一种可信计算支持的DRM系统及其安全协议研究

计算机科学 ›› 2013, Vol. 40 ›› Issue (6): 103-107.

一种可信计算支持的DRM系统及其安全协议研究

王剑,张志勇,俞卫华,杨丽君

河南科技大学电子信息工程学院洛阳471003;河南科技大学电子信息工程学院洛阳471003;河南科技大学电子信息工程学院洛阳471003;河南科技大学电子信息工程学院洛阳471003

出版日期:2018-11-16 发布日期:2018-11-16
基金资助:
本文受国家自然科学基金项目(61003234),河南省科技创新人才计划(134100510011),河南省高等学校科技创新人才计划基金项目(2011HASTIT015)资助

Trusted Computing-enabled DRM System and its Security Protocols

WANG Jian,ZHANG Zhi-yong,YU Wei-hua and YANG Li-jun

Online:2018-11-16 Published:2018-11-16

摘要/Abstract

摘要： 数字版权管理(Digital Rights Management,DRM)系统旨在端到端地保护数字内容的可控使用,然而客户端平台的安全隐患使得数字内容的合理使用受到威胁。在研究可信计算技术的基础上,提出可信计算技术与DRM系统相结合的可信DRM系统的一般结构,并重点阐述了可信计算技术在许可证分发和数字内容使用两个重点环节中的应用。进一步地,设计并提出一个可信DRM系统的身份认证及密钥协商协议,并给出其安全性分析。该协议实现许可证服务器对DRM客户端的身份认证及完整性验证,并产生共享密钥保护数字版权的发放。

关键词: 数字版权管理,可信计算,远程证明,SKAE,认证协议

Abstract: Digital rights management is designed to protect digital content usage from end to end.While,the hidden security problems in client system threaten the reasonable usage of digital contents．Through researching on trusted computing technology,a common architecture of DRM combined with trusted computing was presented．Especially,the application of trusted computing in license distributing and digital content usage was introduced．Then,an identity authentication and key agreement protocol for trusted DRM were designed,and also described with its security analysis．Through the protocol,license server can authenticate the DRM client and validate its integrity．Otherwise,the peer can obtain sharing key to protect the digital license distributing.

Key words: Digital rights management,Trusted computing,Remote attestation,SKAE,Authentication protocol

王剑,张志勇,俞卫华,杨丽君. 一种可信计算支持的DRM系统及其安全协议研究[J]. 计算机科学, 2013, 40(6): 103-107. https://doi.org/

WANG Jian,ZHANG Zhi-yong,YU Wei-hua and YANG Li-jun. Trusted Computing-enabled DRM System and its Security Protocols[J]. Computer Science, 2013, 40(6): 103-107. https://doi.org/

参考文献

[1] Rosenblatt W,Trippe W,Mooney S.Digital Rights Management:Business and Technology[M]．New York:M&T Books,2002
[2] 俞银燕,汤帜．数字版权保护技术研究综述[J]．计算机学报,2005,28(12):1957-1966
[3] 张志勇,牛丹梅．数字版权管理中数字权利使用控制研究进展[J]．计算机科学,2011,38(4):48-54
[4] Stamm S,Sheppsrd N P．Implementing trusted terminals with a TPM and SIDDRM[C]∥Proceedings of REM 2007．2007:73-85
[5] Sadighi A R,Wolf M．Christisn stuble enabling fairer rights management with trusted computing[C]∥Proceedings of ISC 2007．2007:53-70
[6] 邱罡,王玉磊,周利华．基于可信计算的DRM互操作研究[J]．计算机科学,2009,6(1):77-80
[7] Gallery E．Authorisation Issues for Mobile Code in Mobile Systems[D]．London:Royal Holloway,University of London,2007
[8] Grawrock D．TCG Specification Architecture Overview Revision 1.4[EB/OL]．https://www.trusted computinggroup.org/groups/TCG_1.4_Archiecture_Overview.pdf,2011-05-01
[9] Sailer R,Jaeger T,Zhang Xiao-lan,et al．Attestation-based Policy Enforcement for Remote Access[C]∥Proceedings of the 11th ACM conference on Computer and communications security,CCS’04．2004:308-317
[10] TCG Infrastructure Workgroup.Subject Key Attestation Evi-dence Extension Specification Version1.0[EB/OL].http://www.trustedcomputinggroup.org/specs/IWG/IWG_SKAE_Extension_1-00.pdf,2005-06-16
[11] Housley R,Polk W,Ford W,et al．Internet X.509Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (RFC 3280)[Z]．Internet Engineering Task Force,Network Working Group,2002

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed