计算机可以模拟电脑,他们可以模拟一个是允许访问计算机上的内容。因此,如果用户一旦可以访问内容,就很难阻止他访问他所喜欢的内容。这意味着它是难以体会无需在额外的计算机上的TCB,一个防篡改硬件组件。 然而,数字版权管理方面的实用安全: 很难掌握非法的数位内容只要上述打击是非常困难的(或费时)来执行,该数字版权管理系统的安全性可以为内容提供者可以接受的。 3.2 手机网络 手机有一个短的生命周期??这意味着,引入数字版权管理可以发生(相对) 迅速的硬件支持。再加上硬件的密码(在SIM卡)和减少硬件和软件上的方面,而且显然,DRM系统的技术要求更容易被业界提供移动电话(在个人电脑市场相比)。 然而,手机是有限的设备。他们不是为塑造理想的音频或视频设备(虽然正在改善)。这意味着,可以在手机上浏览的内容将在范围有限。这是难以想象到手机上观看完整的电影。 4 DRM的安全技术支持 DRM系统可以使用各种技术来实现的目标。在本节中,讨论了以下技术:密码学,身份证的技术,跟踪技术,技术合作局,最终可更新性和互操作性。 4.1密码学安全的容器 密码学是用来保护从访问内容和保密通信之间的用户和经销商。为了保护内容,内容是隐藏在一个“安全的容器”里。这个容器是加密,通过访问它以保护所有的DRM系统。 4.2 身份认证技术 内容所有者可以使用内容识别来检测盗用,而用户可以使用它来查找那些他们看到或听到,但他们尚未取得的内容。DRM系统可以采用多种技术来确定内容:添加一个数字ID对象,数字内容可以添加指纹或添加水印。 一个指纹是一个小样本的内容。这可以被发送到一个确定的内容和相应的用户重定向的指纹服务。 水印是由嵌入在数字内容的信息组成。他们不是通过对人类探测的内容回放(如果正确地嵌入),但检测水印发现水印,即使转换为模拟信号。 追踪: 通过嵌入一个水印还可以识别合法获得的信息内容的用户。如果内容是在“野外”发现,水印仍然可以提取和用户鉴定。 可信计算基: TCB可以确保其他的TCB拥有者能够忠实地执行在TCB中的计算,而不必向拥有者揭露秘密。TCB一个典型的例子是荷兰的“chipknip”。 5 DRM安全评价 为了能够评价的DRM系统的安全性,其安全目标需要加以明确说明。对于可能的威胁这一原因需要威胁模型。为了研究安全目标旨在实现DRM系统,该用户端模型将有助于确定安全问题的所有数字版权管理系统需要解决的问题。 由于数字版权管理系统的设计是由他们所部署的网络所影响,因此是威胁模型: 对于Internet,我们使用了强大的威胁模型。攻击者可以打破弱密码,利用弱键,知道通信,控制网络,可以为服务器打破安全自动气象站,拥有完全控制用户端,可以劈在用户端播放软件。 对于手机网络我们使用不太强大的威胁模型。攻击者可以打破弱密码,利用弱键,知道通信协议,不控制网络,不能打入服务器,并没有特别控制用户端,不能劈播放软件。 DRM系统的安全目标,为达到这个目标,是要防止所有的内容不符合从有效的源得到有效的牌照进入上述内容。可以有次要目标(如能够跟踪非法访问的内容返回给买方或能够证明著作权的内容)。本文将不涉次级安全目标。 结论 评价DRM系统的安全是一项复杂的任务。这个问题不解决的,即没有一个 明确的技术解决方案,满足所有的安全需要 - 除其他原因,在这种情况下DRM系 统运作太大变化。 因此,关键的是要理解安全的DRM系统提供。不幸的是,目前的评价方法 是没有能力生产一致,相互可比数字版权管理系统的评价。因此,更把这个课题的 研究是必要的。 SECURITY ASPECTS OF DRM SYSTEMS H.L. Jonker1, S. Mauw1, J.H.S. Verschuren1,2 and A.T.//.oonen2 1 Eindhoven University of Technology, Department of Mathematics and Computer Science E-mail: //.ker@//0>., s.mauw@tue.nl 2 TNO ITSEF BV, Stieltjesweg 1, Delft, E-mail: verschuren, schoonen@//. Introduction Acquiring digital media over the Internet has become commonplace in recent years. Companies are looking into ways to sell their content music, movies, etc. over the Internet without the buyer being able to further distribute the work. Digital Rights Management DRM systems address this; their main goal is to enable authorized users to access a version of digital content on the terms for which they are authorized whilst preventing all other access to digital content. This is of course not always possible, therefore the field of DRM is also interested in practical security, i.e. security that may theoretically be breakable, but in practice will not be because the costs outweigh the benefits. So DRM systems aim to achieve a security goal. How well they achieve this goal is unclear. Although various security techniques are being used by DRM systems and being researched for use in DRM systems, there seems to be little research into evaluating the security of an entire DRM system. As security of the individual components of a system does not guarantee security of the system as a whole, this means that currently it is hard to understand what level of security is offered by a DRM system. TNO ITSEF performs security evaluations of both hardware and software products. This paper is a preliminary and condensed report of research into evaluating the security of DRM systems. The main goal of this research is to devise a security evaluation method that has consistent, reciprocal comparable results. Digital Rights Management This section describes DRM systems in a generic sense. First, their goals are mentioned, followed by a technical description of DRM systems. The design of a DRM system is of course influenced by the context in which it is deployed. Therefore, the next subsection takes a closer look at that context In the last subsection, various techniques are examined which are used to strengthen the security of DRM systems. Generic break-down of DRM systems DRM systems operate in a client-server context. A distributor offers content e.g. audio music, video movies, text books, images photos to customers. Generally speaking, it is far easier to implement stringent security measurements on the distributor's side than on the user's side. Therefore, this side can be considered “secure” and the user's side can be considered “insecure”. A network serves as a communication medium. For purposes of security evaluation, the network can be considered insecure. Distributor's side To protect the content from access outside the system, the content is stored inside a “secure container”. To access the content, a valid license is needed which can be included in the container or delivered separately. Licenses are expressed in Rights Expression Languages. These languages mostly XML-based allow only the rights granted in the license and deny any other access. To ensure interoperability, the semantics of a REL can be defined in a Rights Data Dictionary RDD-another XML-based language. To ensure that the content stays secret and is received correctly, secure communication is used. This assures that attackers cannot obtain a secure container and the accompanying license when these are sent to a legitimate user, and ensures that the user receives them correctlyUser's side In almost all cases, the content provider who uses a DRM system requires a secure environment at the user's side. The content provider wishes to execute DRM components on the user's side. These components consist of code, data and state. Since the user's side is considered hostile territory, these components execute in hostile environment. Measures must be taken to assure correct execution of code, data integrity and state integrity. A tamperproof environment can provide this. This tamperproof environment is referred to as a Trusted Computing Base TCB. A TCB functions as a trusted third party for computing. A DRM system assures that all steps from opening the secure container up to and including conversion into an analogue format operate as required by the license. Without a TCB at the user's side, there is no way of guaranteeing that the terms under which the user is allowed to access the content are met. A TCB is not needed on the user's side, when the DRM system only sends versions of the digital content to the user, which need not or cannot be protected e.g. analogue versions or low-quality versions. Influence of networks on DRM DRM systems operate on a network. This could be the Internet or a cell phone network. Other networks are possible e.g. a cable TV network, but not considered in this paper. A DRM system needs to take into account the constraints of the device which acts as the user's side. An important question is how powerful and secure a TCB implemented on the device is. For the mentioned networks, these devices would typically be a computer and a cell phone. Each of these networks is examined below. Internet As computers can emulate computers, they can emulate a computer which is allowed to access the content. So, if a user can access the content once, it is hard to prevent the user from accessing the content as he pleases. This means that it is hard to realize a TCB on computers without additional, tamperproof hardware components. However, DRM is concerned with practical security: making it too hard to acquire the digital contents illegally. As long as the above attack is too difficult or time-consuming to execute, the security of the DRM system can be acceptable for content-providersCell phone network Cellular phones have a short life cycle which means that introducing hardware support for DRM can happen relatively quickly. Add to this hardware secrets the SIM-card and the closed aspect of the hard- and software in stark contrast to computers, and it is clear that the technological requirements of DRM systems are more easily provided by the mobile phones industry when compared to the PC market However, cell phones are limited devices. They are not ideal devices for portraying either audio or video although improvements are being made. This means that the content that can be accessed on cell phones will be limited in scope. It is hardly imaginable to watch a complete movie on a cell phone. Security supporting techniques of DRM DRM systems can use various techniques to attain sub goals. In this section, the following techniques are discussed: Cryptography, ID techniques, tracing techniques, TCB and finally Updatability & interoperability Cryptography secure container Cryptography is used to protect the content from access and to secure communications between the user and the distributor. To protect content, the content is hidden in a “secure container”. This container is encrypted to protect it from all access except via the DRM system. ID techniques Content owners can use content identification for example to detect theft, whilst users could use this to find content which they have seen or heard but which they have not yet acquired. DRM systems can employ a variety of techniques to identify content: a Digital Object Id can be added, the digital content can be fingerprinted or a watermark can be added. The Digital Object Identification DOI scheme works similar to a bar code-given a cryptic identifier, a server looks up the current location of the content and redirects you there DOI. A fingerprint is a small sample of the content. This can be sent to a fingerprinting service, which identifies the content and redirects the user accordingly Watermarks consist of information embedded in digital content. They are not detectable by humans on playback of the content if correctly embedded, but a watermark detector finds the watermark, even after conversion to analogue. Tracing The information embedded by a watermark could also identify the user who legally acquired the content. If the content is found “in the wild” , the watermark can still be extracted and the user identified. Trusted Computing Base A Trusted Computing Base TCB assures others that the owner of the TCB can execute computations faithfully inside the TCB without exposing secrets to the owner. An example of a TCB is the Dutch “chipknip”. Evaluating DRM Security In order to be able to evaluate the security of DRM systems, their security goals need to be clearly stated. A threat model is needed to reason about possible threats. To study the security goals DRM systems aim to achieve, a model of the user side will help determine security issues all DRM systems need to address As the design of DRM systems is influenced by the network on which they are deployed, so is the threat model: For the internet we use a powerful threat model. The attacker can break weak cryptography, exploit weak keys, knows the communication protocol, controls the network, can break into servers with security flaws, has complete control over the user side and can hack the playback software on the user side. For cell phone networks we use a less powerful threat model. The attacker can break weak cryptography, exploit weak keys, knows the communication protocol, does not control the network, cannot break into servers, has no special control over the user side and cannot hack the playback software. The security goal DRM systems aim to achieve is to prevent all access to the content that does not comply with a valid license obtained from a valid source for said content. There can be secondary goals e.g. the ability to trace illegally accessible content back to the buyer or the ability to prove authorship of content. This paper will not concern itself with secondary security goals. Conclusion Evaluating the security of DRM systems is a complex task. The issue is not solvable, i.e. there is not one definite technical solution that satisfies all security needs - amongst other reasons, the contexts in which DRM systems operate varies too greatly. Therefore, it is crucial to understand the security a DRM system offers. Unfortunately, current evaluation methods are ill-equipped to produce consistent and reciprocally comparable evaluations of DRM systems. Therefore, more research into this topic is needed.