Security specification for conversion technologies of heterogeneous drm systems

Abstract

Digital Right Management (DRM) can be used to prohibit illegal reproduction, and redistribution of digital content, to protect copyrights. However, current DRM systems are incompatible and lack of interoperability which exchange of data, different platform, designed and protected by different content providers. To overcome these drawbacks, three ways of interoperability are full-formation interoperability, connected interoperability, configuration-driven interoperability, allowing consumers to use the purchased content in their equipments of choice. In this paper, we study on the security specification of configuration-driven interoperability for heterogeneous DRM systems, using the Common Criteria. Then, we study security boundary, security environment, security objectives, and rationale of an CTHDS-PP(Conversion Technologies of Heterogeneous DRM Systems Protection Profile) to find important security features. The CTHDS-PP gives a discussion covered the current security problems to conversion technologies and lists threats to solve those problems. Moreover, this CTHDS-PP can be used for potential developers and system integrators, and reviewed and assessed by evaluators. © 2009 Springer Berlin Heidelberg.